|
Plagegeister aller Art und deren Bekämpfung: Komischer Maleware oder Spyware fallWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
23.05.2013, 20:10 | #1 |
| Komischer Maleware oder Spyware fall Guten Abend liebe Trojaner-Board Team, seit Gestern Abend habe ich das Problem, dass mit Avast! andauern (jede 5-10 Sekunden) eine Warnung über eine Blockierte Seite gibt, und seit Gestern Abend kann ich auch keine Buttons mehr Anklicken. Der Computer läuft auch langsamer als sonst. Bildscreen von der Warnung bei Avast!: Link zum Screen: hxxp://www.imagebanana.com/view/bhq8iv38/sreen.png Der Fall von Maleware oder Spyware ist mir sehr Schleierhaft. Wäre sehr Nett, wenn mir jemand von euch Helfen könnte. Grüße Sven |
23.05.2013, 20:22 | #2 |
/// Malware-holic | Komischer Maleware oder Spyware fall Hi, kannst du die Url bzw warnung im Klartext posten bitte?
__________________Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter activex netsvcs msconfig %SYSTEMDRIVE%\*. %PROGRAMFILES%\*.exe %LOCALAPPDATA%\*.exe %systemroot%\*. /mp /s C:\Windows\system32\*.tsp /md5start userinit.exe eventlog.dll scecli.dll netlogon.dll cngaudit.dll ws2ifsl.sys sceclt.dll ntelogon.dll winlogon.exe logevent.dll user32.DLL explorer.exe iaStor.sys nvstor.sys atapi.sys IdeChnDr.sys viasraid.sys AGP440.sys vaxscsi.sys nvatabus.sys viamraid.sys nvata.sys nvgts.sys iastorv.sys ViPrt.sys eNetHook.dll ahcix86.sys KR10N.sys nvstor32.sys ahcix86s.sys /md5stop %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %USERPROFILE%\*.* %USERPROFILE%\Local Settings\Temp\*.exe %USERPROFILE%\Local Settings\Temp\*.dll %USERPROFILE%\Application Data\*.exe HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs CREATERESTOREPOINT
__________________ |
23.05.2013, 20:25 | #3 |
| Komischer Maleware oder Spyware fall Der Link wird nicht richtig im Forum angezeigt. Warum auch immer.
__________________www.imagebanana.com/view/bhq8iv38/sreen.png |
23.05.2013, 20:27 | #4 |
/// Malware-holic | Komischer Maleware oder Spyware fall als reinen text, nicht als grafik
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
23.05.2013, 20:51 | #5 |
| Komischer Maleware oder Spyware fall Es gibt nur eine Grafik die über diese Warnung aufklärt. Deshalb ist es so komisch. Ich habe mit Avast! einen Quick- und einen Vollscan gemacht, dort wurde nichts gefunden. OTL Logfile: OTL Logfile: Code:
ATTFilter OTL logfile created on: 23.05.2013 21:27:44 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Svem\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1021,48 Mb Total Physical Memory | 607,57 Mb Available Physical Memory | 59,48% Memory free 2,40 Gb Paging File | 2,11 Gb Available in Paging File | 87,62% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINXP | %ProgramFiles% = C:\Programme Drive C: | 27,94 Gb Total Space | 6,84 Gb Free Space | 24,47% Space Free | Partition Type: NTFS Drive D: | 244,93 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: SVEN-PC | User Name: Svem | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.05.23 21:26:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Svem\Desktop\OTL.exe PRC - [2013.05.15 12:50:33 | 004,284,976 | ---- | M] () -- C:\Programme\Pando Networks\Media Booster\PMB.exe PRC - [2013.05.09 10:58:35 | 006,583,664 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\Setup\avast.setup PRC - [2013.05.09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe PRC - [2013.05.09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe PRC - [2013.05.07 16:31:51 | 000,181,664 | ---- | M] (Oracle Corporation) -- C:\Programme\Java\jre7\bin\jqs.exe PRC - [2013.05.03 18:37:58 | 001,105,408 | ---- | M] (Spotify Ltd) -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\Spotify\Data\SpotifyWebHelper.exe PRC - [2013.03.29 09:17:20 | 000,279,432 | ---- | M] (hxxp://tortoisesvn.net) -- C:\Programme\TortoiseSVN\bin\TSVNCache.exe PRC - [2013.03.12 07:32:50 | 000,253,816 | ---- | M] (Oracle Corporation) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe PRC - [2012.10.23 10:25:06 | 002,744,960 | ---- | M] (DT Soft Ltd) -- C:\Programme\DAEMON Tools Pro\DTShellHlp.exe PRC - [2008.04.14 08:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINXP\explorer.exe PRC - [2002.09.11 19:57:20 | 000,046,592 | ---- | M] (Avance Logic, Inc.) -- C:\WINXP\soundman.exe ========== Modules (No Company Name) ========== MOD - [2013.05.23 18:03:41 | 002,085,888 | ---- | M] () -- C:\Programme\AVAST Software\Avast\defs\13052301\algo.dll MOD - [2013.05.15 12:50:33 | 004,284,976 | ---- | M] () -- C:\Programme\Pando Networks\Media Booster\PMB.exe MOD - [2013.05.09 10:58:25 | 000,240,448 | ---- | M] () -- C:\Programme\AVAST Software\Avast\Setup\setiface.dll MOD - [2013.04.30 19:33:30 | 000,225,280 | ---- | M] () -- C:\Programme\x264 Video Codec\Filters\Haali\mmdinfo.dll MOD - [2013.03.29 09:17:06 | 000,070,536 | ---- | M] () -- C:\Programme\TortoiseSVN\bin\libsasl32.dll MOD - [2012.11.29 23:59:32 | 000,093,696 | ---- | M] () -- C:\Programme\FileZilla FTP Client\fzshellext.dll MOD - [2012.03.11 18:07:38 | 000,159,744 | ---- | M] () -- C:\Programme\x264 Video Codec\Filters\Haali\mmfinfo.dll MOD - [2011.09.08 15:59:52 | 000,024,576 | ---- | M] () -- C:\Programme\x264 Video Codec\Filters\Haali\mkunicode.dll MOD - [2011.04.12 20:55:25 | 000,247,296 | ---- | M] () -- \\?