| |
| |||||||
Log-Analyse und Auswertung: search.b1.org im Firefox und Explorer für XPWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
27.04.2013, 10:43
| #1 |
 |  search.b1.org im Firefox und Explorer für XP Hallo zusammen, jetzt ist es mir auch passiert.  Ich wollte mir eine mp3 Datei heruntergeladen und als ich diese öffnete nistete sich dieses search.b1 im firefox und explorer ein. Als ich bemerkte das die mp3 nicht zu starten geht shredderte ich diese mit dem G Data. Wenn ich nun ff starte, lande ich immer bei dieser search Seite. In den Einstellungen für ff habe ich google wieder als Startseite eingerichtet. Nur der explorer stellt sich noch quer. Ganz wohl ist mir bei der Sache aber nicht. Im Rechner kann ich nix finden. Meine Suche im Netz führte mich zu euch. Mein PC ist schon etwas älter (quasi ein Rentner / 9 Jahre alt). Windows XP SP3 Defogger und OTL habe ich bereits laufen lassen. Die Ergebnisse stehen unten. Vielen Dank für eure Hilfe. Die defogger_disable Datei: defogger_disable by jpshortstuff (23.02.10.1) Log created at 00:14 on 27/04/2013 (Matti) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- Die OTL Datei:OTL Logfile: Code:
ATTFilter OTL logfile created on: 27.04.2013 00:19:51 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Matti\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,15 Gb Available Physical Memory | 57,57% Memory free 3,85 Gb Paging File | 3,04 Gb Available in Paging File | 78,90% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 29,29 Gb Total Space | 14,75 Gb Free Space | 50,34% Space Free | Partition Type: NTFS Drive D: | 156,55 Gb Total Space | 114,30 Gb Free Space | 73,01% Space Free | Partition Type: NTFS Computer Name: MATTHIAS | User Name: Matti | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.04.27 00:14:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Matti\Desktop\OTL.exe PRC - [2013.04.12 18:29:57 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe PRC - [2013.04.04 05:32:53 | 000,181,664 | ---- | M] (Oracle Corporation) -- D:\Programme\java\jre7\bin\jqs.exe PRC - [2013.01.09 14:01:22 | 001,035,216 | ---- | M] (G Data Software AG) -- D:\Programme\G Data\InternetSecurity\AVKTray\AVKTray.exe PRC - [2012.11.30 06:08:20 | 001,584,624 | ---- | M] (G Data Software AG) -- D:\Programme\G Data\InternetSecurity\AVK\AVKWCtl.exe PRC - [2012.11.29 06:20:10 | 001,475,096 | ---- | M] (G Data Software AG) -- D:\Programme\G Data\InternetSecurity\Firewall\GDFirewallTray.exe PRC - [2012.11.29 06:13:47 | 001,914,760 | ---- | M] (G Data Software AG) -- D:\Programme\G Data\InternetSecurity\Firewall\GDFwSvc.exe PRC - [2012.11.29 05:49:49 | 001,548,312 | ---- | M] (G Data Software AG) -- C:\Programme\Gemeinsame Dateien\G Data\AVKProxy\AVKProxy.exe PRC - [2012.11.29 05:47:08 | 000,469,016 | ---- | M] (G Data Software AG) -- D:\Programme\G Data\InternetSecurity\AVK\AVKService.exe PRC - [2012.03.29 04:42:27 | 000,470,008 | ---- | M] (G Data Software AG) -- C:\Programme\Gemeinsame Dateien\G Data\GDScan\GDScan.exe PRC - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2008.04.14 14:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe ========== Modules (No Company Name) ========== MOD - [2013.04.26 21:56:26 | 002,086,912 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\G Data\AVKScanP\Avast5\defs\13042601\algo.dll MOD - [2013.04.12 18:29:55 | 003,133,336 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll MOD - [2012.12.18 16:28:26 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU MOD - [2008.04.14 14:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll ========== Services (SafeList) ========== SRV - [2013.04.12 18:29:56 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.04.04 05:32:53 | 000,181,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- D:\Programme\java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2012.11.30 06:08:20 | 001,584,624 | ---- | M] (G Data Software AG) [Auto | Running] -- D:\Programme\G Data\InternetSecurity\AVK\AVKWCtl.exe -- (AVKWCtl) SRV - [2012.11.29 06:13:47 | 001,914,760 | ---- | M] (G Data Software AG) [On_Demand | Running] -- D:\Programme\G Data\InternetSecurity\Firewall\GDFwSvc.exe -- (GDFwSvc) SRV - [2012.11.29 05:49:49 | 001,548,312 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\G Data\AVKProxy\AVKProxy.exe -- (AVKProxy) SRV - [2012.11.29 05:47:08 | 000,469,016 | ---- | M] (G Data Software AG) [Auto | Running] -- D:\Programme\G Data\InternetSecurity\AVK\AVKService.exe -- (AVKService) SRV - [2012.03.29 04:42:27 | 000,470,008 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Programme\Gemeinsame Dateien\G Data\GDScan\GDScan.exe -- (GDScan) SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2004.03.18 16:55:48 | 000,065,536 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2013.01.11 16:32:22 | 000,047,264 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\HookCentre.sys -- (HookCentre) DRV - [2013.01.08 18:23:28 | 000,053,536 | ---- | M] (G Data Software AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\GDTdiIcpt.sys -- (GDTdiInterceptor) DRV - [2013.01.08 18:23:27 | 000,093,600 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\MiniIcpt.sys -- (GDMnIcpt) DRV - [2013.01.08 18:23:27 | 000,042,016 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\GDBehave.sys -- (GDBehave) DRV - [2012.12.28 19:49:07 | 000,069,552 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\GRD.sys -- (GRD) DRV - [2012.12.11 19:58:09 | 000,030,200 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\GDNdisIc.sys -- (GDNdisIc) DRV - [2008.04.14 01:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2006.11.10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc) DRV - [2005.09.30 06:52:22 | 000,013,056 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2005.09.30 06:52:20 | 000,034,048 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2004.06.03 04:40:46 | 000,079,360 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvatabus.sys -- (nvatabus) DRV - [2004.04.03 00:40:00 | 000,021,760 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nv_agp.SYS -- (nv_agp) DRV - [2001.08.17 15:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401) DRV - [2001.08.17 14:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?crg=4.0007002" IE - HKLM\..\SearchScopes,DefaultScope = {1A1653E4-A5CB-4A09-8B31-D4DE7FC796BF} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{1A1653E4-A5CB-4A09-8B31-D4DE7FC796BF}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=4.0007002" IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.b1.org/?bsrc=hmior&chid=c167991 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.b1.org/?bsrc=hmior&chid=c167991 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Before = hxxp://www.google.de/ IE - HKCU\..\SearchScopes,DefaultScope = {1A1653E4-A5CB-4A09-8B31-D4DE7FC796BF} IE - HKCU\..\SearchScopes\{1A1653E4-A5CB-4A09-8B31-D4DE7FC796BF}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_deDE482 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Search Results" FF - prefs.js..browser.search.order.1: "Search Results" FF - prefs.js..browser.search.selectedEngine: "Search Results" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledAddons: battlefieldheroespatcher%40ea.com:5.0.140.0 FF - prefs.js..extensions.enabledAddons: personas%40christopher.beard:1.7.2 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - prefs.js..keyword.URL: "hxxp://dts.search-results.com/sr?src=ffb&appid=161&systemid=406&sr=0&q=" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: D:\Programme\java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Programme\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Dokumente und Einstellungen\Matti\Lokale Einstellungen\Anwendungsdaten\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013.04.12 18:29:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.09.27 21:44:18 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\Mozilla\Extensions [2013.04.23 18:53:13 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\Mozilla\Firefox\Profiles\p16naaqc.default\extensions [2012.07.17 14:14:58 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\Mozilla\Firefox\Profiles\p16naaqc.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} [2012.05.18 15:55:30 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\Mozilla\Firefox\Profiles\p16naaqc.default\extensions\battlefieldheroespatcher@ea.com [2013.04.23 18:53:13 | 000,340,614 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\Mozilla\Firefox\Profiles\p16naaqc.default\extensions\personas@christopher.beard.xpi [2013.02.14 21:41:44 | 000,817,280 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\Mozilla\Firefox\Profiles\p16naaqc.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011.12.31 00:10:36 | 000,000,933 | ---- | M] () -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\Mozilla\Firefox\Profiles\p16naaqc.default\searchplugins\11-suche.xml [2011.12.31 00:10:37 | 000,002,419 | ---- | M] () -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\Mozilla\Firefox\Profiles\p16naaqc.default\searchplugins\englische-ergebnisse.xml [2011.12.31 00:10:36 | 000,010,525 | ---- | M] () -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\Mozilla\Firefox\Profiles\p16naaqc.default\searchplugins\gmx-suche.xml [2011.12.31 00:10:37 | 000,002,457 | ---- | M] () -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\Mozilla\Firefox\Profiles\p16naaqc.default\searchplugins\lastminute.xml [2012.06.10 03:33:18 | 000,002,519 | ---- | M] () -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\Mozilla\Firefox\Profiles\p16naaqc.default\searchplugins\Search_Results.xml [2012.04.29 11:03:15 | 000,003,930 | ---- | M] () -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\Mozilla\Firefox\Profiles\p16naaqc.default\searchplugins\sweetim.xml [2011.12.31 00:10:36 | 000,005,508 | ---- | M] () -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\Mozilla\Firefox\Profiles\p16naaqc.default\searchplugins\webde-suche.xml [2013.04.12 18:29:13 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2013.04.12 18:29:11 | 000,000,000 | ---D | M] (G Data BankGuard) -- C:\Programme\Mozilla Firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad} [2013.04.12 18:29:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013.04.12 18:29:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013.04.12 18:29:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2013.04.12 18:29:57 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll [2012.06.17 12:24:12 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.08.29 23:13:03 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml [2012.06.17 12:24:12 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2012.06.17 12:24:12 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2012.06.10 03:33:18 | 000,002,519 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\Search_Results.xml [2012.06.17 12:24:12 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2012.06.17 12:24:12 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2008.04.14 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Programme\java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (no name) - {9D717F81-9148-4f12-8568-69135F087DB0} - No CLSID value found. O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.) O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Programme\Gemeinsame Dateien\G Data\AVKProxy\BanksafeBHO.dll (G Data Software AG) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Programme\java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) O4 - HKLM..\Run: [G Data AntiVirus Tray Application] D:\Programme\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG) O4 - HKLM..\Run: [GDFirewallTray] D:\Programme\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Oracle Corporation) O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class) O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.137.0.cab (Battlefield Heroes Updater) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 10.21.2) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 10.21.2) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CADB96D7-DE52-482E-95A9-7AE52D58F2D1}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Programme\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Matti\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Matti\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011.09.23 20:03:06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{f1d03140-e6e4-11e0-8363-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{f1d03140-e6e4-11e0-8363-806d6172696f}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{f1d03140-e6e4-11e0-8363-806d6172696f}\Shell\AutoRun\command - "" = E:\Bin\assetup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.04.27 00:14:44 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Matti\Desktop\OTL.exe [2013.04.26 20:54:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Matti\Lokale Einstellungen\Anwendungsdaten\B1E [2013.04.26 20:54:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\B1Toolbar [2013.04.26 19:57:23 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java [2013.04.12 18:29:07 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox [2013.04.06 14:21:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Matti\Lokale Einstellungen\Anwendungsdaten\ArcSoft [2013.04.06 14:21:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ArcSoft Connect [2013.04.06 14:20:23 | 000,018,688 | ---- | C] (Arcsoft, Inc.) -- C:\WINDOWS\System32\drivers\afc.sys [2013.04.06 14:20:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ArcSoft MediaImpression [2013.04.06 14:20:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ArcSoft [2013.04.06 14:19:03 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\ArcSoft [2013.04.06 14:18:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\ArcSoft [2013.04.06 14:15:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.04.27 04:34:54 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013.04.27 01:32:38 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013.04.27 00:16:14 | 000,377,856 | ---- | M] () -- C:\Dokumente und Einstellungen\Matti\Desktop\gmer_2.1.19163.exe [2013.04.27 00:14:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Matti\Desktop\OTL.exe [2013.04.27 00:13:31 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Matti\defogger_reenable [2013.04.27 00:12:41 | 000,649,730 | ---- | M] () -- C:\Dokumente und Einstellungen\Matti\Desktop\hilfe.xps [2013.04.26 23:58:03 | 000,050,477 | ---- | M] () -- C:\Dokumente und Einstellungen\Matti\Desktop\Defogger.exe [2013.04.26 23:27:25 | 001,053,618 | ---- | M] () -- C:\WINDOWS\System32\sig.bin [2013.04.26 23:27:25 | 000,054,442 | ---- | M] () -- C:\WINDOWS\System32\nmp.map [2013.04.26 16:17:19 | 000,182,038 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2013.04.26 16:17:13 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013.04.26 16:17:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013.04.26 16:17:08 | 2146,750,464 | -HS- | M] () -- C:\hiberfil.sys [2013.04.10 23:57:59 | 000,120,544 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013.04.10 23:01:23 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013.04.06 14:20:09 | 000,000,826 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Media Impression.lnk [2013.04.01 14:35:09 | 000,448,898 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2013.04.01 14:35:09 | 000,432,784 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013.04.01 14:35:09 | 000,080,338 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2013.04.01 14:35:09 | 000,067,740 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.04.27 00:16:14 | 000,377,856 | ---- | C] () -- C:\Dokumente und Einstellungen\Matti\Desktop\gmer_2.1.19163.exe [2013.04.27 00:13:31 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Matti\defogger_reenable [2013.04.27 00:12:35 | 000,649,730 | ---- | C] () -- C:\Dokumente und Einstellungen\Matti\Desktop\hilfe.xps [2013.04.26 23:58:00 | 000,050,477 | ---- | C] () -- C:\Dokumente und Einstellungen\Matti\Desktop\Defogger.exe [2013.04.06 21:43:56 | 000,040,960 | ---- | C] () -- C:\WINDOWS\unVC51Z.dll [2013.04.06 14:20:09 | 000,000,826 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Media Impression.lnk [2012.07.16 13:34:21 | 000,104,634 | ---- | C] () -- C:\WINDOWS\hpoins04.dat [2012.07.16 13:34:21 | 000,017,176 | ---- | C] () -- C:\WINDOWS\hpomdl04.dat [2012.05.14 19:36:09 | 000,086,528 | ---- | C] () -- C:\WINDOWS\bnetunin.exe [2012.05.12 09:12:59 | 000,000,103 | ---- | C] () -- C:\WINDOWS\wiso.ini [2012.04.09 14:42:12 | 000,139,080 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2012.04.09 14:41:47 | 000,270,240 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe [2012.04.09 14:41:36 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe [2012.03.20 23:22:48 | 000,004,608 | ---- | C] () -- C:\Dokumente und Einstellungen\Matti\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.03.04 19:30:55 | 000,138,056 | ---- | C] () -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\PnkBstrK.sys [2011.09.24 20:53:14 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2011.09.24 20:51:59 | 000,120,544 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011.09.24 15:38:39 | 001,053,618 | ---- | C] () -- C:\WINDOWS\System32\sig.bin [2011.09.23 20:19:48 | 000,004,557 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2011.09.23 20:19:47 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2011.09.23 20:05:11 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2011.09.23 19:59:57 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat ========== ZeroAccess Check ========== [2012.05.12 09:07:03 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2011.06.21 20:18:34 | 001,510,400 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2012.06.10 03:33:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\boost_interprocess [2012.05.12 09:05:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Buhl Data Service GmbH [2012.03.18 19:38:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\elsterformular [2012.12.11 20:46:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\G DATA [2013.04.26 20:54:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\B1Toolbar [2012.03.18 19:38:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\elsterformular [2011.10.02 10:18:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\OpenOffice.org [2012.06.10 03:36:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\searchquband [2013.02.24 16:55:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\TS3Client [2011.09.24 15:52:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\Unity [2012.02.19 11:25:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\wargaming.net ========== Purity Check ========== < End of report > und der Extra txt:OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 27.04.2013 00:19:51 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Matti\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,15 Gb Available Physical Memory | 57,57% Memory free
3,85 Gb Paging File | 3,04 Gb Available in Paging File | 78,90% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 29,29 Gb Total Space | 14,75 Gb Free Space | 50,34% Space Free | Partition Type: NTFS
Drive D: | 156,55 Gb Total Space | 114,30 Gb Free Space | 73,01% Space Free | Partition Type: NTFS
Computer Name: MATTHIAS | User Name: Matti | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"D:\Programme\UnityWebPlayer.exe" = D:\Programme\UnityWebPlayer.exe:*:Disabled:UnityWebPlayer
"C:\WINDOWS\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"D:\Programme\Flagship Studios\Hellgate London\Launcher.exe" = D:\Programme\Flagship Studios\Hellgate London\Launcher.exe:*:Enabled:Hellgate: London -- (Flagship Studios)
"C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA -- ()
"C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- ()
"C:\Programme\Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe" = C:\Programme\Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe:*:Enabled:DTX broker
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}" = WISO Steuer-Sparbuch 2011
"{0DA1A27E-0616-45DA-A85F-61623046624A}" = 5.0M DigitalCAM
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F63ED0B-EDD2-4037-B6AB-1358C624AF48}" = Scan
"{21E75254-410E-49C4-8981-2E1A2A2221F2}" = HP Diagnostic Assistant
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2405665A-16C9-4D3A-B70E-F006220E1472}" = Overland
"{267868CE-6DFF-40F7-9C58-C01119B7B117}" = Fax
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 37
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{2F71F2BA-B513-4113-969C-18A84D238E27}" = 1310
"{34A59AC3-6C5C-4A09-A7F5-369A37176C8A}" = AiOSoftware
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{41254D7B-EADF-4078-AE4A-BD73B300EE86}" = Unload
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{457791C5-D702-4143-A7B2-2744BE9573F2}" = HP Software Update
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{597D73A8-5FDB-4bc1-9893-40B54459F1BC}" = ProductContext
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{80413011-029C-4D6B-B3AD-725DDE60B81C}" = 1310Trb
"{86107E2D-DFB9-46BC-99ED-07EACAEE0923}" = G Data InternetSecurity 2013
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9EC9754D-CA34-4293-B5DB-3BD245A88A43}" = ArcSoft MediaImpression
"{A1062847-0846-427A-92A1-BB8251A91E91}" = HP PSC & OfficeJet 4.2
"{A2500497-FD32-493e-B8E5-28D6728DBEF5}" = Readme
"{A2B4455D-1046-4732-BFBC-0821BEFC07BC}" = Hellgate: London
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4EA3AB4-E78C-4286-96DF-26035507CE55}" = AiO_Scan
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{B3D5D4E0-E965-41C4-ABFD-A7B1AD0663C2}" = Director
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{BF018D2F-C788-4AB1-AB95-1280EAB8F13E}" = TrayApp
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E21658D0-8C83-4ADD-937B-6ED07F335ABA}" = 1310Tour
"{E90BEB5B-CFA0-418E-9ABB-4C4A7B0D9483}" = 1310_Help
"{EC8673DA-F96B-497E-B2DB-BC7B029FD680}" = BufferChm
"{F4F47155-5B4D-42AA-97F8-490BC52EA7F3}" = Destinations
"{F65787F3-B356-45EC-8DD0-0E6758EDBCEE}" = WebReg
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Battle.net" = Battle.net
"CCleaner" = CCleaner
"Drakensang_is1" = Drakensang
"ElsterFormular 13.1.1.8479p" = ElsterFormular
"FormatFactory" = FormatFactory 2.95
"HP Photo & Imaging" = HP Image Zone 4.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NVIDIA Drivers" = NVIDIA Drivers
"PunkBusterSvc" = PunkBuster Services
"Siedler3Deinstall" = Siedler3
"SystemRequirementsLab" = System Requirements Lab
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Venetica_is1" = Venetica
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ System Events ]
Error - 19.02.2013 10:20:09 | Computer Name = MATTHIAS | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.2.36 für die Netzwerkkarte mit der Netzwerkadresse
002522B007EA wurde durch den DHCP-Server 192.168.2.1 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
Error - 24.02.2013 16:41:24 | Computer Name = MATTHIAS | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
\Device\NetBT_Tcpip_{CADB96D7-DE52-482E-95A9-7AE52D58F2D1} vom Serverdienst nicht
gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error - 25.02.2013 00:40:27 | Computer Name = MATTHIAS | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.2.36 für die Netzwerkkarte mit der Netzwerkadresse
002522B007EA wurde durch den DHCP-Server 192.168.2.1 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
Error - 01.03.2013 19:54:54 | Computer Name = MATTHIAS | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.2.36 für die Netzwerkkarte mit der Netzwerkadresse
002522B007EA wurde durch den DHCP-Server 192.168.2.1 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
Error - 01.03.2013 19:59:23 | Computer Name = MATTHIAS | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
\Device\NetBT_Tcpip_{CADB96D7-DE52-482E-95A9-7AE52D58F2D1} vom Serverdienst nicht
gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error - 02.03.2013 09:35:59 | Computer Name = MATTHIAS | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
\Device\NetBT_Tcpip_{CADB96D7-DE52-482E-95A9-7AE52D58F2D1} vom Serverdienst nicht
gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error - 02.03.2013 12:09:12 | Computer Name = MATTHIAS | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
\Device\NetBT_Tcpip_{CADB96D7-DE52-482E-95A9-7AE52D58F2D1} vom Serverdienst nicht
gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error - 13.03.2013 17:32:39 | Computer Name = MATTHIAS | Source = DCOM | ID = 10010
Description = Der Server "{4EB61BAC-A3B6-4760-9581-655041EF4D69}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 17.03.2013 03:35:41 | Computer Name = MATTHIAS | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.2.36 für die Netzwerkkarte mit der Netzwerkadresse
002522B007EA wurde durch den DHCP-Server 192.168.2.1 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
Error - 08.04.2013 02:32:42 | Computer Name = MATTHIAS | Source = DCOM | ID = 10010
Description = Der Server "{4EB61BAC-A3B6-4760-9581-655041EF4D69}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
< End of report >
Schritt 1 und Schritt 2 habe ich erledigt. Schritt 3 mit GMER läßt sich bei mir nicht ausführen. Während des Scanvorgangs legt mein PC immer einen Neustart hin sobald er im scan bei netbios ankommt. Mache ich hier etwas falsch? bei IAT/EAT ist kein Haken gesetzt bei Show all ist kein Haken gesetzt bei C und D (habe die Platte geteilt) ist bei beiden ein Haken PC ist vom Netz getrennt, keine Firewall an, kein Anti-Virenprogramm oder sonstiges an |
|
27.04.2013, 17:57
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | search.b1.org im Firefox und Explorer für XP Hallo und
__________________ Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die jemals fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
27.04.2013, 22:01
| #3 |
| | search.b1.org im Firefox und Explorer für XP Genau das macht mir ja Kopfzerbrechen.
__________________Keines der von mir benutzten Programme und Helfer hat etwas gefunden. Das heist aber bekanntlich nicht, das nix da is. Die Frage ist, wie spüre ich die Plage auf? Nicht umsonst schreibt etwas meine Eigenschaften der Browser um damit ich auf diese Dubiose Startseite geleitet werde. Mein PC zickt nicht rum und macht auch sonst keine Anstallten dass etwas nicht stimmen könnte. Und seit ich Google wieder als Startseite eingetragen habe, ist nichts mehr vorgefallen. Bisher habe ich: - alle alten Versionen von Java gelöscht, bis auf die aktuelle 7 - G Data den PC mehrmals durchsuchen lassen - Malware runtergeladen und gestartet (Quick-scan) - Festplatte bereinigt - Internet Explorer vom PC verbannt (erst vor wenigen Minuten) Hier auch der Ausdruck von Malware: Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.04.27.02 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Matti :: MATTHIAS [Administrator] Schutz: Aktiviert 27.04.2013 12:32:58 mbam-log-2013-04-27 (12-32-58).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 193721 Laufzeit: 9 Minute(n), 48 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Wie kann ich sicher sein das nicht doch etwas da ist?  |
|
28.04.2013, 19:22
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | search.b1.org im Firefox und Explorer für XP Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Bitte nochmal GMER probieren, dann MBAR: Rootkitscan mit GMER Bitte lade dir  GMER herunter: (Dateiname zufällig)
Tauchen Probleme auf?
Anschließend bitte MBAR ausführen: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
29.04.2013, 20:11
| #5 |
| | search.b1.org im Firefox und Explorer für XP Habe GMER erneut heruntergeladen und gestartet. Beim Start keine Fehlermeldung erhalten. Entferne rechts den Haken bei: IAT/EAT und Show All Erledigt... Setze den Haken bei Quickscan und entferne ihn bei allen anderen Laufwerken. Erledigt... Starte den Scan mit "Scan".Bis hier hin, keine Probleme oder Fehlermeldungen. Mache nichts am Computer während der Scan läuft. Der Scan bricht nach 5sec ab und der PC fährt neu hoch. Wenn der Scan fertig ist klicke auf Save und speichere die Logfile unter Gmer.txt auf deinem Desktop. Mit "Ok" wird GMER beendet. Antiviren-Programm und sonstige Scanner wieder einschalten, bevor Du ins Netz gehst! Tauchen Probleme auf? Ja Probiere alternativ den abgesicherten Modus. Habe ich gemacht -> Bluescreen Erhältst du einen Bluescreen, dann entferne den Haken vor Devices. Dann ging der Scan los und bei "C:\WINDOWS\system32\winlogon.exe" war auch schon wieder Schluss. Der PC fuhr erneut hoch. Das ganze habe ich mehrmals versucht (als Nutzer und als Admin), immer mit dem gleichen Ergebnis. Welche Möglichkeiten habe ich noch? Mein PC ist halt etwas widerspenstig...  Geändert von abbelgriebs (29.04.2013 um 20:19 Uhr) |
|
30.04.2013, 21:12
| #7 |
| | search.b1.org im Firefox und Explorer für XP Habe Malware laufen lassen, ich bin froh dass es nichts gefunden hat. Verunsichert bin ich dennoch! Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org
Database version: v2013.04.30.05
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Matti :: MATTHIAS [administrator]
30.04.2013 18:42:50
mbar-log-2013-04-30 (18-42-50).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 25026
Time elapsed: 24 minute(s), 8 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
|
|
01.05.2013, 00:15
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | search.b1.org im Firefox und Explorer für XP aswMBR Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.05.2013, 18:22
| #9 |
| | search.b1.org im Firefox und Explorer für XP aswMBR Code:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-05-02 18:52:16
-----------------------------
18:52:16.187 OS Version: Windows 5.1.2600 Service Pack 3
18:52:16.187 Number of processors: 1 586 0xC00
18:52:16.187 ComputerName: MATTHIAS UserName: Matti
18:52:16.390 Initialze error C000010E - driver not loaded
18:52:16.437 write error "aswCmnB.dll". Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
18:58:12.703 AVAST engine defs: 13050200
18:59:10.390 Service scanning
18:59:31.500 Modules scanning
18:59:31.500 Disk 0 trace - called modules:
18:59:31.500
18:59:31.734 AVAST engine scan C:\WINDOWS
18:59:37.171 AVAST engine scan C:\WINDOWS\system32
19:01:55.515 AVAST engine scan C:\WINDOWS\system32\drivers
19:02:03.281 AVAST engine scan C:\Dokumente und Einstellungen\Matti
19:03:08.968 AVAST engine scan C:\Dokumente und Einstellungen\All Users
19:03:14.140 Scan finished successfully
19:04:26.609 The log file has been saved successfully to "C:\Dokumente und Einstellungen\Matti\Eigene Dateien\aswMBR.txt"
Code:
ATTFilter 19:06:43.0234 3284 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:06:43.0265 3284 ============================================================
19:06:43.0265 3284 Current date / time: 2013/05/02 19:06:43.0265
19:06:43.0265 3284 SystemInfo:
19:06:43.0265 3284
19:06:43.0265 3284 OS Version: 5.1.2600 ServicePack: 3.0
19:06:43.0265 3284 Product type: Workstation
19:06:43.0265 3284 ComputerName: MATTHIAS
19:06:43.0265 3284 UserName: Matti
19:06:43.0265 3284 Windows directory: C:\WINDOWS
19:06:43.0265 3284 System windows directory: C:\WINDOWS
19:06:43.0265 3284 Processor architecture: Intel x86
19:06:43.0265 3284 Number of processors: 1
19:06:43.0265 3284 Page size: 0x1000
19:06:43.0265 3284 Boot type: Normal boot
19:06:43.0265 3284 ============================================================
19:06:43.0656 3284 Drive \Device\Harddisk0\DR0 - Size: 0x2E93E36000 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:06:43.0656 3284 ============================================================
19:06:43.0656 3284 \Device\Harddisk0\DR0:
19:06:43.0656 3284 MBR partitions:
19:06:43.0656 3284 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A962B1
19:06:43.0687 3284 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3B8572A, BlocksNum 0x13918697
19:06:43.0687 3284 ============================================================
19:06:43.0718 3284 D: <-> \Device\Harddisk0\DR0\Partition2
19:06:43.0734 3284 C: <-> \Device\Harddisk0\DR0\Partition1
19:06:43.0734 3284 ============================================================
19:06:43.0734 3284 Initialize success
19:06:43.0734 3284 ============================================================
19:09:23.0968 1396 ============================================================
19:09:23.0968 1396 Scan started
19:09:23.0968 1396 Mode: Manual;
19:09:23.0968 1396 ============================================================
19:09:24.0156 1396 ================ Scan system memory ========================
19:09:24.0156 1396 System memory - ok
19:09:24.0156 1396 ================ Scan services =============================
19:09:24.0250 1396 Abiosdsk - ok
19:09:24.0265 1396 abp480n5 - ok
19:09:24.0328 1396 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe
19:09:24.0328 1396 ACDaemon - ok
19:09:24.0375 1396 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:09:24.0375 1396 ACPI - ok
19:09:24.0406 1396 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
19:09:24.0406 1396 ACPIEC - ok
19:09:24.0421 1396 adpu160m - ok
19:09:24.0468 1396 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
19:09:24.0468 1396 aec - ok
19:09:24.0500 1396 [ FE3EA6E9AFC1A78E6EDCA121E006AFB7 ] Afc C:\WINDOWS\system32\drivers\Afc.sys
19:09:24.0500 1396 Afc - ok
19:09:24.0546 1396 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
19:09:24.0546 1396 AFD - ok
19:09:24.0562 1396 Aha154x - ok
19:09:24.0578 1396 aic78u2 - ok
19:09:24.0578 1396 aic78xx - ok
19:09:24.0609 1396 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
19:09:24.0609 1396 Alerter - ok
19:09:24.0625 1396 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
19:09:24.0625 1396 ALG - ok
19:09:24.0640 1396 AliIde - ok
19:09:24.0656 1396 amsint - ok
19:09:24.0687 1396 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
19:09:24.0687 1396 AppMgmt - ok
19:09:24.0703 1396 asc - ok
19:09:24.0718 1396 asc3350p - ok
19:09:24.0734 1396 asc3550 - ok
19:09:24.0796 1396 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
19:09:24.0812 1396 aspnet_state - ok
19:09:24.0843 1396 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:09:24.0843 1396 AsyncMac - ok
19:09:24.0875 1396 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
19:09:24.0875 1396 atapi - ok
19:09:24.0890 1396 Atdisk - ok
19:09:24.0921 1396 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:09:24.0921 1396 Atmarpc - ok
19:09:24.0953 1396 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
19:09:24.0953 1396 AudioSrv - ok
19:09:24.0984 1396 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
19:09:24.0984 1396 audstub - ok
19:09:25.0109 1396 [ A1ADE0E06E057E3E7C3C931413AD9665 ] AVKProxy C:\Programme\Gemeinsame Dateien\G Data\AVKProxy\AVKProxy.exe
19:09:25.0125 1396 AVKProxy - ok
19:09:25.0250 1396 [ 68F93849B4197243E8454E704B063F9B ] AVKService D:\Programme\G Data\InternetSecurity\AVK\AVKService.exe
19:09:25.0250 1396 AVKService - ok
19:09:25.0343 1396 [ 0D82622BF14D167EAA26DDF69F81B187 ] AVKWCtl D:\Programme\G Data\InternetSecurity\AVK\AVKWCtl.exe
19:09:25.0453 1396 AVKWCtl - ok
19:09:25.0500 1396 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:09:25.0500 1396 Beep - ok
19:09:25.0546 1396 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
19:09:25.0562 1396 BITS - ok
19:09:25.0593 1396 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
19:09:25.0593 1396 Browser - ok
19:09:25.0625 1396 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
19:09:25.0625 1396 cbidf2k - ok
19:09:25.0640 1396 cd20xrnt - ok
19:09:25.0671 1396 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
19:09:25.0671 1396 Cdaudio - ok
19:09:25.0703 1396 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
19:09:25.0703 1396 Cdfs - ok
19:09:25.0734 1396 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:09:25.0750 1396 Cdrom - ok
19:09:25.0750 1396 Changer - ok
19:09:25.0765 1396 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
19:09:25.0765 1396 CiSvc - ok
19:09:25.0796 1396 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
19:09:25.0796 1396 ClipSrv - ok
19:09:25.0828 1396 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:09:25.0859 1396 clr_optimization_v2.0.50727_32 - ok
19:09:25.0875 1396 CmdIde - ok
19:09:25.0890 1396 COMSysApp - ok
19:09:25.0906 1396 Cpqarray - ok
19:09:25.0937 1396 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
19:09:25.0937 1396 CryptSvc - ok
19:09:25.0953 1396 dac2w2k - ok
19:09:25.0968 1396 dac960nt - ok
19:09:26.0015 1396 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:09:26.0015 1396 DcomLaunch - ok
19:09:26.0046 1396 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
19:09:26.0062 1396 Dhcp - ok
19:09:26.0078 1396 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
19:09:26.0078 1396 Disk - ok
19:09:26.0093 1396 dmadmin - ok
19:09:26.0156 1396 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
19:09:26.0187 1396 dmboot - ok
19:09:26.0218 1396 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
19:09:26.0218 1396 dmio - ok
19:09:26.0234 1396 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
19:09:26.0234 1396 dmload - ok
19:09:26.0265 1396 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
19:09:26.0265 1396 dmserver - ok
19:09:26.0281 1396 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
19:09:26.0281 1396 DMusic - ok
19:09:26.0312 1396 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:09:26.0312 1396 Dnscache - ok
19:09:26.0359 1396 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
19:09:26.0359 1396 Dot3svc - ok
19:09:26.0375 1396 dpti2o - ok
19:09:26.0406 1396 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
19:09:26.0406 1396 drmkaud - ok
19:09:26.0421 1396 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
19:09:26.0421 1396 EapHost - ok
19:09:26.0437 1396 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
19:09:26.0437 1396 ERSvc - ok
19:09:26.0484 1396 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
19:09:26.0484 1396 Eventlog - ok
19:09:26.0531 1396 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
19:09:26.0531 1396 EventSystem - ok
19:09:26.0578 1396 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
19:09:26.0578 1396 Fastfat - ok
19:09:26.0609 1396 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:09:26.0625 1396 FastUserSwitchingCompatibility - ok
19:09:26.0656 1396 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
19:09:26.0671 1396 Fdc - ok
19:09:26.0687 1396 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
19:09:26.0687 1396 Fips - ok
19:09:26.0703 1396 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
19:09:26.0703 1396 Flpydisk - ok
19:09:26.0734 1396 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
19:09:26.0734 1396 FltMgr - ok
19:09:26.0796 1396 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:09:26.0796 1396 FontCache3.0.0.0 - ok
19:09:26.0812 1396 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:09:26.0812 1396 Fs_Rec - ok
19:09:26.0843 1396 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:09:26.0843 1396 Ftdisk - ok
19:09:26.0875 1396 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
19:09:26.0875 1396 gameenum - ok
19:09:26.0906 1396 [ 526A010B5E76B905EC34C0EBC2C3196C ] GDBehave C:\WINDOWS\system32\drivers\GDBehave.sys
19:09:26.0906 1396 GDBehave - ok
19:09:27.0031 1396 [ 803A7B7A4CE932582AE39EF3247BF57D ] GDFwSvc D:\Programme\G Data\InternetSecurity\Firewall\GDFwSvc.exe
19:09:27.0109 1396 GDFwSvc - ok
19:09:27.0156 1396 [ D884D6BFC75275155B25EE972CEF363A ] GDMnIcpt C:\WINDOWS\system32\drivers\MiniIcpt.sys
19:09:27.0156 1396 GDMnIcpt - ok
19:09:27.0171 1396 [ 6602BA0A961B02BE6980A0740737A897 ] GDNdisIc C:\WINDOWS\system32\drivers\GDNdisIc.sys
19:09:27.0171 1396 GDNdisIc - ok
19:09:27.0250 1396 [ 110C6DC36EA9F5DA664A584756B1B297 ] GDScan C:\Programme\Gemeinsame Dateien\G Data\GDScan\GDScan.exe
19:09:27.0250 1396 GDScan - ok
19:09:27.0281 1396 [ 322841D5AFB433B2F7F8BD40453FD258 ] GDTdiInterceptor C:\WINDOWS\system32\drivers\GDTdiIcpt.sys
19:09:27.0281 1396 GDTdiInterceptor - ok
19:09:27.0312 1396 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:09:27.0312 1396 Gpc - ok
19:09:27.0343 1396 [ DD3227F9780B435F4CF2BC87C48317A2 ] GRD C:\WINDOWS\system32\drivers\GRD.sys
19:09:27.0343 1396 GRD - ok
19:09:27.0406 1396 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
19:09:27.0421 1396 gupdate - ok
19:09:27.0437 1396 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
19:09:27.0437 1396 gupdatem - ok
19:09:27.0484 1396 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:09:27.0484 1396 helpsvc - ok
19:09:27.0515 1396 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll
19:09:27.0515 1396 HidServ - ok
19:09:27.0531 1396 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:09:27.0531 1396 hidusb - ok
19:09:27.0562 1396 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
19:09:27.0562 1396 hkmsvc - ok
19:09:27.0578 1396 [ A278501DEBE8FCACCF87D6BC56B93009 ] HookCentre C:\WINDOWS\system32\drivers\HookCentre.sys
19:09:27.0578 1396 HookCentre - ok
19:09:27.0593 1396 hpn - ok
19:09:27.0625 1396 [ 5FABA4775D4C61E55EC669D643FFC71F ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
19:09:27.0625 1396 HPZid412 - ok
19:09:27.0656 1396 [ A3C43980EE1F1BEAC778B44EA65DBDD4 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
19:09:27.0656 1396 HPZipr12 - ok
19:09:27.0687 1396 [ 2906949BD4E206F2BB0DD1896CE9F66F ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
19:09:27.0687 1396 HPZius12 - ok
19:09:27.0734 1396 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
19:09:27.0750 1396 HTTP - ok
19:09:27.0781 1396 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
19:09:27.0781 1396 HTTPFilter - ok
19:09:27.0796 1396 i2omgmt - ok
19:09:27.0812 1396 i2omp - ok
19:09:27.0843 1396 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\drivers\i8042prt.sys
19:09:27.0843 1396 i8042prt - ok
19:09:27.0921 1396 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:09:27.0953 1396 idsvc - ok
19:09:28.0000 1396 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
19:09:28.0000 1396 Imapi - ok
19:09:28.0031 1396 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
19:09:28.0046 1396 ImapiService - ok
19:09:28.0062 1396 ini910u - ok
19:09:28.0078 1396 IntelIde - ok
19:09:28.0109 1396 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
19:09:28.0109 1396 Ip6Fw - ok
19:09:28.0140 1396 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:09:28.0140 1396 IpFilterDriver - ok
19:09:28.0171 1396 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:09:28.0171 1396 IpInIp - ok
19:09:28.0187 1396 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:09:28.0187 1396 IpNat - ok
19:09:28.0218 1396 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:09:28.0218 1396 IPSec - ok
19:09:28.0250 1396 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys
19:09:28.0250 1396 irda - ok
19:09:28.0281 1396 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
19:09:28.0281 1396 IRENUM - ok
19:09:28.0296 1396 [ 2EFE1DB1EC58A26B0C14BFDA122E246F ] Irmon C:\WINDOWS\System32\irmon.dll
19:09:28.0312 1396 Irmon - ok
19:09:28.0312 1396 [ 0501F0B9AB08425F8C0EACBDCC04AA32 ] irsir C:\WINDOWS\system32\DRIVERS\irsir.sys
19:09:28.0312 1396 irsir - ok
19:09:28.0343 1396 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:09:28.0343 1396 isapnp - ok
19:09:28.0437 1396 [ 5739F2821D49975CEDE6BF0153D0CF01 ] JavaQuickStarterService D:\Programme\java\jre7\bin\jqs.exe
19:09:28.0437 1396 JavaQuickStarterService - ok
19:09:28.0468 1396 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:09:28.0468 1396 Kbdclass - ok
19:09:28.0500 1396 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:09:28.0500 1396 kbdhid - ok
19:09:28.0515 1396 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
19:09:28.0531 1396 kmixer - ok
19:09:28.0562 1396 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
19:09:28.0562 1396 KSecDD - ok
19:09:28.0593 1396 [ 2BBDCB79900990F0716DFCB714E72DE7 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
19:09:28.0593 1396 LanmanServer - ok
19:09:28.0640 1396 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:09:28.0656 1396 lanmanworkstation - ok
19:09:28.0656 1396 lbrtfdc - ok
19:09:28.0703 1396 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
19:09:28.0703 1396 LmHosts - ok
19:09:28.0718 1396 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
19:09:28.0734 1396 Messenger - ok
19:09:28.0750 1396 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
19:09:28.0750 1396 mnmdd - ok
19:09:28.0781 1396 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
19:09:28.0781 1396 mnmsrvc - ok
19:09:28.0796 1396 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
19:09:28.0796 1396 Modem - ok
19:09:28.0812 1396 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:09:28.0812 1396 Mouclass - ok
19:09:28.0843 1396 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:09:28.0843 1396 mouhid - ok
19:09:28.0859 1396 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
19:09:28.0859 1396 MountMgr - ok
19:09:28.0906 1396 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
19:09:28.0921 1396 MozillaMaintenance - ok
19:09:28.0921 1396 mraid35x - ok
19:09:28.0937 1396 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:09:28.0953 1396 MRxDAV - ok
19:09:29.0015 1396 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:09:29.0031 1396 MRxSmb - ok
19:09:29.0062 1396 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
19:09:29.0078 1396 MSDTC - ok
19:09:29.0093 1396 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:09:29.0093 1396 Msfs - ok
19:09:29.0109 1396 MSIServer - ok
19:09:29.0125 1396 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:09:29.0125 1396 MSKSSRV - ok
19:09:29.0156 1396 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:09:29.0156 1396 MSPCLOCK - ok
19:09:29.0156 1396 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
19:09:29.0171 1396 MSPQM - ok
19:09:29.0203 1396 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:09:29.0203 1396 mssmbios - ok
19:09:29.0218 1396 [ CA3E22598F411199ADC2DFEE76CD0AE0 ] ms_mpu401 C:\WINDOWS\system32\drivers\msmpu401.sys
19:09:29.0218 1396 ms_mpu401 - ok
19:09:29.0250 1396 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
19:09:29.0250 1396 Mup - ok
19:09:29.0281 1396 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
19:09:29.0296 1396 napagent - ok
19:09:29.0328 1396 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
19:09:29.0328 1396 NDIS - ok
19:09:29.0359 1396 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:09:29.0359 1396 NdisTapi - ok
19:09:29.0390 1396 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:09:29.0390 1396 Ndisuio - ok
19:09:29.0437 1396 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:09:29.0437 1396 NdisWan - ok
19:09:29.0468 1396 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
19:09:29.0468 1396 NDProxy - ok
19:09:29.0484 1396 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
19:09:29.0484 1396 NetBIOS - ok
19:09:29.0515 1396 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:09:29.0515 1396 NetBT - ok
19:09:29.0546 1396 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
19:09:29.0546 1396 NetDDE - ok
19:09:29.0562 1396 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
19:09:29.0562 1396 NetDDEdsdm - ok
19:09:29.0593 1396 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:09:29.0593 1396 Netlogon - ok
19:09:29.0625 1396 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
19:09:29.0640 1396 Netman - ok
19:09:29.0687 1396 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:09:29.0687 1396 NetTcpPortSharing - ok
19:09:29.0718 1396 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
19:09:29.0734 1396 Nla - ok
19:09:29.0750 1396 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:09:29.0750 1396 Npfs - ok
19:09:29.0796 1396 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
19:09:29.0828 1396 Ntfs - ok
19:09:29.0843 1396 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
19:09:29.0843 1396 NtLmSsp - ok
19:09:29.0890 1396 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
19:09:29.0906 1396 NtmsSvc - ok
19:09:29.0921 1396 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
19:09:29.0921 1396 Null - ok
19:09:30.0234 1396 [ 8E72E452B9CC1E455D19E3C9FA964D37 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:09:30.0515 1396 nv - ok
19:09:30.0546 1396 [ 46DEED4C6C5FA765F9A2C723BE60348D ] nvatabus C:\WINDOWS\system32\DRIVERS\nvatabus.sys
19:09:30.0546 1396 nvatabus - ok
19:09:30.0578 1396 [ A545DF28F75BCB109A3AADBB07552B12 ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
19:09:30.0578 1396 NVENETFD - ok
19:09:30.0609 1396 [ EA41F641420F3D8271804D287C1EF461 ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
19:09:30.0609 1396 nvnetbus - ok
19:09:30.0640 1396 [ 934833B3CD462A6F8A96F64D024C8B20 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
19:09:30.0656 1396 NVSvc - ok
19:09:30.0671 1396 [ 3194E2F6C9000C39DCF9D0580754F714 ] nv_agp C:\WINDOWS\system32\DRIVERS\nv_agp.sys
19:09:30.0671 1396 nv_agp - ok
19:09:30.0703 1396 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:09:30.0703 1396 NwlnkFlt - ok
19:09:30.0718 1396 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:09:30.0718 1396 NwlnkFwd - ok
19:09:30.0750 1396 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
19:09:30.0750 1396 Parport - ok
19:09:30.0781 1396 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
19:09:30.0781 1396 PartMgr - ok
19:09:30.0796 1396 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
19:09:30.0796 1396 ParVdm - ok
19:09:30.0812 1396 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
19:09:30.0812 1396 PCI - ok
19:09:30.0828 1396 PCIDump - ok
19:09:30.0843 1396 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
19:09:30.0843 1396 PCIIde - ok
19:09:30.0875 1396 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
19:09:30.0875 1396 Pcmcia - ok
19:09:30.0890 1396 PDCOMP - ok
19:09:30.0890 1396 PDFRAME - ok
19:09:30.0906 1396 PDRELI - ok
19:09:30.0921 1396 PDRFRAME - ok
19:09:30.0937 1396 perc2 - ok
19:09:30.0937 1396 perc2hib - ok
19:09:31.0000 1396 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
19:09:31.0000 1396 PlugPlay - ok
19:09:31.0046 1396 [ 901C43516504CBE582E4C4193E00876A ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
19:09:31.0046 1396 Pml Driver HPZ12 - ok
19:09:31.0078 1396 [ 3A2BDD76E7D2A5F40A7174793D1BA794 ] PnkBstrA C:\WINDOWS\system32\PnkBstrA.exe
19:09:31.0078 1396 PnkBstrA - ok
19:09:31.0093 1396 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
19:09:31.0093 1396 PolicyAgent - ok
19:09:31.0109 1396 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:09:31.0125 1396 PptpMiniport - ok
19:09:31.0156 1396 [ 2CB55427C58679F49AD600FCCBA76360 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
19:09:31.0156 1396 Processor - ok
19:09:31.0156 1396 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:09:31.0156 1396 ProtectedStorage - ok
19:09:31.0171 1396 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
19:09:31.0187 1396 PSched - ok
19:09:31.0187 1396 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:09:31.0203 1396 Ptilink - ok
19:09:31.0203 1396 ql1080 - ok
19:09:31.0218 1396 Ql10wnt - ok
19:09:31.0234 1396 ql12160 - ok
19:09:31.0234 1396 ql1240 - ok
19:09:31.0250 1396 ql1280 - ok
19:09:31.0265 1396 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:09:31.0265 1396 RasAcd - ok
19:09:31.0296 1396 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:09:31.0296 1396 RasAuto - ok
19:09:31.0328 1396 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys
19:09:31.0328 1396 Rasirda - ok
19:09:31.0343 1396 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:09:31.0343 1396 Rasl2tp - ok
19:09:31.0375 1396 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:09:31.0390 1396 RasMan - ok
19:09:31.0406 1396 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:09:31.0406 1396 RasPppoe - ok
19:09:31.0421 1396 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
19:09:31.0421 1396 Raspti - ok
19:09:31.0453 1396 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:09:31.0453 1396 Rdbss - ok
19:09:31.0468 1396 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:09:31.0468 1396 RDPCDD - ok
19:09:31.0515 1396 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:09:31.0515 1396 rdpdr - ok
19:09:31.0562 1396 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
19:09:31.0562 1396 RDPWD - ok
19:09:31.0578 1396 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
19:09:31.0593 1396 RDSessMgr - ok
19:09:31.0609 1396 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
19:09:31.0609 1396 redbook - ok
19:09:31.0656 1396 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:09:31.0671 1396 RemoteAccess - ok
19:09:31.0687 1396 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
19:09:31.0687 1396 RemoteRegistry - ok
19:09:31.0734 1396 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
19:09:31.0734 1396 RpcLocator - ok
19:09:31.0765 1396 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll
19:09:31.0765 1396 RpcSs - ok
19:09:31.0812 1396 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
19:09:31.0812 1396 RSVP - ok
19:09:31.0828 1396 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
19:09:31.0828 1396 SamSs - ok
19:09:31.0875 1396 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
19:09:31.0875 1396 SCardSvr - ok
19:09:31.0921 1396 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:09:31.0921 1396 Schedule - ok
19:09:31.0937 1396 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:09:31.0937 1396 Secdrv - ok
19:09:31.0984 1396 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
19:09:31.0984 1396 seclogon - ok
19:09:32.0000 1396 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
19:09:32.0015 1396 SENS - ok
19:09:32.0031 1396 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
19:09:32.0031 1396 serenum - ok
19:09:32.0046 1396 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
19:09:32.0046 1396 Serial - ok
19:09:32.0078 1396 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
19:09:32.0078 1396 Sfloppy - ok
19:09:32.0125 1396 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:09:32.0140 1396 SharedAccess - ok
19:09:32.0156 1396 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:09:32.0156 1396 ShellHWDetection - ok
19:09:32.0171 1396 Simbad - ok
19:09:32.0187 1396 Sparrow - ok
19:09:32.0203 1396 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
19:09:32.0203 1396 splitter - ok
19:09:32.0250 1396 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
19:09:32.0250 1396 Spooler - ok
19:09:32.0281 1396 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
19:09:32.0281 1396 sr - ok
19:09:32.0312 1396 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
19:09:32.0328 1396 srservice - ok
19:09:32.0375 1396 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:09:32.0390 1396 Srv - ok
19:09:32.0421 1396 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:09:32.0421 1396 SSDPSRV - ok
19:09:32.0468 1396 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
19:09:32.0484 1396 stisvc - ok
19:09:32.0500 1396 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
19:09:32.0500 1396 swenum - ok
19:09:32.0531 1396 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
19:09:32.0531 1396 swmidi - ok
19:09:32.0531 1396 SwPrv - ok
19:09:32.0546 1396 symc810 - ok
19:09:32.0562 1396 symc8xx - ok
19:09:32.0578 1396 sym_hi - ok
19:09:32.0593 1396 sym_u3 - ok
19:09:32.0609 1396 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
19:09:32.0609 1396 sysaudio - ok
19:09:32.0625 1396 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
19:09:32.0640 1396 SysmonLog - ok
19:09:32.0687 1396 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:09:32.0703 1396 TapiSrv - ok
19:09:32.0734 1396 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:09:32.0750 1396 Tcpip - ok
19:09:32.0796 1396 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
19:09:32.0796 1396 TDPIPE - ok
19:09:32.0812 1396 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
19:09:32.0812 1396 TDTCP - ok
19:09:32.0828 1396 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
19:09:32.0828 1396 TermDD - ok
19:09:32.0859 1396 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
19:09:32.0875 1396 TermService - ok
19:09:32.0906 1396 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
19:09:32.0906 1396 Themes - ok
19:09:32.0937 1396 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
19:09:32.0937 1396 TlntSvr - ok
19:09:32.0953 1396 TosIde - ok
19:09:32.0968 1396 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
19:09:32.0984 1396 TrkWks - ok
19:09:33.0000 1396 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
19:09:33.0015 1396 Udfs - ok
19:09:33.0031 1396 ultra - ok
19:09:33.0062 1396 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
19:09:33.0078 1396 Update - ok
19:09:33.0109 1396 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
19:09:33.0125 1396 upnphost - ok
19:09:33.0140 1396 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
19:09:33.0140 1396 UPS - ok
19:09:33.0171 1396 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
19:09:33.0171 1396 usbaudio - ok
19:09:33.0187 1396 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:09:33.0187 1396 usbccgp - ok
19:09:33.0203 1396 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:09:33.0203 1396 usbehci - ok
19:09:33.0218 1396 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:09:33.0234 1396 usbhub - ok
19:09:33.0250 1396 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
19:09:33.0250 1396 usbohci - ok
19:09:33.0281 1396 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:09:33.0281 1396 usbprint - ok
19:09:33.0312 1396 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:09:33.0312 1396 usbscan - ok
19:09:33.0328 1396 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:09:33.0343 1396 USBSTOR - ok
19:09:33.0359 1396 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
19:09:33.0359 1396 VgaSave - ok
19:09:33.0359 1396 ViaIde - ok
19:09:33.0390 1396 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
19:09:33.0390 1396 VolSnap - ok
19:09:33.0421 1396 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
19:09:33.0437 1396 VSS - ok
19:09:33.0468 1396 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
19:09:33.0484 1396 W32Time - ok
19:09:33.0500 1396 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:09:33.0500 1396 Wanarp - ok
19:09:33.0515 1396 WDICA - ok
19:09:33.0546 1396 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
19:09:33.0546 1396 wdmaud - ok
19:09:33.0562 1396 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
19:09:33.0562 1396 WebClient - ok
19:09:33.0640 1396 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:09:33.0656 1396 winmgmt - ok
19:09:33.0703 1396 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
19:09:33.0703 1396 WmdmPmSN - ok
19:09:33.0765 1396 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll
19:09:33.0765 1396 Wmi - ok
19:09:33.0812 1396 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:09:33.0812 1396 WmiApSrv - ok
19:09:33.0906 1396 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
19:09:33.0937 1396 WMPNetworkSvc - ok
19:09:33.0984 1396 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
19:09:33.0984 1396 wscsvc - ok
19:09:34.0015 1396 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
19:09:34.0015 1396 wuauserv - ok
19:09:34.0046 1396 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:09:34.0046 1396 WudfPf - ok
19:09:34.0078 1396 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:09:34.0078 1396 WudfRd - ok
19:09:34.0093 1396 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
19:09:34.0109 1396 WudfSvc - ok
19:09:34.0156 1396 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
19:09:34.0187 1396 WZCSVC - ok
19:09:34.0218 1396 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
19:09:34.0218 1396 xmlprov - ok
19:09:34.0234 1396 ================ Scan global ===============================
19:09:34.0250 1396 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
19:09:34.0296 1396 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll
19:09:34.0328 1396 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll
19:09:34.0343 1396 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
19:09:34.0343 1396 [Global] - ok
19:09:34.0359 1396 ================ Scan MBR ==================================
19:09:34.0375 1396 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
19:09:34.0531 1396 \Device\Harddisk0\DR0 - ok
19:09:34.0531 1396 ================ Scan VBR ==================================
19:09:34.0546 1396 [ 3445A8C8431D084588469C67D7F669A3 ] \Device\Harddisk0\DR0\Partition1
19:09:34.0546 1396 \Device\Harddisk0\DR0\Partition1 - ok
19:09:34.0562 1396 [ 55035310B5741D5CBF0F5B8F12A690B6 ] \Device\Harddisk0\DR0\Partition2
19:09:34.0562 1396 \Device\Harddisk0\DR0\Partition2 - ok
19:09:34.0562 1396 ============================================================
19:09:34.0562 1396 Scan finished
19:09:34.0562 1396 ============================================================
19:09:34.0578 3852 Detected object count: 0
19:09:34.0578 3852 Actual detected object count: 0
19:11:17.0375 3756 ============================================================
19:11:17.0375 3756 Scan started
19:11:17.0375 3756 Mode: Manual; SigCheck; TDLFS;
19:11:17.0375 3756 ============================================================
19:11:17.0578 3756 ================ Scan system memory ========================
19:11:17.0578 3756 System memory - ok
19:11:17.0593 3756 ================ Scan services =============================
19:11:17.0703 3756 Abiosdsk - ok
19:11:17.0718 3756 abp480n5 - ok
19:11:17.0781 3756 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe
19:11:17.0937 3756 ACDaemon - ok
19:11:17.0984 3756 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:11:18.0156 3756 ACPI - ok
19:11:18.0187 3756 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
19:11:18.0312 3756 ACPIEC - ok
19:11:18.0328 3756 adpu160m - ok
19:11:18.0359 3756 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
19:11:18.0500 3756 aec - ok
19:11:18.0531 3756 [ FE3EA6E9AFC1A78E6EDCA121E006AFB7 ] Afc C:\WINDOWS\system32\drivers\Afc.sys
19:11:18.0546 3756 Afc - ok
19:11:18.0578 3756 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
19:11:18.0625 3756 AFD - ok
19:11:18.0640 3756 Aha154x - ok
19:11:18.0640 3756 aic78u2 - ok
19:11:18.0656 3756 aic78xx - ok
19:11:18.0687 3756 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
19:11:18.0828 3756 Alerter - ok
19:11:18.0859 3756 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
19:11:18.0921 3756 ALG - ok
19:11:18.0921 3756 AliIde - ok
19:11:18.0937 3756 amsint - ok
19:11:18.0968 3756 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
19:11:19.0046 3756 AppMgmt - ok
19:11:19.0046 3756 asc - ok
19:11:19.0062 3756 asc3350p - ok
19:11:19.0078 3756 asc3550 - ok
19:11:19.0140 3756 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
19:11:19.0156 3756 aspnet_state - ok
19:11:19.0187 3756 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:11:19.0312 3756 AsyncMac - ok
19:11:19.0328 3756 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
19:11:19.0484 3756 atapi - ok
19:11:19.0484 3756 Atdisk - ok
19:11:19.0515 3756 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:11:19.0671 3756 Atmarpc - ok
19:11:19.0687 3756 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
19:11:19.0843 3756 AudioSrv - ok
19:11:19.0875 3756 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
19:11:20.0000 3756 audstub - ok
19:11:20.0109 3756 [ A1ADE0E06E057E3E7C3C931413AD9665 ] AVKProxy C:\Programme\Gemeinsame Dateien\G Data\AVKProxy\AVKProxy.exe
19:11:20.0203 3756 AVKProxy - ok
19:11:20.0343 3756 [ 68F93849B4197243E8454E704B063F9B ] AVKService D:\Programme\G Data\InternetSecurity\AVK\AVKService.exe
19:11:20.0375 3756 AVKService - ok
19:11:20.0468 3756 [ 0D82622BF14D167EAA26DDF69F81B187 ] AVKWCtl D:\Programme\G Data\InternetSecurity\AVK\AVKWCtl.exe
19:11:20.0562 3756 AVKWCtl - ok
19:11:20.0609 3756 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:11:20.0750 3756 Beep - ok
19:11:20.0796 3756 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
19:11:20.0937 3756 BITS - ok
19:11:20.0968 3756 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
19:11:21.0015 3756 Browser - ok
19:11:21.0046 3756 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
19:11:21.0203 3756 cbidf2k - ok
19:11:21.0218 3756 cd20xrnt - ok
19:11:21.0250 3756 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
19:11:21.0406 3756 Cdaudio - ok
19:11:21.0437 3756 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
19:11:21.0578 3756 Cdfs - ok
19:11:21.0609 3756 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:11:21.0765 3756 Cdrom - ok
19:11:21.0781 3756 Changer - ok
19:11:21.0812 3756 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
19:11:21.0953 3756 CiSvc - ok
19:11:21.0968 3756 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
19:11:22.0125 3756 ClipSrv - ok
19:11:22.0156 3756 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:11:22.0171 3756 clr_optimization_v2.0.50727_32 - ok
19:11:22.0187 3756 CmdIde - ok
19:11:22.0203 3756 COMSysApp - ok
19:11:22.0218 3756 Cpqarray - ok
19:11:22.0250 3756 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
19:11:22.0421 3756 CryptSvc - ok
19:11:22.0437 3756 dac2w2k - ok
19:11:22.0437 3756 dac960nt - ok
19:11:22.0484 3756 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:11:22.0531 3756 DcomLaunch - ok
19:11:22.0546 3756 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
19:11:22.0687 3756 Dhcp - ok
19:11:22.0718 3756 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
19:11:22.0843 3756 Disk - ok
19:11:22.0859 3756 dmadmin - ok
19:11:22.0937 3756 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
19:11:23.0109 3756 dmboot - ok
19:11:23.0156 3756 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
19:11:23.0296 3756 dmio - ok
19:11:23.0312 3756 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
19:11:23.0468 3756 dmload - ok
19:11:23.0500 3756 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
19:11:23.0656 3756 dmserver - ok
19:11:23.0671 3756 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
19:11:23.0812 3756 DMusic - ok
19:11:23.0843 3756 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:11:23.0906 3756 Dnscache - ok
19:11:23.0953 3756 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
19:11:24.0093 3756 Dot3svc - ok
19:11:24.0093 3756 dpti2o - ok
19:11:24.0125 3756 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
19:11:24.0250 3756 drmkaud - ok
19:11:24.0265 3756 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
19:11:24.0421 3756 EapHost - ok
19:11:24.0453 3756 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
19:11:24.0593 3756 ERSvc - ok
19:11:24.0625 3756 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
19:11:24.0656 3756 Eventlog - ok
19:11:24.0687 3756 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
19:11:24.0718 3756 EventSystem - ok
19:11:24.0750 3756 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
19:11:24.0875 3756 Fastfat - ok
19:11:24.0921 3756 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:11:24.0968 3756 FastUserSwitchingCompatibility - ok
19:11:25.0000 3756 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
19:11:25.0156 3756 Fdc - ok
19:11:25.0171 3756 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
19:11:25.0312 3756 Fips - ok
19:11:25.0328 3756 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
19:11:25.0484 3756 Flpydisk - ok
19:11:25.0515 3756 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
19:11:25.0656 3756 FltMgr - ok
19:11:25.0718 3756 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:11:25.0734 3756 FontCache3.0.0.0 - ok
19:11:25.0750 3756 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:11:25.0875 3756 Fs_Rec - ok
19:11:25.0906 3756 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:11:26.0046 3756 Ftdisk - ok
19:11:26.0078 3756 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
19:11:26.0187 3756 gameenum - ok
19:11:26.0218 3756 [ 526A010B5E76B905EC34C0EBC2C3196C ] GDBehave C:\WINDOWS\system32\drivers\GDBehave.sys
19:11:26.0234 3756 GDBehave - ok
19:11:26.0359 3756 [ 803A7B7A4CE932582AE39EF3247BF57D ] GDFwSvc D:\Programme\G Data\InternetSecurity\Firewall\GDFwSvc.exe
19:11:26.0484 3756 GDFwSvc - ok
19:11:26.0515 3756 [ D884D6BFC75275155B25EE972CEF363A ] GDMnIcpt C:\WINDOWS\system32\drivers\MiniIcpt.sys
19:11:26.0531 3756 GDMnIcpt - ok
19:11:26.0546 3756 [ 6602BA0A961B02BE6980A0740737A897 ] GDNdisIc C:\WINDOWS\system32\drivers\GDNdisIc.sys
19:11:26.0562 3756 GDNdisIc - ok
19:11:26.0625 3756 [ 110C6DC36EA9F5DA664A584756B1B297 ] GDScan C:\Programme\Gemeinsame Dateien\G Data\GDScan\GDScan.exe
19:11:26.0671 3756 GDScan - ok
19:11:26.0703 3756 [ 322841D5AFB433B2F7F8BD40453FD258 ] GDTdiInterceptor C:\WINDOWS\system32\drivers\GDTdiIcpt.sys
19:11:26.0718 3756 GDTdiInterceptor - ok
19:11:26.0734 3756 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:11:26.0890 3756 Gpc - ok
19:11:26.0921 3756 [ DD3227F9780B435F4CF2BC87C48317A2 ] GRD C:\WINDOWS\system32\drivers\GRD.sys
19:11:26.0937 3756 GRD - ok
19:11:27.0000 3756 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
19:11:27.0015 3756 gupdate - ok
19:11:27.0031 3756 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
19:11:27.0046 3756 gupdatem - ok
19:11:27.0078 3756 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:11:27.0218 3756 helpsvc - ok
19:11:27.0250 3756 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll
19:11:27.0406 3756 HidServ - ok
19:11:27.0421 3756 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:11:27.0562 3756 hidusb - ok
19:11:27.0593 3756 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
19:11:27.0765 3756 hkmsvc - ok
19:11:27.0781 3756 [ A278501DEBE8FCACCF87D6BC56B93009 ] HookCentre C:\WINDOWS\system32\drivers\HookCentre.sys
19:11:27.0796 3756 HookCentre - ok
19:11:27.0812 3756 hpn - ok
19:11:27.0843 3756 [ 5FABA4775D4C61E55EC669D643FFC71F ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
19:11:27.0890 3756 HPZid412 - ok
19:11:27.0921 3756 [ A3C43980EE1F1BEAC778B44EA65DBDD4 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
19:11:27.0968 3756 HPZipr12 - ok
19:11:28.0000 3756 [ 2906949BD4E206F2BB0DD1896CE9F66F ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
19:11:28.0046 3756 HPZius12 - ok
19:11:28.0078 3756 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
19:11:28.0109 3756 HTTP - ok
19:11:28.0140 3756 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
19:11:28.0281 3756 HTTPFilter - ok
19:11:28.0296 3756 i2omgmt - ok
19:11:28.0312 3756 i2omp - ok
19:11:28.0343 3756 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\drivers\i8042prt.sys
19:11:28.0468 3756 i8042prt - ok
19:11:28.0546 3756 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:11:28.0609 3756 idsvc - ok
19:11:28.0640 3756 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
19:11:28.0781 3756 Imapi - ok
19:11:28.0812 3756 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
19:11:28.0937 3756 ImapiService - ok
19:11:28.0953 3756 ini910u - ok
19:11:28.0968 3756 IntelIde - ok
19:11:29.0000 3756 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
19:11:29.0125 3756 Ip6Fw - ok
19:11:29.0171 3756 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:11:29.0312 3756 IpFilterDriver - ok
19:11:29.0312 3756 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:11:29.0453 3756 IpInIp - ok
19:11:29.0484 3756 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:11:29.0609 3756 IpNat - ok
19:11:29.0625 3756 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:11:29.0781 3756 IPSec - ok
19:11:29.0828 3756 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys
19:11:29.0890 3756 irda - ok
19:11:29.0921 3756 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
19:11:29.0968 3756 IRENUM - ok
19:11:29.0984 3756 [ 2EFE1DB1EC58A26B0C14BFDA122E246F ] Irmon C:\WINDOWS\System32\irmon.dll
19:11:30.0046 3756 Irmon - ok
19:11:30.0062 3756 [ 0501F0B9AB08425F8C0EACBDCC04AA32 ] irsir C:\WINDOWS\system32\DRIVERS\irsir.sys
19:11:30.0125 3756 irsir - ok
19:11:30.0156 3756 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:11:30.0281 3756 isapnp - ok
19:11:30.0390 3756 [ 5739F2821D49975CEDE6BF0153D0CF01 ] JavaQuickStarterService D:\Programme\java\jre7\bin\jqs.exe
19:11:30.0406 3756 JavaQuickStarterService - ok
19:11:30.0437 3756 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:11:30.0578 3756 Kbdclass - ok
19:11:30.0593 3756 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:11:30.0734 3756 kbdhid - ok
19:11:30.0765 3756 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
19:11:30.0906 3756 kmixer - ok
19:11:30.0921 3756 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
19:11:30.0968 3756 KSecDD - ok
19:11:31.0000 3756 [ 2BBDCB79900990F0716DFCB714E72DE7 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
19:11:31.0046 3756 LanmanServer - ok
19:11:31.0078 3756 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:11:31.0109 3756 lanmanworkstation - ok
19:11:31.0125 3756 lbrtfdc - ok
19:11:31.0156 3756 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
19:11:31.0312 3756 LmHosts - ok
19:11:31.0343 3756 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
19:11:31.0484 3756 Messenger - ok
19:11:31.0500 3756 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
19:11:31.0640 3756 mnmdd - ok
19:11:31.0671 3756 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
19:11:31.0812 3756 mnmsrvc - ok
19:11:31.0828 3756 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
19:11:31.0968 3756 Modem - ok
19:11:31.0984 3756 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:11:32.0140 3756 Mouclass - ok
19:11:32.0171 3756 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:11:32.0296 3756 mouhid - ok
19:11:32.0312 3756 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
19:11:32.0468 3756 MountMgr - ok
19:11:32.0500 3756 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
19:11:32.0515 3756 MozillaMaintenance - ok
19:11:32.0531 3756 mraid35x - ok
19:11:32.0546 3756 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:11:32.0671 3756 MRxDAV - ok
19:11:32.0718 3756 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:11:32.0765 3756 MRxSmb - ok
19:11:32.0796 3756 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
19:11:32.0906 3756 MSDTC - ok
19:11:32.0953 3756 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:11:33.0078 3756 Msfs - ok
19:11:33.0093 3756 MSIServer - ok
19:11:33.0109 3756 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:11:33.0234 3756 MSKSSRV - ok
19:11:33.0265 3756 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:11:33.0375 3756 MSPCLOCK - ok
19:11:33.0406 3756 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
19:11:33.0531 3756 MSPQM - ok
19:11:33.0562 3756 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:11:33.0687 3756 mssmbios - ok
19:11:33.0703 3756 [ CA3E22598F411199ADC2DFEE76CD0AE0 ] ms_mpu401 C:\WINDOWS\system32\drivers\msmpu401.sys
19:11:33.0812 3756 ms_mpu401 - ok
19:11:33.0843 3756 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
19:11:33.0890 3756 Mup - ok
19:11:33.0921 3756 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
19:11:34.0062 3756 napagent - ok
19:11:34.0109 3756 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
19:11:34.0218 3756 NDIS - ok
19:11:34.0250 3756 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:11:34.0296 3756 NdisTapi - ok
19:11:34.0328 3756 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:11:34.0453 3756 Ndisuio - ok
19:11:34.0484 3756 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:11:34.0625 3756 NdisWan - ok
19:11:34.0671 3756 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
19:11:34.0718 3756 NDProxy - ok
19:11:34.0750 3756 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
19:11:34.0890 3756 NetBIOS - ok
19:11:34.0921 3756 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:11:35.0031 3756 NetBT - ok
19:11:35.0062 3756 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
19:11:35.0203 3756 NetDDE - ok
19:11:35.0218 3756 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
19:11:35.0343 3756 NetDDEdsdm - ok
19:11:35.0359 3756 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:11:35.0500 3756 Netlogon - ok
19:11:35.0515 3756 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
19:11:35.0656 3756 Netman - ok
19:11:35.0687 3756 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:11:35.0703 3756 NetTcpPortSharing - ok
19:11:35.0718 3756 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
19:11:35.0750 3756 Nla - ok
19:11:35.0765 3756 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:11:35.0906 3756 Npfs - ok
19:11:35.0953 3756 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
19:11:36.0093 3756 Ntfs - ok
19:11:36.0125 3756 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
19:11:36.0250 3756 NtLmSsp - ok
19:11:36.0296 3756 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
19:11:36.0421 3756 NtmsSvc - ok
19:11:36.0453 3756 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
19:11:36.0578 3756 Null - ok
19:11:36.0921 3756 [ 8E72E452B9CC1E455D19E3C9FA964D37 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:11:37.0265 3756 nv - ok
19:11:37.0296 3756 [ 46DEED4C6C5FA765F9A2C723BE60348D ] nvatabus C:\WINDOWS\system32\DRIVERS\nvatabus.sys
19:11:37.0328 3756 nvatabus - ok
19:11:37.0359 3756 [ A545DF28F75BCB109A3AADBB07552B12 ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
19:11:37.0390 3756 NVENETFD - ok
19:11:37.0421 3756 [ EA41F641420F3D8271804D287C1EF461 ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
19:11:37.0453 3756 nvnetbus - ok
19:11:37.0484 3756 [ 934833B3CD462A6F8A96F64D024C8B20 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
19:11:37.0531 3756 NVSvc - ok
19:11:37.0562 3756 [ 3194E2F6C9000C39DCF9D0580754F714 ] nv_agp C:\WINDOWS\system32\DRIVERS\nv_agp.sys
19:11:37.0593 3756 nv_agp - ok
19:11:37.0609 3756 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:11:37.0734 3756 NwlnkFlt - ok
19:11:37.0750 3756 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:11:37.0890 3756 NwlnkFwd - ok
19:11:37.0906 3756 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
19:11:38.0062 3756 Parport - ok
19:11:38.0093 3756 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
19:11:38.0218 3756 PartMgr - ok
19:11:38.0234 3756 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
19:11:38.0375 3756 ParVdm - ok
19:11:38.0390 3756 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
19:11:38.0531 3756 PCI - ok
19:11:38.0546 3756 PCIDump - ok
19:11:38.0562 3756 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
19:11:38.0671 3756 PCIIde - ok
19:11:38.0703 3756 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
19:11:38.0828 3756 Pcmcia - ok
19:11:38.0828 3756 PDCOMP - ok
19:11:38.0843 3756 PDFRAME - ok
19:11:38.0859 3756 PDRELI - ok
19:11:38.0875 3756 PDRFRAME - ok
19:11:38.0890 3756 perc2 - ok
19:11:38.0890 3756 perc2hib - ok
19:11:38.0937 3756 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
19:11:38.0953 3756 PlugPlay - ok
19:11:38.0984 3756 [ 901C43516504CBE582E4C4193E00876A ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
19:11:39.0000 3756 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
19:11:39.0000 3756 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
19:11:39.0046 3756 [ 3A2BDD76E7D2A5F40A7174793D1BA794 ] PnkBstrA C:\WINDOWS\system32\PnkBstrA.exe
19:11:39.0046 3756 PnkBstrA - ok
19:11:39.0062 3756 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
19:11:39.0187 3756 PolicyAgent - ok
19:11:39.0203 3756 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:11:39.0343 3756 PptpMiniport - ok
19:11:39.0375 3756 [ 2CB55427C58679F49AD600FCCBA76360 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
19:11:39.0531 3756 Processor - ok
19:11:39.0546 3756 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:11:39.0656 3756 ProtectedStorage - ok
19:11:39.0687 3756 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
19:11:39.0828 3756 PSched - ok
19:11:39.0859 3756 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:11:39.0968 3756 Ptilink - ok
19:11:39.0984 3756 ql1080 - ok
19:11:40.0000 3756 Ql10wnt - ok
19:11:40.0000 3756 ql12160 - ok
19:11:40.0015 3756 ql1240 - ok
19:11:40.0015 3756 ql1280 - ok
19:11:40.0046 3756 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:11:40.0171 3756 RasAcd - ok
19:11:40.0218 3756 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:11:40.0343 3756 RasAuto - ok
19:11:40.0359 3756 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys
19:11:40.0421 3756 Rasirda - ok
19:11:40.0453 3756 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:11:40.0609 3756 Rasl2tp - ok
19:11:40.0640 3756 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:11:40.0765 3756 RasMan - ok
19:11:40.0796 3756 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:11:40.0937 3756 RasPppoe - ok
19:11:40.0937 3756 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
19:11:41.0062 3756 Raspti - ok
19:11:41.0093 3756 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:11:41.0203 3756 Rdbss - ok
19:11:41.0218 3756 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:11:41.0343 3756 RDPCDD - ok
19:11:41.0375 3756 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:11:41.0500 3756 rdpdr - ok
19:11:41.0546 3756 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
19:11:41.0593 3756 RDPWD - ok
19:11:41.0625 3756 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
19:11:41.0734 3756 RDSessMgr - ok
19:11:41.0765 3756 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
19:11:41.0906 3756 redbook - ok
19:11:41.0937 3756 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:11:42.0078 3756 RemoteAccess - ok
19:11:42.0109 3756 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
19:11:42.0234 3756 RemoteRegistry - ok
19:11:42.0265 3756 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
19:11:42.0406 3756 RpcLocator - ok
19:11:42.0437 3756 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll
19:11:42.0468 3756 RpcSs - ok
19:11:42.0515 3756 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
19:11:42.0625 3756 RSVP - ok
19:11:42.0671 3756 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
19:11:42.0796 3756 SamSs - ok
19:11:42.0828 3756 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
19:11:42.0953 3756 SCardSvr - ok
19:11:43.0000 3756 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:11:43.0125 3756 Schedule - ok
19:11:43.0140 3756 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:11:43.0187 3756 Secdrv - ok
19:11:43.0218 3756 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
19:11:43.0375 3756 seclogon - ok
19:11:43.0390 3756 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
19:11:43.0531 3756 SENS - ok
19:11:43.0546 3756 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
19:11:43.0687 3756 serenum - ok
19:11:43.0703 3756 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
19:11:43.0859 3756 Serial - ok
19:11:43.0890 3756 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
19:11:44.0015 3756 Sfloppy - ok
19:11:44.0062 3756 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:11:44.0187 3756 SharedAccess - ok
19:11:44.0218 3756 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:11:44.0234 3756 ShellHWDetection - ok
19:11:44.0250 3756 Simbad - ok
19:11:44.0265 3756 Sparrow - ok
19:11:44.0281 3756 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
19:11:44.0406 3756 splitter - ok
19:11:44.0437 3756 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
19:11:44.0468 3756 Spooler - ok
19:11:44.0500 3756 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
19:11:44.0562 3756 sr - ok
19:11:44.0593 3756 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
19:11:44.0656 3756 srservice - ok
19:11:44.0703 3756 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:11:44.0750 3756 Srv - ok
19:11:44.0781 3756 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:11:44.0859 3756 SSDPSRV - ok
19:11:44.0906 3756 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
19:11:45.0015 3756 stisvc - ok
19:11:45.0046 3756 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
19:11:45.0171 3756 swenum - ok
19:11:45.0203 3756 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
19:11:45.0343 3756 swmidi - ok
19:11:45.0359 3756 SwPrv - ok
19:11:45.0375 3756 symc810 - ok
19:11:45.0390 3756 symc8xx - ok
19:11:45.0406 3756 sym_hi - ok
19:11:45.0406 3756 sym_u3 - ok
19:11:45.0437 3756 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
19:11:45.0546 3756 sysaudio - ok
19:11:45.0578 3756 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
19:11:45.0718 3756 SysmonLog - ok
19:11:45.0750 3756 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:11:45.0875 3756 TapiSrv - ok
19:11:45.0906 3756 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:11:45.0953 3756 Tcpip - ok
19:11:45.0984 3756 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
19:11:46.0109 3756 TDPIPE - ok
19:11:46.0140 3756 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
19:11:46.0265 3756 TDTCP - ok
19:11:46.0281 3756 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
19:11:46.0406 3756 TermDD - ok
19:11:46.0437 3756 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
19:11:46.0562 3756 TermService - ok
19:11:46.0593 3756 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
19:11:46.0625 3756 Themes - ok
19:11:46.0671 3756 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
19:11:46.0734 3756 TlntSvr - ok
19:11:46.0750 3756 TosIde - ok
19:11:46.0765 3756 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
19:11:46.0906 3756 TrkWks - ok
19:11:46.0921 3756 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
19:11:47.0062 3756 Udfs - ok
19:11:47.0078 3756 ultra - ok
19:11:47.0125 3756 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
19:11:47.0250 3756 Update - ok
19:11:47.0281 3756 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
19:11:47.0343 3756 upnphost - ok
19:11:47.0375 3756 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
19:11:47.0468 3756 UPS - ok
19:11:47.0500 3756 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
19:11:47.0640 3756 usbaudio - ok
19:11:47.0671 3756 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:11:47.0796 3756 usbccgp - ok
19:11:47.0812 3756 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:11:47.0968 3756 usbehci - ok
19:11:48.0000 3756 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:11:48.0140 3756 usbhub - ok
19:11:48.0156 3756 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
19:11:48.0281 3756 usbohci - ok
19:11:48.0312 3756 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:11:48.0437 3756 usbprint - ok
19:11:48.0468 3756 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:11:48.0593 3756 usbscan - ok
19:11:48.0609 3756 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:11:48.0750 3756 USBSTOR - ok
19:11:48.0781 3756 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
19:11:48.0890 3756 VgaSave - ok
19:11:48.0906 3756 ViaIde - ok
19:11:48.0937 3756 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
19:11:49.0046 3756 VolSnap - ok
19:11:49.0093 3756 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
19:11:49.0156 3756 VSS - ok
19:11:49.0187 3756 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
19:11:49.0296 3756 W32Time - ok
19:11:49.0328 3756 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:11:49.0484 3756 Wanarp - ok
19:11:49.0500 3756 WDICA - ok
19:11:49.0515 3756 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
19:11:49.0640 3756 wdmaud - ok
19:11:49.0671 3756 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
19:11:49.0812 3756 WebClient - ok
19:11:49.0890 3756 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:11:50.0000 3756 winmgmt - ok
19:11:50.0046 3756 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
19:11:50.0109 3756 WmdmPmSN - ok
19:11:50.0156 3756 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll
19:11:50.0203 3756 Wmi - ok
19:11:50.0234 3756 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:11:50.0359 3756 WmiApSrv - ok
19:11:50.0437 3756 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
19:11:50.0500 3756 WMPNetworkSvc - ok
19:11:50.0531 3756 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
19:11:50.0687 3756 wscsvc - ok
19:11:50.0718 3756 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
19:11:50.0828 3756 wuauserv - ok
19:11:50.0859 3756 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:11:50.0890 3756 WudfPf - ok
19:11:50.0906 3756 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:11:50.0921 3756 WudfRd - ok
19:11:50.0953 3756 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
19:11:50.0984 3756 WudfSvc - ok
19:11:51.0031 3756 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
19:11:51.0156 3756 WZCSVC - ok
19:11:51.0187 3756 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
19:11:51.0343 3756 xmlprov - ok
19:11:51.0343 3756 ================ Scan global ===============================
19:11:51.0390 3756 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
19:11:51.0421 3756 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll
19:11:51.0453 3756 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll
19:11:51.0468 3756 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
19:11:51.0484 3756 [Global] - ok
19:11:51.0484 3756 ================ Scan MBR ==================================
19:11:51.0500 3756 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
19:11:51.0765 3756 \Device\Harddisk0\DR0 - ok
19:11:51.0765 3756 ================ Scan VBR ==================================
19:11:51.0765 3756 [ 3445A8C8431D084588469C67D7F669A3 ] \Device\Harddisk0\DR0\Partition1
19:11:51.0765 3756 \Device\Harddisk0\DR0\Partition1 - ok
19:11:51.0796 3756 [ 55035310B5741D5CBF0F5B8F12A690B6 ] \Device\Harddisk0\DR0\Partition2
19:11:51.0812 3756 \Device\Harddisk0\DR0\Partition2 - ok
19:11:51.0812 3756 ============================================================
19:11:51.0812 3756 Scan finished
19:11:51.0812 3756 ============================================================
19:11:51.0937 2676 Detected object count: 1
19:11:51.0937 2676 Actual detected object count: 1
19:12:01.0093 2676 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
19:12:01.0093 2676 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:12:40.0156 2640 Deinitialize success
 |
|
03.05.2013, 22:51
| #10 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | search.b1.org im Firefox und Explorer für XP Mit aswMBR ging was schief, bitte wiederholen. Und auch tdsskiller musst du noch mal richtig machen denn: Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.05.2013, 00:11
| #11 |
| | search.b1.org im Firefox und Explorer für XP Habe beides nochmal gemacht. Ich finde es wirklich super das es dieses Forum gibt wo einem so geholfen wird!  1. MBR Code:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-05-04 00:53:26
-----------------------------
00:53:26.921 OS Version: Windows 5.1.2600 Service Pack 3
00:53:26.921 Number of processors: 1 586 0xC00
00:53:26.921 ComputerName: MATTHIAS UserName: Matti
00:53:28.609 Initialize success
00:54:12.125 AVAST engine defs: 13050301
00:54:16.187 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005d
00:54:16.203 Disk 0 Vendor: WDC_WD2000BB-55GUA0 08.02D08 Size: 190782MB BusType: 3
00:54:16.312 Disk 0 MBR read successfully
00:54:16.312 Disk 0 MBR scan
00:54:16.375 Disk 0 Windows XP default MBR code
00:54:16.375 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 29996 MB offset 63
00:54:16.375 Disk 0 Partition - 00 0F Extended LBA 160304 MB offset 62412523
00:54:16.390 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 160304 MB offset 62412586
00:54:16.390 Disk 0 scanning sectors +390716865
00:54:16.546 Disk 0 scanning C:\WINDOWS\system32\drivers
00:54:23.921 Service scanning
00:54:45.531 Modules scanning
00:54:55.828 Disk 0 trace - called modules:
00:54:56.343 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll nvatabus.sys
00:54:56.343 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89bd9030]
00:54:56.343 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\0000005f[0x89be0ba0]
00:54:56.359 5 ACPI.sys[b9f7e620] -> nt!IofCallDriver -> \Device\0000005d[0x89c466e8]
00:54:56.468 AVAST engine scan C:\WINDOWS
00:55:02.046 AVAST engine scan C:\WINDOWS\system32
00:57:38.171 AVAST engine scan C:\WINDOWS\system32\drivers
00:57:47.328 AVAST engine scan C:\Dokumente und Einstellungen\Matti
00:59:20.125 AVAST engine scan C:\Dokumente und Einstellungen\All Users
00:59:28.281 Scan finished successfully
00:59:56.468 Disk 0 MBR has been saved successfully to "C:\Dokumente und Einstellungen\Matti\Desktop\MBR.dat"
00:59:56.468 The log file has been saved successfully to "C:\Dokumente und Einstellungen\Matti\Desktop\aswMBR.txt"
Code:
ATTFilter 00:06:29.0406 3452 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
00:06:30.0953 3452 ============================================================
00:06:30.0953 3452 Current date / time: 2013/05/04 00:06:30.0953
00:06:30.0953 3452 SystemInfo:
00:06:30.0953 3452
00:06:30.0953 3452 OS Version: 5.1.2600 ServicePack: 3.0
00:06:30.0953 3452 Product type: Workstation
00:06:30.0953 3452 ComputerName: MATTHIAS
00:06:30.0953 3452 UserName: Matti
00:06:30.0953 3452 Windows directory: C:\WINDOWS
00:06:30.0953 3452 System windows directory: C:\WINDOWS
00:06:30.0953 3452 Processor architecture: Intel x86
00:06:30.0953 3452 Number of processors: 1
00:06:30.0953 3452 Page size: 0x1000
00:06:30.0953 3452 Boot type: Normal boot
00:06:30.0953 3452 ============================================================
00:06:31.0546 3452 Drive \Device\Harddisk0\DR0 - Size: 0x2E93E36000 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
00:06:31.0546 3452 ============================================================
00:06:31.0546 3452 \Device\Harddisk0\DR0:
00:06:31.0546 3452 MBR partitions:
00:06:31.0546 3452 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A962B1
00:06:31.0546 3452 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3B8572A, BlocksNum 0x13918697
00:06:31.0546 3452 ============================================================
00:06:31.0578 3452 D: <-> \Device\Harddisk0\DR0\Partition2
00:06:31.0609 3452 C: <-> \Device\Harddisk0\DR0\Partition1
00:06:31.0625 3452 ============================================================
00:06:31.0625 3452 Initialize success
00:06:31.0625 3452 ============================================================
00:07:09.0921 1976 ============================================================
00:07:09.0921 1976 Scan started
00:07:09.0921 1976 Mode: Manual; SigCheck; TDLFS;
00:07:09.0921 1976 ============================================================
00:07:10.0046 1976 ================ Scan system memory ========================
00:07:10.0046 1976 System memory - ok
00:07:10.0062 1976 ================ Scan services =============================
00:07:10.0156 1976 Abiosdsk - ok
00:07:10.0171 1976 abp480n5 - ok
00:07:10.0265 1976 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe
00:07:10.0437 1976 ACDaemon - ok
00:07:10.0468 1976 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
00:07:10.0843 1976 ACPI - ok
00:07:10.0875 1976 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
00:07:11.0000 1976 ACPIEC - ok
00:07:11.0015 1976 adpu160m - ok
00:07:11.0046 1976 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
00:07:11.0171 1976 aec - ok
00:07:11.0203 1976 [ FE3EA6E9AFC1A78E6EDCA121E006AFB7 ] Afc C:\WINDOWS\system32\drivers\Afc.sys
00:07:11.0218 1976 Afc - ok
00:07:11.0265 1976 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
00:07:11.0328 1976 AFD - ok
00:07:11.0343 1976 Aha154x - ok
00:07:11.0359 1976 aic78u2 - ok
00:07:11.0359 1976 aic78xx - ok
00:07:11.0390 1976 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
00:07:11.0531 1976 Alerter - ok
00:07:11.0562 1976 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
00:07:11.0625 1976 ALG - ok
00:07:11.0625 1976 AliIde - ok
00:07:11.0640 1976 amsint - ok
00:07:11.0656 1976 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
00:07:11.0734 1976 AppMgmt - ok
00:07:11.0750 1976 asc - ok
00:07:11.0750 1976 asc3350p - ok
00:07:11.0765 1976 asc3550 - ok
00:07:11.0828 1976 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
00:07:11.0875 1976 aspnet_state - ok
00:07:11.0906 1976 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
00:07:12.0031 1976 AsyncMac - ok
00:07:12.0078 1976 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
00:07:12.0218 1976 atapi - ok
00:07:12.0234 1976 Atdisk - ok
00:07:12.0250 1976 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
00:07:12.0390 1976 Atmarpc - ok
00:07:12.0421 1976 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
00:07:12.0578 1976 AudioSrv - ok
00:07:12.0609 1976 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
00:07:12.0750 1976 audstub - ok
00:07:12.0890 1976 [ A1ADE0E06E057E3E7C3C931413AD9665 ] AVKProxy C:\Programme\Gemeinsame Dateien\G Data\AVKProxy\AVKProxy.exe
00:07:13.0031 1976 AVKProxy - ok
00:07:13.0171 1976 [ 68F93849B4197243E8454E704B063F9B ] AVKService D:\Programme\G Data\InternetSecurity\AVK\AVKService.exe
00:07:13.0218 1976 AVKService - ok
00:07:13.0328 1976 [ 0D82622BF14D167EAA26DDF69F81B187 ] AVKWCtl D:\Programme\G Data\InternetSecurity\AVK\AVKWCtl.exe
00:07:13.0484 1976 AVKWCtl - ok
00:07:13.0531 1976 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
00:07:13.0656 1976 Beep - ok
00:07:13.0718 1976 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
00:07:13.0875 1976 BITS - ok
00:07:13.0906 1976 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
00:07:13.0968 1976 Browser - ok
00:07:14.0000 1976 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
00:07:14.0140 1976 cbidf2k - ok
00:07:14.0156 1976 cd20xrnt - ok
00:07:14.0187 1976 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
00:07:14.0328 1976 Cdaudio - ok
00:07:14.0359 1976 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
00:07:14.0500 1976 Cdfs - ok
00:07:14.0531 1976 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
00:07:14.0671 1976 Cdrom - ok
00:07:14.0687 1976 Changer - ok
00:07:14.0718 1976 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
00:07:14.0859 1976 CiSvc - ok
00:07:14.0859 1976 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
00:07:15.0015 1976 ClipSrv - ok
00:07:15.0046 1976 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:07:15.0156 1976 clr_optimization_v2.0.50727_32 - ok
00:07:15.0171 1976 CmdIde - ok
00:07:15.0187 1976 COMSysApp - ok
00:07:15.0203 1976 Cpqarray - ok
00:07:15.0234 1976 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
00:07:15.0406 1976 CryptSvc - ok
00:07:15.0406 1976 dac2w2k - ok
00:07:15.0421 1976 dac960nt - ok
00:07:15.0468 1976 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
00:07:15.0531 1976 DcomLaunch - ok
00:07:15.0562 1976 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
00:07:15.0765 1976 Dhcp - ok
00:07:15.0781 1976 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
00:07:15.0953 1976 Disk - ok
00:07:15.0953 1976 dmadmin - ok
00:07:16.0015 1976 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
00:07:16.0218 1976 dmboot - ok
00:07:16.0250 1976 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
00:07:16.0390 1976 dmio - ok
00:07:16.0406 1976 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
00:07:16.0546 1976 dmload - ok
00:07:16.0578 1976 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
00:07:16.0765 1976 dmserver - ok
00:07:16.0781 1976 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
00:07:16.0937 1976 DMusic - ok
00:07:16.0968 1976 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
00:07:17.0031 1976 Dnscache - ok
00:07:17.0062 1976 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
00:07:17.0281 1976 Dot3svc - ok
00:07:17.0281 1976 dpti2o - ok
00:07:17.0312 1976 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
00:07:17.0453 1976 drmkaud - ok
00:07:17.0468 1976 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
00:07:17.0625 1976 EapHost - ok
00:07:17.0640 1976 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
00:07:17.0781 1976 ERSvc - ok
00:07:17.0828 1976 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
00:07:17.0843 1976 Eventlog - ok
00:07:17.0890 1976 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
00:07:17.0937 1976 EventSystem - ok
00:07:17.0984 1976 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
00:07:18.0125 1976 Fastfat - ok
00:07:18.0171 1976 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
00:07:18.0234 1976 FastUserSwitchingCompatibility - ok
00:07:18.0281 1976 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
00:07:18.0453 1976 Fdc - ok
00:07:18.0500 1976 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
00:07:18.0656 1976 Fips - ok
00:07:18.0656 1976 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
00:07:18.0812 1976 Flpydisk - ok
00:07:18.0843 1976 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
00:07:19.0000 1976 FltMgr - ok
00:07:19.0031 1976 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
00:07:19.0062 1976 FontCache3.0.0.0 - ok
00:07:19.0062 1976 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
00:07:19.0203 1976 Fs_Rec - ok
00:07:19.0234 1976 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
00:07:19.0390 1976 Ftdisk - ok
00:07:19.0421 1976 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
00:07:19.0546 1976 gameenum - ok
00:07:19.0578 1976 [ 526A010B5E76B905EC34C0EBC2C3196C ] GDBehave C:\WINDOWS\system32\drivers\GDBehave.sys
00:07:19.0593 1976 GDBehave - ok
00:07:19.0859 1976 [ 803A7B7A4CE932582AE39EF3247BF57D ] GDFwSvc D:\Programme\G Data\InternetSecurity\Firewall\GDFwSvc.exe
00:07:20.0078 1976 GDFwSvc - ok
00:07:20.0125 1976 [ D884D6BFC75275155B25EE972CEF363A ] GDMnIcpt C:\WINDOWS\system32\drivers\MiniIcpt.sys
00:07:20.0140 1976 GDMnIcpt - ok
00:07:20.0156 1976 [ 6602BA0A961B02BE6980A0740737A897 ] GDNdisIc C:\WINDOWS\system32\drivers\GDNdisIc.sys
00:07:20.0171 1976 GDNdisIc - ok
00:07:20.0234 1976 [ 110C6DC36EA9F5DA664A584756B1B297 ] GDScan C:\Programme\Gemeinsame Dateien\G Data\GDScan\GDScan.exe
00:07:20.0296 1976 GDScan - ok
00:07:20.0312 1976 [ 322841D5AFB433B2F7F8BD40453FD258 ] GDTdiInterceptor C:\WINDOWS\system32\drivers\GDTdiIcpt.sys
00:07:20.0343 1976 GDTdiInterceptor - ok
00:07:20.0359 1976 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
00:07:20.0500 1976 Gpc - ok
00:07:20.0531 1976 [ DD3227F9780B435F4CF2BC87C48317A2 ] GRD C:\WINDOWS\system32\drivers\GRD.sys
00:07:20.0562 1976 GRD - ok
00:07:20.0625 1976 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
00:07:20.0703 1976 gupdate - ok
00:07:20.0718 1976 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
00:07:20.0734 1976 gupdatem - ok
00:07:20.0781 1976 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
00:07:20.0937 1976 helpsvc - ok
00:07:20.0953 1976 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll
00:07:21.0093 1976 HidServ - ok
00:07:21.0125 1976 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
00:07:21.0265 1976 hidusb - ok
00:07:21.0296 1976 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
00:07:21.0437 1976 hkmsvc - ok
00:07:21.0468 1976 [ A278501DEBE8FCACCF87D6BC56B93009 ] HookCentre C:\WINDOWS\system32\drivers\HookCentre.sys
00:07:21.0484 1976 HookCentre - ok
00:07:21.0500 1976 hpn - ok
00:07:21.0546 1976 [ 5FABA4775D4C61E55EC669D643FFC71F ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
00:07:21.0625 1976 HPZid412 - ok
00:07:21.0625 1976 [ A3C43980EE1F1BEAC778B44EA65DBDD4 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
00:07:21.0734 1976 HPZipr12 - ok
00:07:21.0765 1976 [ 2906949BD4E206F2BB0DD1896CE9F66F ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
00:07:21.0843 1976 HPZius12 - ok
00:07:21.0875 1976 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
00:07:21.0921 1976 HTTP - ok
00:07:21.0953 1976 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
00:07:22.0093 1976 HTTPFilter - ok
00:07:22.0093 1976 i2omgmt - ok
00:07:22.0109 1976 i2omp - ok
00:07:22.0125 1976 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\drivers\i8042prt.sys
00:07:22.0296 1976 i8042prt - ok
00:07:22.0375 1976 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:07:22.0500 1976 idsvc - ok
00:07:22.0531 1976 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
00:07:22.0656 1976 Imapi - ok
00:07:22.0703 1976 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
00:07:22.0843 1976 ImapiService - ok
00:07:22.0843 1976 ini910u - ok
00:07:22.0859 1976 IntelIde - ok
00:07:22.0890 1976 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
00:07:23.0031 1976 Ip6Fw - ok
00:07:23.0046 1976 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
00:07:23.0187 1976 IpFilterDriver - ok
00:07:23.0203 1976 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
00:07:23.0328 1976 IpInIp - ok
00:07:23.0359 1976 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
00:07:23.0515 1976 IpNat - ok
00:07:23.0531 1976 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
00:07:23.0671 1976 IPSec - ok
00:07:23.0703 1976 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys
00:07:23.0765 1976 irda - ok
00:07:23.0796 1976 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
00:07:23.0843 1976 IRENUM - ok
00:07:23.0859 1976 [ 2EFE1DB1EC58A26B0C14BFDA122E246F ] Irmon C:\WINDOWS\System32\irmon.dll
00:07:23.0921 1976 Irmon - ok
00:07:23.0953 1976 [ 0501F0B9AB08425F8C0EACBDCC04AA32 ] irsir C:\WINDOWS\system32\DRIVERS\irsir.sys
00:07:24.0000 1976 irsir - ok
00:07:24.0015 1976 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
00:07:24.0171 1976 isapnp - ok
00:07:24.0312 1976 [ 5739F2821D49975CEDE6BF0153D0CF01 ] JavaQuickStarterService D:\Programme\Java\jre 7\bin\jqs.exe
00:07:24.0343 1976 JavaQuickStarterService - ok
00:07:24.0375 1976 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
00:07:24.0515 1976 Kbdclass - ok
00:07:24.0531 1976 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
00:07:24.0687 1976 kbdhid - ok
00:07:24.0703 1976 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
00:07:24.0859 1976 kmixer - ok
00:07:24.0890 1976 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
00:07:24.0937 1976 KSecDD - ok
00:07:24.0968 1976 [ 2BBDCB79900990F0716DFCB714E72DE7 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
00:07:25.0015 1976 LanmanServer - ok
00:07:25.0046 1976 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
00:07:25.0093 1976 lanmanworkstation - ok
00:07:25.0109 1976 lbrtfdc - ok
00:07:25.0140 1976 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
00:07:25.0296 1976 LmHosts - ok
00:07:25.0359 1976 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
00:07:25.0562 1976 Messenger - ok
00:07:25.0593 1976 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
00:07:25.0734 1976 mnmdd - ok
00:07:25.0765 1976 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
00:07:25.0921 1976 mnmsrvc - ok
00:07:25.0937 1976 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
00:07:26.0078 1976 Modem - ok
00:07:26.0109 1976 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
00:07:26.0250 1976 Mouclass - ok
00:07:26.0281 1976 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
00:07:26.0421 1976 mouhid - ok
00:07:26.0437 1976 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
00:07:26.0593 1976 MountMgr - ok
00:07:26.0640 1976 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
00:07:26.0750 1976 MozillaMaintenance - ok
00:07:26.0765 1976 mraid35x - ok
00:07:26.0781 1976 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
00:07:26.0921 1976 MRxDAV - ok
00:07:26.0968 1976 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
00:07:27.0046 1976 MRxSmb - ok
00:07:27.0062 1976 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
00:07:27.0203 1976 MSDTC - ok
00:07:27.0234 1976 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
00:07:27.0390 1976 Msfs - ok
00:07:27.0390 1976 MSIServer - ok
00:07:27.0406 1976 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
00:07:27.0546 1976 MSKSSRV - ok
00:07:27.0546 1976 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
00:07:27.0687 1976 MSPCLOCK - ok
00:07:27.0703 1976 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
00:07:27.0828 1976 MSPQM - ok
00:07:27.0875 1976 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
00:07:28.0000 1976 mssmbios - ok
00:07:28.0015 1976 [ CA3E22598F411199ADC2DFEE76CD0AE0 ] ms_mpu401 C:\WINDOWS\system32\drivers\msmpu401.sys
00:07:28.0140 1976 ms_mpu401 - ok
00:07:28.0171 1976 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
00:07:28.0203 1976 Mup - ok
00:07:28.0234 1976 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
00:07:28.0390 1976 napagent - ok
00:07:28.0421 1976 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
00:07:28.0546 1976 NDIS - ok
00:07:28.0578 1976 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
00:07:28.0625 1976 NdisTapi - ok
00:07:28.0671 1976 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
00:07:28.0828 1976 Ndisuio - ok
00:07:28.0859 1976 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
00:07:29.0000 1976 NdisWan - ok
00:07:29.0031 1976 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
00:07:29.0078 1976 NDProxy - ok
00:07:29.0093 1976 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
00:07:29.0234 1976 NetBIOS - ok
00:07:29.0265 1976 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
00:07:29.0390 1976 NetBT - ok
00:07:29.0421 1976 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
00:07:29.0562 1976 NetDDE - ok
00:07:29.0578 1976 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
00:07:29.0703 1976 NetDDEdsdm - ok
00:07:29.0718 1976 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
00:07:29.0859 1976 Netlogon - ok
00:07:29.0890 1976 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
00:07:30.0046 1976 Netman - ok
00:07:30.0078 1976 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:07:30.0093 1976 NetTcpPortSharing - ok
00:07:30.0125 1976 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
00:07:30.0156 1976 Nla - ok
00:07:30.0171 1976 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
00:07:30.0312 1976 Npfs - ok
00:07:30.0375 1976 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
00:07:30.0531 1976 Ntfs - ok
00:07:30.0546 1976 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
00:07:30.0687 1976 NtLmSsp - ok
00:07:30.0734 1976 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
00:07:30.0890 1976 NtmsSvc - ok
00:07:30.0906 1976 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
00:07:31.0046 1976 Null - ok
00:07:31.0359 1976 [ 8E72E452B9CC1E455D19E3C9FA964D37 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
00:07:31.0953 1976 nv - ok
00:07:31.0984 1976 [ 46DEED4C6C5FA765F9A2C723BE60348D ] nvatabus C:\WINDOWS\system32\DRIVERS\nvatabus.sys
00:07:32.0031 1976 nvatabus - ok
00:07:32.0062 1976 [ A545DF28F75BCB109A3AADBB07552B12 ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
00:07:32.0093 1976 NVENETFD - ok
00:07:32.0125 1976 [ EA41F641420F3D8271804D287C1EF461 ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
00:07:32.0156 1976 nvnetbus - ok
00:07:32.0203 1976 [ 934833B3CD462A6F8A96F64D024C8B20 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
00:07:32.0234 1976 NVSvc - ok
00:07:32.0265 1976 [ 3194E2F6C9000C39DCF9D0580754F714 ] nv_agp C:\WINDOWS\system32\DRIVERS\nv_agp.sys
00:07:32.0296 1976 nv_agp - ok
00:07:32.0343 1976 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
00:07:32.0500 1976 NwlnkFlt - ok
00:07:32.0500 1976 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
00:07:32.0687 1976 NwlnkFwd - ok
00:07:32.0703 1976 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
00:07:32.0859 1976 Parport - ok
00:07:32.0890 1976 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
00:07:33.0062 1976 PartMgr - ok
00:07:33.0093 1976 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
00:07:33.0234 1976 ParVdm - ok
00:07:33.0250 1976 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
00:07:33.0421 1976 PCI - ok
00:07:33.0421 1976 PCIDump - ok
00:07:33.0437 1976 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
00:07:33.0593 1976 PCIIde - ok
00:07:33.0625 1976 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
00:07:33.0765 1976 Pcmcia - ok
00:07:33.0781 1976 PDCOMP - ok
00:07:33.0781 1976 PDFRAME - ok
00:07:33.0796 1976 PDRELI - ok
00:07:33.0796 1976 PDRFRAME - ok
00:07:33.0812 1976 perc2 - ok
00:07:33.0828 1976 perc2hib - ok
00:07:33.0859 1976 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
00:07:33.0875 1976 PlugPlay - ok
00:07:33.0921 1976 [ 901C43516504CBE582E4C4193E00876A ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
00:07:33.0937 1976 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
00:07:33.0937 1976 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
00:07:33.0968 1976 [ 3A2BDD76E7D2A5F40A7174793D1BA794 ] PnkBstrA C:\WINDOWS\system32\PnkBstrA.exe
00:07:33.0984 1976 PnkBstrA - ok
00:07:34.0000 1976 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
00:07:34.0125 1976 PolicyAgent - ok
00:07:34.0140 1976 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
00:07:34.0312 1976 PptpMiniport - ok
00:07:34.0343 1976 [ 2CB55427C58679F49AD600FCCBA76360 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
00:07:34.0500 1976 Processor - ok
00:07:34.0515 1976 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
00:07:34.0671 1976 ProtectedStorage - ok
00:07:34.0703 1976 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
00:07:34.0828 1976 PSched - ok
00:07:34.0843 1976 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
00:07:35.0000 1976 Ptilink - ok
00:07:35.0015 1976 ql1080 - ok
00:07:35.0015 1976 Ql10wnt - ok
00:07:35.0031 1976 ql12160 - ok
00:07:35.0031 1976 ql1240 - ok
00:07:35.0046 1976 ql1280 - ok
00:07:35.0062 1976 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
00:07:35.0234 1976 RasAcd - ok
00:07:35.0265 1976 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
00:07:35.0453 1976 RasAuto - ok
00:07:35.0484 1976 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys
00:07:35.0562 1976 Rasirda - ok
00:07:35.0578 1976 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
00:07:35.0734 1976 Rasl2tp - ok
00:07:35.0765 1976 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
00:07:35.0921 1976 RasMan - ok
00:07:35.0937 1976 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
00:07:36.0062 1976 RasPppoe - ok
00:07:36.0062 1976 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
00:07:36.0203 1976 Raspti - ok
00:07:36.0234 1976 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
00:07:36.0375 1976 Rdbss - ok
00:07:36.0390 1976 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
00:07:36.0531 1976 RDPCDD - ok
00:07:36.0562 1976 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
00:07:36.0687 1976 rdpdr - ok
00:07:36.0718 1976 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
00:07:37.0703 1976 RDPWD - ok
00:07:37.0734 1976 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
00:07:37.0875 1976 RDSessMgr - ok
00:07:37.0890 1976 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
00:07:38.0031 1976 redbook - ok
00:07:38.0062 1976 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
00:07:38.0203 1976 RemoteAccess - ok
00:07:38.0218 1976 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
00:07:38.0359 1976 RemoteRegistry - ok
00:07:38.0375 1976 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
00:07:38.0531 1976 RpcLocator - ok
00:07:38.0562 1976 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll
00:07:38.0593 1976 RpcSs - ok
00:07:38.0640 1976 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
00:07:38.0781 1976 RSVP - ok
00:07:38.0796 1976 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
00:07:38.0921 1976 SamSs - ok
00:07:38.0953 1976 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
00:07:39.0093 1976 SCardSvr - ok
00:07:39.0125 1976 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
00:07:39.0281 1976 Schedule - ok
00:07:39.0296 1976 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
00:07:39.0359 1976 Secdrv - ok
00:07:39.0390 1976 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
00:07:39.0531 1976 seclogon - ok
00:07:39.0546 1976 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
00:07:39.0687 1976 SENS - ok
00:07:39.0703 1976 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
00:07:39.0859 1976 serenum - ok
00:07:39.0875 1976 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
00:07:40.0015 1976 Serial - ok
00:07:40.0031 1976 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
00:07:40.0187 1976 Sfloppy - ok
00:07:40.0234 1976 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
00:07:40.0687 1976 SharedAccess - ok
00:07:40.0718 1976 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
00:07:40.0734 1976 ShellHWDetection - ok
00:07:40.0750 1976 Simbad - ok
00:07:40.0750 1976 Sparrow - ok
00:07:40.0765 1976 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
00:07:40.0921 1976 splitter - ok
00:07:40.0953 1976 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
00:07:40.0968 1976 Spooler - ok
00:07:41.0000 1976 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
00:07:41.0046 1976 sr - ok
00:07:41.0078 1976 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
00:07:41.0359 1976 srservice - ok
00:07:41.0390 1976 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
00:07:41.0500 1976 Srv - ok
00:07:41.0531 1976 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
00:07:41.0640 1976 SSDPSRV - ok
00:07:41.0687 1976 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
00:07:41.0890 1976 stisvc - ok
00:07:41.0906 1976 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
00:07:42.0062 1976 swenum - ok
00:07:42.0078 1976 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
00:07:42.0203 1976 swmidi - ok
00:07:42.0218 1976 SwPrv - ok
00:07:42.0218 1976 symc810 - ok
00:07:42.0234 1976 symc8xx - ok
00:07:42.0250 1976 sym_hi - ok
00:07:42.0250 1976 sym_u3 - ok
00:07:42.0281 1976 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
00:07:42.0421 1976 sysaudio - ok
00:07:42.0453 1976 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
00:07:42.0578 1976 SysmonLog - ok
00:07:42.0609 1976 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
00:07:42.0765 1976 TapiSrv - ok
00:07:42.0812 1976 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
00:07:42.0875 1976 Tcpip - ok
00:07:42.0906 1976 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
00:07:43.0062 1976 TDPIPE - ok
00:07:43.0062 1976 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
00:07:43.0234 1976 TDTCP - ok
00:07:43.0250 1976 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
00:07:43.0390 1976 TermDD - ok
00:07:43.0437 1976 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
00:07:43.0578 1976 TermService - ok
00:07:43.0593 1976 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
00:07:43.0656 1976 Themes - ok
00:07:43.0734 1976 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
00:07:43.0796 1976 TlntSvr - ok
00:07:43.0812 1976 TosIde - ok
00:07:43.0843 1976 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
00:07:44.0000 1976 TrkWks - ok
00:07:44.0031 1976 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
00:07:44.0171 1976 Udfs - ok
00:07:44.0187 1976 ultra - ok
00:07:44.0218 1976 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
00:07:44.0390 1976 Update - ok
00:07:44.0421 1976 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
00:07:44.0515 1976 upnphost - ok
00:07:44.0546 1976 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
00:07:44.0656 1976 UPS - ok
00:07:44.0687 1976 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
00:07:44.0859 1976 usbaudio - ok
00:07:44.0890 1976 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
00:07:45.0046 1976 usbccgp - ok
00:07:45.0062 1976 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
00:07:45.0203 1976 usbehci - ok
00:07:45.0234 1976 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
00:07:45.0390 1976 usbhub - ok
00:07:45.0406 1976 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
00:07:45.0546 1976 usbohci - ok
00:07:45.0578 1976 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
00:07:45.0718 1976 usbprint - ok
00:07:45.0750 1976 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
00:07:45.0875 1976 usbscan - ok
00:07:45.0921 1976 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
00:07:46.0062 1976 USBSTOR - ok
00:07:46.0093 1976 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
00:07:46.0218 1976 VgaSave - ok
00:07:46.0234 1976 ViaIde - ok
00:07:46.0250 1976 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
00:07:46.0375 1976 VolSnap - ok
00:07:46.0421 1976 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
00:07:46.0500 1976 VSS - ok
00:07:46.0531 1976 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
00:07:46.0656 1976 W32Time - ok
00:07:46.0687 1976 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
00:07:46.0843 1976 Wanarp - ok
00:07:46.0859 1976 WDICA - ok
00:07:46.0890 1976 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
00:07:47.0015 1976 wdmaud - ok
00:07:47.0046 1976 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
00:07:47.0171 1976 WebClient - ok
00:07:47.0234 1976 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
00:07:47.0375 1976 winmgmt - ok
00:07:47.0406 1976 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
00:07:47.0453 1976 WmdmPmSN - ok
00:07:47.0515 1976 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll
00:07:47.0546 1976 Wmi - ok
00:07:47.0593 1976 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
00:07:47.0750 1976 WmiApSrv - ok
00:07:47.0859 1976 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
00:07:47.0953 1976 WMPNetworkSvc - ok
00:07:47.0984 1976 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
00:07:48.0140 1976 wscsvc - ok
00:07:48.0156 1976 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
00:07:48.0296 1976 wuauserv - ok
00:07:48.0343 1976 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
00:07:48.0390 1976 WudfPf - ok
00:07:48.0421 1976 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
00:07:48.0453 1976 WudfRd - ok
00:07:48.0468 1976 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
00:07:48.0500 1976 WudfSvc - ok
00:07:48.0546 1976 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
00:07:48.0718 1976 WZCSVC - ok
00:07:48.0750 1976 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
00:07:48.0906 1976 xmlprov - ok
00:07:48.0906 1976 ================ Scan global ===============================
00:07:48.0937 1976 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
00:07:48.0984 1976 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll
00:07:49.0031 1976 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll
00:07:49.0046 1976 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
00:07:49.0046 1976 [Global] - ok
00:07:49.0046 1976 ================ Scan MBR ==================================
00:07:49.0062 1976 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
00:07:49.0328 1976 \Device\Harddisk0\DR0 - ok
00:07:49.0343 1976 ================ Scan VBR ==================================
00:07:49.0343 1976 [ 3445A8C8431D084588469C67D7F669A3 ] \Device\Harddisk0\DR0\Partition1
00:07:49.0343 1976 \Device\Harddisk0\DR0\Partition1 - ok
00:07:49.0359 1976 [ 55035310B5741D5CBF0F5B8F12A690B6 ] \Device\Harddisk0\DR0\Partition2
00:07:49.0359 1976 \Device\Harddisk0\DR0\Partition2 - ok
00:07:49.0359 1976 ============================================================
00:07:49.0359 1976 Scan finished
00:07:49.0359 1976 ============================================================
00:07:49.0468 2152 Detected object count: 1
00:07:49.0468 2152 Actual detected object count: 1
00:09:17.0359 2152 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
00:09:17.0359 2152 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:09:54.0531 2864 Deinitialize success
 |
|
04.05.2013, 00:54
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | search.b1.org im Firefox und Explorer für XP JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Im Anschluss: adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.05.2013, 23:34
| #13 |
| | search.b1.org im Firefox und Explorer für XP JRT Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.3 (04.29.2013:2)
OS: Microsoft Windows XP x86
Ran by Matti on 04.05.2013 at 22:22:30,57
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Page
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\datamngr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\datamngr
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\datamngr_toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\searchqumediabartb
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\searchqutoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\browserconnection.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\dnsbho.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\browserconnection.loader
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\browserconnection.loader.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnsbho.bho
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnsbho.bho.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\searchquiehelper.dnsguard
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\searchquiehelper.dnsguard.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\b1toolbar"
Successfully deleted: [Folder] "C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\searchquband"
Successfully deleted: [Folder] "C:\Dokumente und Einstellungen\Matti\appdata\locallow\datamngr"
~~~ FireFox
Successfully deleted: [File] "C:\Programme\Mozilla Firefox\searchplugins\search_results.xml"
Successfully deleted: [File] C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\mozilla\firefox\profiles\p16naaqc.default\invalidprefs.js
Successfully deleted: [File] C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\mozilla\firefox\profiles\p16naaqc.default\searchplugins\search_results.xml
Successfully deleted: [File] C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\mozilla\firefox\profiles\p16naaqc.default\searchplugins\sweetim.xml
Successfully deleted: [Folder] C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\mozilla\firefox\profiles\p16naaqc.default\searchqutoolbar
Successfully deleted: [Folder] C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\mozilla\firefox\profiles\p16naaqc.default\extensions\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Successfully deleted the following from C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\mozilla\firefox\profiles\p16naaqc.default\prefs.js
user_pref("browser.search.defaultenginename", "Search Results");
user_pref("browser.search.order.1", "Search Results");
user_pref("browser.search.selectedEngine", "Search Results");
user_pref("keyword.URL", "hxxp://dts.search-results.com/sr?src=ffb&appid=161&systemid=406&sr=0&q=");
Emptied folder: C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\mozilla\firefox\profiles\p16naaqc.default\minidumps [1 files]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.05.2013 at 22:30:17,67
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter # AdwCleaner v2.300 - Datei am 04/05/2013 um 22:31:47 erstellt
# Aktualisiert am 28/04/2013 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : Matti - MATTHIAS
# Bootmodus : Normal
# Ausgeführt unter : C:\Dokumente und Einstellungen\Matti\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\Mozilla\Firefox\Profiles\p16naaqc.default\searchplugins\11-suche.xml
Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\boost_interprocess
Ordner Gelöscht : C:\Programme\Moozy
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SweetIM
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v20.0.1 (de)
Datei : C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\Mozilla\Firefox\Profiles\p16naaqc.default\prefs.js
[OK] Die Datei ist sauber.
-\\ Opera v [Version kann nicht ermittelt werden]
Datei : C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\Opera\Opera\operaprefs.ini
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [3016 octets] - [04/05/2013 22:31:47]
########## EOF - C:\AdwCleaner[S1].txt - [3076 octets] ##########
Code:
ATTFilter OTL logfile created on: 04.05.2013 22:45:09 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Matti\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,47 Gb Available Physical Memory | 73,30% Memory free 3,85 Gb Paging File | 3,23 Gb Available in Paging File | 84,04% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 29,29 Gb Total Space | 14,82 Gb Free Space | 50,59% Space Free | Partition Type: NTFS Drive D: | 156,55 Gb Total Space | 119,08 Gb Free Space | 76,07% Space Free | Partition Type: NTFS Computer Name: MATTHIAS | User Name: Matti | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Dokumente und Einstellungen\Matti\Desktop\OTL.exe (OldTimer Tools) PRC - D:\Programme\Java\jre 7\bin\jqs.exe (Oracle Corporation) PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Oracle Corporation) PRC - D:\Programme\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG) PRC - D:\Programme\G Data\InternetSecurity\AVK\AVKWCtl.exe (G Data Software AG) PRC - D:\Programme\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG) PRC - D:\Programme\G Data\InternetSecurity\Firewall\GDFwSvc.exe (G Data Software AG) PRC - C:\Programme\Gemeinsame Dateien\G Data\AVKProxy\AVKProxy.exe (G Data Software AG) PRC - D:\Programme\G Data\InternetSecurity\AVK\AVKService.exe (G Data Software AG) PRC - C:\Programme\Gemeinsame Dateien\G Data\GDScan\GDScan.exe (G Data Software AG) PRC - C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) PRC - C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ArcCon.ac (ArcSoft Inc.) PRC - C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) ========== Modules (No Company Name) ========== MOD - C:\Programme\Gemeinsame Dateien\G Data\AVKScanP\Avast5\defs\13050101\algo.dll () ========== Services (SafeList) ========== SRV - (JavaQuickStarterService) -- D:\Programme\Java\jre 7\bin\jqs.exe (Oracle Corporation) SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AVKWCtl) -- D:\Programme\G Data\InternetSecurity\AVK\AVKWCtl.exe (G Data Software AG) SRV - (GDFwSvc) -- D:\Programme\G Data\InternetSecurity\Firewall\GDFwSvc.exe (G Data Software AG) SRV - (AVKProxy) -- C:\Programme\Gemeinsame Dateien\G Data\AVKProxy\AVKProxy.exe (G Data Software AG) SRV - (AVKService) -- D:\Programme\G Data\InternetSecurity\AVK\AVKService.exe (G Data Software AG) SRV - (GDScan) -- C:\Programme\Gemeinsame Dateien\G Data\GDScan\GDScan.exe (G Data Software AG) SRV - (ACDaemon) -- C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP) ========== Driver Services (SafeList) ========== DRV - (WDICA) -- File not found DRV - (PDRFRAME) -- File not found DRV - (PDRELI) -- File not found DRV - (PDFRAME) -- File not found DRV - (PDCOMP) -- File not found DRV - (PCIDump) -- File not found DRV - (lbrtfdc) -- File not found DRV - (i2omgmt) -- File not found DRV - (Changer) -- File not found DRV - (HookCentre) -- C:\WINDOWS\system32\drivers\HookCentre.sys (G Data Software AG) DRV - (GDTdiInterceptor) -- C:\WINDOWS\system32\drivers\GDTdiIcpt.sys (G Data Software AG) DRV - (GDMnIcpt) -- C:\WINDOWS\system32\drivers\MiniIcpt.sys (G Data Software AG) DRV - (GDBehave) -- C:\WINDOWS\system32\drivers\GDBehave.sys (G Data Software AG) DRV - (GRD) -- C:\WINDOWS\system32\drivers\GRD.sys (G Data Software) DRV - (GDNdisIc) -- C:\WINDOWS\system32\drivers\GDNdisIc.sys (G Data Software AG) DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation) DRV - (Afc) -- C:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.) DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation) DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation) DRV - (nvatabus) -- C:\WINDOWS\system32\drivers\nvatabus.sys (NVIDIA Corporation) DRV - (nv_agp) -- C:\WINDOWS\system32\drivers\nv_agp.SYS (NVIDIA Corporation) DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation) DRV - (irsir) -- C:\WINDOWS\system32\drivers\irsir.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-73586283-1757981266-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKU\S-1-5-21-73586283-1757981266-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/ IE - HKU\S-1-5-21-73586283-1757981266-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Before = hxxp://www.google.de/ IE - HKU\S-1-5-21-73586283-1757981266-682003330-1003\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-73586283-1757981266-682003330-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-73586283-1757981266-682003330-1003\..\SearchScopes\{1A1653E4-A5CB-4A09-8B31-D4DE7FC796BF}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_deDE482 IE - HKU\S-1-5-21-73586283-1757981266-682003330-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-73586283-1757981266-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledAddons: battlefieldheroespatcher%40ea.com:5.0.140.0 FF - prefs.js..extensions.enabledAddons: personas%40christopher.beard:1.7.2.1 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: D:\Programme\Java\jre 7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Dokumente und Einstellungen\Matti\Lokale Einstellungen\Anwendungsdaten\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013.04.12 18:29:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.09.27 21:44:18 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\Mozilla\Extensions [2013.05.04 22:29:39 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\Mozilla\Firefox\Profiles\p16naaqc.default\extensions [2012.05.18 15:55:30 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\Mozilla\Firefox\Profiles\p16naaqc.default\extensions\battlefieldheroespatcher@ea.com [2013.04.28 15:00:54 | 000,346,768 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\Mozilla\Firefox\Profiles\p16naaqc.default\extensions\personas@christopher.beard.xpi [2013.02.14 21:41:44 | 000,817,280 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\Mozilla\Firefox\Profiles\p16naaqc.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011.12.31 00:10:37 | 000,002,419 | ---- | M] () -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\Mozilla\Firefox\Profiles\p16naaqc.default\searchplugins\englische-ergebnisse.xml [2011.12.31 00:10:36 | 000,010,525 | ---- | M] () -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\Mozilla\Firefox\Profiles\p16naaqc.default\searchplugins\gmx-suche.xml [2011.12.31 00:10:37 | 000,002,457 | ---- | M] () -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\Mozilla\Firefox\Profiles\p16naaqc.default\searchplugins\lastminute.xml [2011.12.31 00:10:36 | 000,005,508 | ---- | M] () -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\Mozilla\Firefox\Profiles\p16naaqc.default\searchplugins\webde-suche.xml [2013.04.12 18:29:13 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2013.04.12 18:29:11 | 000,000,000 | ---D | M] (G Data BankGuard) -- C:\Programme\Mozilla Firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad} [2013.04.12 18:29:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013.04.12 18:29:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013.04.12 18:29:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2013.04.12 18:29:57 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll [2012.06.17 12:24:12 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.08.29 23:13:03 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml [2012.06.17 12:24:12 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2012.06.17 12:24:12 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2012.06.17 12:24:12 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2012.06.17 12:24:12 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2008.04.14 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Programme\Java\jre 7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Programme\Gemeinsame Dateien\G Data\AVKProxy\BanksafeBHO.dll (G Data Software AG) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Programme\Java\jre 7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKU\S-1-5-21-73586283-1757981266-682003330-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) O4 - HKLM..\Run: [G Data AntiVirus Tray Application] D:\Programme\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG) O4 - HKLM..\Run: [GDFirewallTray] D:\Programme\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Oracle Corporation) O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-73586283-1757981266-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class) O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.137.0.cab (Battlefield Heroes Updater) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 10.21.2) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 10.21.2) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Programme\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Matti\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Matti\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011.09.23 20:03:06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{f1d03140-e6e4-11e0-8363-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{f1d03140-e6e4-11e0-8363-806d6172696f}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{f1d03140-e6e4-11e0-8363-806d6172696f}\Shell\AutoRun\command - "" = E:\Bin\assetup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.05.04 22:22:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT [2013.05.04 22:22:00 | 000,000,000 | ---D | C] -- C:\JRT [2013.05.04 22:13:32 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Matti\Desktop\OTL.exe [2013.05.04 22:11:27 | 000,545,926 | ---- | C] (Oleg N. Scherbakov) -- C:\Dokumente und Einstellungen\Matti\Desktop\JRT.exe [2013.05.03 22:05:40 | 000,263,584 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2013.05.03 22:05:40 | 000,144,896 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2013.05.03 22:05:36 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2013.05.03 22:05:36 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2013.05.03 22:05:36 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2013.05.01 21:58:12 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Dokumente und Einstellungen\Matti\Desktop\tdsskiller.exe [2013.05.01 21:57:34 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Dokumente und Einstellungen\Matti\Desktop\aswMBR.exe [2013.04.30 18:27:19 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2013.04.27 14:37:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\Malwarebytes [2013.04.27 14:37:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2013.04.27 12:56:45 | 000,000,000 | ---D | C] -- C:\Programme\Adobe [2013.04.27 12:10:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Matti\Lokale Einstellungen\Anwendungsdaten\Opera [2013.04.27 12:10:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\Opera [2013.04.27 06:04:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump [2013.04.26 20:54:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Matti\Lokale Einstellungen\Anwendungsdaten\B1E [2013.04.26 19:57:23 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java [2013.04.12 18:29:07 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox [2013.04.06 14:21:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Matti\Lokale Einstellungen\Anwendungsdaten\ArcSoft [2013.04.06 14:21:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ArcSoft Connect [2013.04.06 14:20:23 | 000,018,688 | ---- | C] (Arcsoft, Inc.) -- C:\WINDOWS\System32\drivers\afc.sys [2013.04.06 14:20:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ArcSoft MediaImpression [2013.04.06 14:20:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ArcSoft [2013.04.06 14:19:14 | 000,245,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\unicows.dll [2013.04.06 14:19:03 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\ArcSoft [2013.04.06 14:18:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\ArcSoft [2013.04.06 14:15:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData [6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.05.04 23:32:58 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013.05.04 22:34:36 | 000,182,038 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2013.05.04 22:34:30 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013.05.04 22:34:26 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013.05.04 22:34:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013.05.04 22:34:20 | 2146,750,464 | -HS- | M] () -- C:\hiberfil.sys [2013.05.04 22:14:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Matti\Desktop\OTL.exe [2013.05.04 22:12:15 | 000,628,743 | ---- | M] () -- C:\Dokumente und Einstellungen\Matti\Desktop\adwcleaner.exe [2013.05.04 22:11:28 | 000,545,926 | ---- | M] (Oleg N. Scherbakov) -- C:\Dokumente und Einstellungen\Matti\Desktop\JRT.exe [2013.05.04 01:39:09 | 000,000,363 | ---- | M] () -- C:\Dokumente und Einstellungen\Matti\Desktop\Verknüpfung (2) mit RECYCLER.lnk [2013.05.04 01:38:37 | 000,000,383 | ---- | M] () -- C:\Dokumente und Einstellungen\Matti\Desktop\Verknüpfung mit RECYCLER.lnk [2013.05.04 01:27:03 | 000,000,103 | ---- | M] () -- C:\WINDOWS\wiso.ini [2013.05.04 00:59:56 | 000,000,512 | ---- | M] () -- C:\Dokumente und Einstellungen\Matti\Desktop\MBR.dat [2013.05.03 22:05:26 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2013.05.03 22:05:25 | 000,866,720 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npdeployJava1.dll [2013.05.03 22:05:25 | 000,788,896 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll [2013.05.03 22:05:25 | 000,263,584 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2013.05.03 22:05:25 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2013.05.03 22:05:25 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2013.05.03 22:05:25 | 000,144,896 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2013.05.02 20:30:10 | 001,059,173 | ---- | M] () -- C:\WINDOWS\System32\sig.bin [2013.05.02 20:30:10 | 000,054,567 | ---- | M] () -- C:\WINDOWS\System32\nmp.map [2013.05.01 21:58:59 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Dokumente und Einstellungen\Matti\Desktop\aswMBR.exe [2013.05.01 21:58:31 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Dokumente und Einstellungen\Matti\Desktop\tdsskiller.exe [2013.04.30 18:41:34 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013.04.30 18:16:51 | 000,000,599 | ---- | M] () -- C:\Dokumente und Einstellungen\Matti\Desktop\Verknüpfung mit mbar.lnk [2013.04.27 12:57:57 | 000,001,714 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader XI.lnk [2013.04.27 00:13:31 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Matti\defogger_reenable [2013.04.11 00:01:42 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013.04.11 00:01:42 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013.04.10 23:57:59 | 000,120,544 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013.04.06 14:20:09 | 000,000,826 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Media Impression.lnk [6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.05.04 22:12:14 | 000,628,743 | ---- | C] () -- C:\Dokumente und Einstellungen\Matti\Desktop\adwcleaner.exe [2013.05.04 01:39:09 | 000,000,363 | ---- | C] () -- C:\Dokumente und Einstellungen\Matti\Desktop\Verknüpfung (2) mit RECYCLER.lnk [2013.05.04 01:38:37 | 000,000,383 | ---- | C] () -- C:\Dokumente und Einstellungen\Matti\Desktop\Verknüpfung mit RECYCLER.lnk [2013.05.04 00:59:56 | 000,000,512 | ---- | C] () -- C:\Dokumente und Einstellungen\Matti\Desktop\MBR.dat [2013.04.30 18:16:51 | 000,000,599 | ---- | C] () -- C:\Dokumente und Einstellungen\Matti\Desktop\Verknüpfung mit mbar.lnk [2013.04.29 21:27:18 | 2146,750,464 | -HS- | C] () -- C:\hiberfil.sys [2013.04.27 15:34:41 | 000,000,598 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Opera 12.15 1748.lnk [2013.04.27 12:57:57 | 000,001,804 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Reader XI.lnk [2013.04.27 12:57:57 | 000,001,714 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader XI.lnk [2013.04.27 00:13:31 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Matti\defogger_reenable [2013.04.06 21:43:56 | 000,040,960 | ---- | C] () -- C:\WINDOWS\unVC51Z.dll [2013.04.06 14:20:09 | 000,000,826 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Media Impression.lnk [2012.07.16 13:34:21 | 000,104,634 | ---- | C] () -- C:\WINDOWS\hpoins04.dat [2012.07.16 13:34:21 | 000,017,176 | ---- | C] () -- C:\WINDOWS\hpomdl04.dat [2012.05.14 19:36:09 | 000,086,528 | ---- | C] () -- C:\WINDOWS\bnetunin.exe [2012.05.12 09:12:59 | 000,000,103 | ---- | C] () -- C:\WINDOWS\wiso.ini [2012.04.09 14:42:12 | 000,139,080 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2012.04.09 14:41:47 | 000,270,240 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe [2012.04.09 14:41:36 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe [2012.03.20 23:22:48 | 000,004,608 | ---- | C] () -- C:\Dokumente und Einstellungen\Matti\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.03.04 19:30:55 | 000,138,056 | ---- | C] () -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\PnkBstrK.sys [2011.09.24 20:53:14 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2011.09.24 20:51:59 | 000,120,544 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011.09.24 15:38:39 | 001,059,173 | ---- | C] () -- C:\WINDOWS\System32\sig.bin [2011.09.23 20:19:48 | 000,004,557 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2011.09.23 20:19:47 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2011.09.23 20:05:11 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2011.09.23 19:59:57 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat ========== ZeroAccess Check ========== [2012.05.12 09:07:03 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2011.06.21 20:18:34 | 001,510,400 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2012.05.12 09:05:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Buhl Data Service GmbH [2012.03.18 19:38:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\elsterformular [2012.12.11 20:46:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\G DATA [2012.03.18 19:38:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\elsterformular [2011.10.02 10:18:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\OpenOffice.org [2013.04.27 15:36:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\Opera [2013.04.27 14:35:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\TS3Client [2011.09.24 15:52:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\Unity [2012.02.19 11:25:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Matti\Anwendungsdaten\wargaming.net ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 04.05.2013 22:45:09 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Matti\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,47 Gb Available Physical Memory | 73,30% Memory free
3,85 Gb Paging File | 3,23 Gb Available in Paging File | 84,04% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 29,29 Gb Total Space | 14,82 Gb Free Space | 50,59% Space Free | Partition Type: NTFS
Drive D: | 156,55 Gb Total Space | 119,08 Gb Free Space | 76,07% Space Free | Partition Type: NTFS
Computer Name: MATTHIAS | User Name: Matti | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- D:\Programme\Opera\Opera.exe (Opera Software)
[HKEY_USERS\S-1-5-21-73586283-1757981266-682003330-1003\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- "C:\Programme\Opera\Opera.exe" "%1"
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"D:\Programme\UnityWebPlayer.exe" = D:\Programme\UnityWebPlayer.exe:*:Disabled:UnityWebPlayer
"C:\WINDOWS\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"D:\Programme\Flagship Studios\Hellgate London\Launcher.exe" = D:\Programme\Flagship Studios\Hellgate London\Launcher.exe:*:Enabled:Hellgate: London -- (Flagship Studios)
"C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA -- ()
"C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- ()
"C:\Programme\Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe" = C:\Programme\Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe:*:Enabled:DTX broker
"C:\Programme\Opera\opera.exe" = C:\Programme\Opera\opera.exe:*:Enabled:Opera Internet Browser
"D:\Programme\Opera\opera.exe" = D:\Programme\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}" = WISO Steuer-Sparbuch 2011
"{0DA1A27E-0616-45DA-A85F-61623046624A}" = 5.0M DigitalCAM
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F63ED0B-EDD2-4037-B6AB-1358C624AF48}" = Scan
"{21E75254-410E-49C4-8981-2E1A2A2221F2}" = HP Diagnostic Assistant
"{2405665A-16C9-4D3A-B70E-F006220E1472}" = Overland
"{267868CE-6DFF-40F7-9C58-C01119B7B117}" = Fax
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 37
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21
"{2F71F2BA-B513-4113-969C-18A84D238E27}" = 1310
"{34A59AC3-6C5C-4A09-A7F5-369A37176C8A}" = AiOSoftware
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{41254D7B-EADF-4078-AE4A-BD73B300EE86}" = Unload
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{457791C5-D702-4143-A7B2-2744BE9573F2}" = HP Software Update
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{597D73A8-5FDB-4bc1-9893-40B54459F1BC}" = ProductContext
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{80413011-029C-4D6B-B3AD-725DDE60B81C}" = 1310Trb
"{86107E2D-DFB9-46BC-99ED-07EACAEE0923}" = G Data InternetSecurity 2013
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9EC9754D-CA34-4293-B5DB-3BD245A88A43}" = ArcSoft MediaImpression
"{A1062847-0846-427A-92A1-BB8251A91E91}" = HP PSC & OfficeJet 4.2
"{A2500497-FD32-493e-B8E5-28D6728DBEF5}" = Readme
"{A2B4455D-1046-4732-BFBC-0821BEFC07BC}" = Hellgate: London
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4EA3AB4-E78C-4286-96DF-26035507CE55}" = AiO_Scan
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{B3D5D4E0-E965-41C4-ABFD-A7B1AD0663C2}" = Director
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{BF018D2F-C788-4AB1-AB95-1280EAB8F13E}" = TrayApp
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E21658D0-8C83-4ADD-937B-6ED07F335ABA}" = 1310Tour
"{E90BEB5B-CFA0-418E-9ABB-4C4A7B0D9483}" = 1310_Help
"{EC8673DA-F96B-497E-B2DB-BC7B029FD680}" = BufferChm
"{F4F47155-5B4D-42AA-97F8-490BC52EA7F3}" = Destinations
"{F65787F3-B356-45EC-8DD0-0E6758EDBCEE}" = WebReg
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Battle.net" = Battle.net
"CCleaner" = CCleaner
"Drakensang_is1" = Drakensang
"ElsterFormular 13.1.1.8479p" = ElsterFormular
"FormatFactory" = FormatFactory 2.95
"HP Photo & Imaging" = HP Image Zone 4.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NVIDIA Drivers" = NVIDIA Drivers
"Opera 12.15.1748_1" = Opera 12.15
"PunkBusterSvc" = PunkBuster Services
"Siedler3Deinstall" = Siedler3
"SystemRequirementsLab" = System Requirements Lab
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-73586283-1757981266-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 30.04.2013 12:07:31 | Computer Name = MATTHIAS | Source = Userenv | ID = 1041
Description = Der Registrierungseintrag DllName konnte für "{7B849a69-220F-451E-B3FE-2CB811AF94AE}"
nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich
durch eine fehlerhafte Registrierung verursacht.
Error - 30.04.2013 12:07:31 | Computer Name = MATTHIAS | Source = Userenv | ID = 1041
Description = Der Registrierungseintrag DllName konnte für "{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}"
nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich
durch eine fehlerhafte Registrierung verursacht.
Error - 30.04.2013 12:07:31 | Computer Name = MATTHIAS | Source = Userenv | ID = 1041
Description = Der Registrierungseintrag DllName konnte für "{7B849a69-220F-451E-B3FE-2CB811AF94AE}"
nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich
durch eine fehlerhafte Registrierung verursacht.
Error - 30.04.2013 12:07:31 | Computer Name = MATTHIAS | Source = Userenv | ID = 1041
Description = Der Registrierungseintrag DllName konnte für "{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}"
nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich
durch eine fehlerhafte Registrierung verursacht.
Error - 03.05.2013 16:03:10 | Computer Name = MATTHIAS | Source = MsiInstaller | ID = 11306
Description = Produkt: Java 7 Update 21 -- Fehler 1306. Eine andere Anwendung hat
exklusiven Zugriff auf die Datei "C:\Programme\Java\jre7\bin\awt.dll". Bitte beenden
Sie alle anderen Anwendungen. Klicken Sie danach auf "Wiederholen".
Error - 03.05.2013 16:03:12 | Computer Name = MATTHIAS | Source = MsiInstaller | ID = 11309
Description = Produkt: Java 7 Update 21 -- Fehler 1309. Fehler beim Lesen von Datei:
C:\Programme\Java\jre7\bin\awt.dll. Systemfehler 3. Überprüfen Sie, ob die Datei
existiert und ob Sie darauf zugreifen können.
Error - 03.05.2013 16:03:13 | Computer Name = MATTHIAS | Source = MsiInstaller | ID = 11309
Description = Produkt: Java 7 Update 21 -- Fehler 1309. Fehler beim Lesen von Datei:
C:\Programme\Java\jre7\bin\awt.dll. Systemfehler 3. Überprüfen Sie, ob die Datei
existiert und ob Sie darauf zugreifen können.
Error - 03.05.2013 16:03:13 | Computer Name = MATTHIAS | Source = MsiInstaller | ID = 11309
Description = Produkt: Java 7 Update 21 -- Fehler 1309. Fehler beim Lesen von Datei:
C:\Programme\Java\jre7\bin\awt.dll. Systemfehler 3. Überprüfen Sie, ob die Datei
existiert und ob Sie darauf zugreifen können.
Error - 03.05.2013 16:03:14 | Computer Name = MATTHIAS | Source = MsiInstaller | ID = 11309
Description = Produkt: Java 7 Update 21 -- Fehler 1309. Fehler beim Lesen von Datei:
C:\Programme\Java\jre7\bin\awt.dll. Systemfehler 3. Überprüfen Sie, ob die Datei
existiert und ob Sie darauf zugreifen können.
Error - 04.05.2013 16:44:46 | Computer Name = MATTHIAS | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung OTL.exe, Version 3.2.69.0, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
[ System Events ]
Error - 29.04.2013 14:38:15 | Computer Name = MATTHIAS | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 29.04.2013 14:41:25 | Computer Name = MATTHIAS | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "netman"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
Error - 29.04.2013 14:41:38 | Computer Name = MATTHIAS | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 29.04.2013 14:43:35 | Computer Name = MATTHIAS | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "netman"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
Error - 29.04.2013 14:43:50 | Computer Name = MATTHIAS | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 29.04.2013 14:45:46 | Computer Name = MATTHIAS | Source = System Error | ID = 1003
Description = Fehlercode 1000008e, 1. Parameter c0000005, 2. Parameter 8054c08f,
3. Parameter ba0607fc, 4. Parameter 00000000.
Error - 29.04.2013 15:24:25 | Computer Name = MATTHIAS | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "netman"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
Error - 29.04.2013 15:24:38 | Computer Name = MATTHIAS | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 29.04.2013 15:26:12 | Computer Name = MATTHIAS | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "netman"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
Error - 29.04.2013 15:26:23 | Computer Name = MATTHIAS | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {1BE1F766-5536-11D1-B726-00C04FB926AF}
< End of report >
|
|
05.05.2013, 00:15
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | search.b1.org im Firefox und Explorer für XP Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Vollscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.05.2013, 08:49
| #15 |
| | search.b1.org im Firefox und Explorer für XP mbar: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org
Database version: v2013.05.04.10
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Matti :: MATTHIAS [administrator]
05.05.2013 01:44:57
mbar-log-2013-05-05 (01-44-57).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 25041
Time elapsed: 18 minute(s), 20 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=55fb70aa2105864eb472e5d38d0eb9dd
# engine=13755
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-05-05 02:13:35
# local_time=2013-05-05 04:13:35 (+0100, Westeuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# scanned=51239
# found=0
# cleaned=0
# scan_time=7038
 Ich bin dir wirklich sehr dankbar für deine Hilfe!  Werde das Forum auf jeden Fall weiter empfehlen! Ich werde diese ganzen Helfer behalten und ab und an mal laufen lassen. Möchtest du noch etwas zur Kontrolle laufen lassen?
__________________ Auch aus Steinen, die einem in den Weg gelegt werden, kann man Schönes bauen.  Johann Wolfgang von Goethe |
|
| Themen zu search.b1.org im Firefox und Explorer für XP |
| adobe, antivirus, avast, battle.net, bho, einstellungen, error, explorer, firefox, flash player, format, google, helper, logfile, mozilla, mp3, mp3 datei, object, officejet, plug-in, registry, rundll, scan, security, software, starten, teamspeak, windows, windows internet, windows xp |
Linear-Darstellung