\globalroot\systemroot\system32\mswsock.dll MOD - [2011.04.12 20:55:25 | 000,247,296 | ---- | M] () -- \\.\globalroot\systemroot\system32\mswsock.dll MOD - [2009.11.16 21:31:58 | 000,069,632 | ---- | M] () -- C:\Programme\PSPad editor\PSPadShell.dll ========== Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- C:\Programme\Gemeinsame Dateien\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService) SRV - [2013.05.23 15:37:54 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.05.15 15:40:25 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINXP\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.05.09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2013.05.07 16:31:51 | 000,181,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2013.02.28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2010.01.09 21:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2005.11.13 21:33:48 | 000,163,840 | ---- | M] (Alex Feinman) [On_Demand | Stopped] -- C:\Programme\Alex Feinman\ISO Recorder\ImapiHelper.exe -- (Imapi Helper) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\XDva401.sys -- (XDva401) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | Auto | Stopped] -- System32\Drivers\Scutum50.sys -- (Scutum50) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Programme\Lavalys\EVEREST Home Edition\kerneld.wnt -- (EverestDriver) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\EagleXNt.sys -- (EagleXNt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOKUME~1\Svem\LOKALE~1\Temp\catchme.sys -- (catchme) DRV - [2013.05.09 10:59:10 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINXP\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2013.05.09 10:59:10 | 000,368,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINXP\System32\drivers\aswSP.sys -- (aswSP) DRV - [2013.05.09 10:59:10 | 000,174,664 | ---- | M] () [Kernel | Boot | Running] -- C:\WINXP\System32\drivers\aswVmm.sys -- (aswVmm) DRV - [2013.05.09 10:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINXP\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2013.05.09 10:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\WINXP\System32\drivers\aswRvrt.sys -- (aswRvrt) DRV - [2013.05.09 10:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINXP\system32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2013.05.09 10:59:09 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINXP\System32\drivers\aswRdr.sys -- (AswRdr) DRV - [2013.05.09 10:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINXP\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2013.01.07 13:11:48 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINXP\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2012.11.09 16:33:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2012.11.09 16:33:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2012.11.09 16:33:30 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2012.11.09 16:33:30 | 000,018,560 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2012.10.17 14:53:46 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2010.07.01 15:21:14 | 000,034,896 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\ScreamingBAudio.sys -- (SCREAMINGBDRIVER) DRV - [2009.10.02 10:31:32 | 000,124,288 | ---- | M] (© Guillemot R&D, 2009. All rights reserved.) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\HDJMidi.sys -- (HDJMidi) DRV - [2009.10.02 10:31:26 | 000,128,768 | ---- | M] (© Guillemot R&D, 2009. All rights reserved.) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\HDJBulk.sys -- (Bulk) DRV - [2009.04.03 23:08:08 | 000,713,344 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINXP\system32\drivers\rt2870.sys -- (rt2870) DRV - [2009.03.30 03:09:28 | 000,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINXP\system32\drivers\RsFx0103.sys -- (RsFx0103) DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\hamachi.sys -- (hamachi) DRV - [2008.04.13 21:05:40 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\sisnic.sys -- (SISNIC) DRV - [2006.05.03 18:50:42 | 001,540,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINXP\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2002.09.16 19:25:02 | 000,941,516 | ---- | M] (Avance Logic, Inc.) [Kernel | On_Demand | Running] -- C:\WINXP\system32\drivers\alcxwdm.sys -- (ALCXWDM) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINXP\system32\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINXP\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 41 0E 9A 5D 90 CD 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\..\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC8}: "URL" = hxxp://search.icq.com/search/results.php?q=%s&ch_id=hm&search_mode=web IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de" FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1489 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINXP\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Programme\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\WINXP\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programme\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINXP\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Programme\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll File not found FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Programme\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Programme\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Programme\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Programme\AVAST Software\Avast\WebRep\FF [2013.05.23 14:25:43 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Programme\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2013.05.23 20:54:32 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2013.05.16 14:00:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins [2013.05.22 19:46:01 | 000,000,000 | ---D | M] [2013.04.20 22:26:44 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\Mozilla\Extensions [2013.05.20 19:03:19 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\Mozilla\Firefox\Profiles\4bt1pypa.default\extensions [2013.05.23 20:54:32 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2013.05.23 15:37:58 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions [2013.05.23 15:37:58 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013.05.23 14:25:43 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAMME\AVAST SOFTWARE\AVAST\WEBREP\FF ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - plugin: Shockwave Flash (Enabled) = C:\Programme\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Programme\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Programme\Google\Chrome\Application\27.0.1453.94\pdf.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll CHR - plugin: Google Update (Enabled) = C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U21 (Enabled) = C:\Programme\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Pando Web Plugin (Enabled) = C:\Programme\Pando Networks\Media Booster\npPandoWebPlugin.dll CHR - plugin: PDF-XChange Viewer (Enabled) = C:\Programme\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Programme\VideoLAN\VLC\npvlc.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINXP\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINXP\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll CHR - plugin: Java Deployment Toolkit 7.0.210.11 (Enabled) = C:\WINXP\system32\npDeployJava1.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Programme\Microsoft Silverlight\3.0.40818.0\npctrl.dll CHR - Extension: Google Docs = C:\Dokumente und Einstellungen\Svem\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Google Drive = C:\Dokumente und Einstellungen\Svem\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Dokumente und Einstellungen\Svem\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Google-Suche = C:\Dokumente und Einstellungen\Svem\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Colorfull Sun Set = C:\Dokumente und Einstellungen\Svem\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\iknflcjkkahjgichcidlfcalplplegii\1_0\ CHR - Extension: Google Mail = C:\Dokumente und Einstellungen\Svem\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2013.05.06 20:06:53 | 000,000,027 | ---- | M]) - C:\WINXP\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O4 - HKLM..\Run: [AtiPTA] C:\WINXP\System32\atiptaxx.exe (ATI Technologies, Inc.) O4 - HKLM..\Run: [avast] C:\Programme\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [DivXMediaServer] C:\Programme\DivX\DivX Media Server\DivXMediaServer.exe File not found O4 - HKLM..\Run: [Hercules DJ Series] C:\Programme\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe (Hercules®) O4 - HKLM..\Run: [SoundMan] C:\WINXP\soundman.exe (Avance Logic, Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Oracle Corporation) O4 - HKCU..\Run: [Pando Media Booster] C:\Programme\Pando Networks\Media Booster\PMB.exe () O4 - HKCU..\Run: [Spotify Web Helper] C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe File not found O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - mswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - mswsock.dll File not found O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CF323CAD-9F6E-49EB-901E-157397579F0C}: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINXP\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINXP\system32\userinit.exe) - C:\WINXP\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINXP\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Svem\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Svem\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012.09.11 22:11:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009.01.23 14:45:06 | 000,000,045 | R--- | M] () - D:\autorun.inf -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML) ActiveX: {1DFFB787-735E-371B-9C43-1321C10B4335} - .NET Framework ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINXP\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8 ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Sicherheitsupdate für Windows XP (KB923789) ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINXP\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINXP\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINXP\system32\Rundll32.exe C:\WINXP\system32\mscories.dll,Install ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Programme\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} - ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CAAFB8F9-F8D1-3D27-9AAA-6301A4429440} - .NET Framework ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Shockwave Flash ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINXP\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINXP\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINXP\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINXP\system32\rundll32.exe" "C:\WINXP\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE ActiveX: >{99820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: Microsoft Base Smart Card Crypto Provider Package - NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: Nla - C:\WINXP\system32\mswsock.dll () NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: Sharedaccess - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: BITS - File not found MsConfig - StartUpReg: DAEMON Tools Pro Agent - hkey= - key= - C:\Programme\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd) MsConfig - StartUpReg: mskeylo - hkey= - key= - C:\Programme\Java\jre7\bin\javaw.exe (Oracle Corporation) MsConfig - StartUpReg: Spotify - hkey= - key= - C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\Spotify\Spotify.exe (Spotify Ltd) MsConfig - StartUpReg: Spotify Web Helper - hkey= - key= - C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Oracle Corporation) MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2013.05.23 21:26:25 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Svem\Desktop\OTL.exe [2013.05.23 20:54:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\avast! Free Antivirus [2013.05.23 15:37:17 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox [2013.05.23 14:27:14 | 000,368,944 | ---- | C] (AVAST Software) -- C:\WINXP\System32\drivers\aswSP.sys [2013.05.23 14:27:14 | 000,029,816 | ---- | C] (AVAST Software) -- C:\WINXP\System32\drivers\aswFsBlk.sys [2013.05.23 14:27:06 | 000,049,760 | ---- | C] (AVAST Software) -- C:\WINXP\System32\drivers\aswRdr.sys [2013.05.23 14:27:04 | 000,056,080 | ---- | C] (AVAST Software) -- C:\WINXP\System32\drivers\aswTdi.sys [2013.05.23 14:27:03 | 000,765,736 | ---- | C] (AVAST Software) -- C:\WINXP\System32\drivers\aswSnx.sys [2013.05.23 14:26:56 | 000,066,336 | ---- | C] (AVAST Software) -- C:\WINXP\System32\drivers\aswMonFlt.sys [2013.05.23 14:26:13 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013.05.23 14:25:16 | 000,041,664 | ---- | C] (AVAST Software) -- C:\WINXP\avastSS.scr [2013.05.23 13:50:31 | 000,000,000 | ---D | C] -- C:\Programme\AvRack [2013.05.22 19:51:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\DivX [2013.05.22 19:39:59 | 000,000,000 | ---D | C] -- C:\Programme\DivX [2013.05.22 19:39:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\Codec Pack Packages [2013.05.22 19:39:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DivX [2013.05.22 19:39:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\LavFilters [2013.05.22 19:39:17 | 000,000,000 | ---D | C] -- C:\Programme\DSP-worx [2013.05.22 19:39:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\CDXReader [2013.05.22 19:37:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\DSite [2013.05.22 19:23:27 | 000,000,000 | ---D | C] -- C:\Programme\AVI Media Player [2013.05.22 19:16:44 | 000,000,000 | ---D | C] -- C:\Programme\x264 Video Codec [2013.05.22 18:52:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Eigene Dateien\Firstload [2013.05.20 16:48:20 | 000,000,000 | ---D | C] -- C:\Programme\Native Instruments Traktor Pro [2013.05.19 23:10:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Native Instruments [2013.05.19 23:09:23 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Native Instruments [2013.05.19 22:31:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\firebird [2013.05.19 22:31:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Lokale Einstellungen\Anwendungsdaten\SpacialAudio [2013.05.19 22:28:22 | 000,174,208 | ---- | C] (© Guillemot R&D, 2009. All rights reserved.) -- C:\WINXP\System32\drivers\HDJAsioK.sys [2013.05.19 22:28:22 | 000,128,768 | ---- | C] (© Guillemot R&D, 2009. All rights reserved.) -- C:\WINXP\System32\drivers\HDJBulk.sys [2013.05.19 22:28:22 | 000,124,288 | ---- | C] (© Guillemot R&D, 2009. All rights reserved.) -- C:\WINXP\System32\drivers\HDJMidi.sys [2013.05.19 22:28:22 | 000,025,472 | ---- | C] (© Guillemot R&D, 2009. All rights reserved.) -- C:\WINXP\System32\drivers\HDJCtrl.sys [2013.05.19 22:28:03 | 000,079,872 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\WINXP\System32\HerculesDJDevices.dll [2013.05.19 22:28:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Hercules [2013.05.19 22:28:02 | 000,000,000 | ---D | C] -- C:\Programme\Guillemot [2013.05.19 22:27:56 | 000,102,400 | ---- | C] (Hercules®) -- C:\WINXP\System32\HDJSeries.cpl [2013.05.19 22:27:44 | 000,000,000 | ---D | C] -- C:\Programme\Hercules [2013.05.19 22:27:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\InstallShield [2013.05.19 22:24:39 | 000,000,000 | ---D | C] -- C:\Programme\SpacialAudio [2013.05.18 13:01:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Google Chrome [2013.05.18 12:55:47 | 000,000,000 | ---D | C] -- C:\Programme\Google [2013.05.18 02:20:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\.minecraft [2013.05.18 02:06:34 | 000,695,296 | ---- | C] (AnjoCaido) -- C:\Dokumente und Einstellungen\Svem\Desktop\MinecraftSP.exe [2013.05.16 14:00:38 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Thunderbird [2013.05.15 13:59:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Startmenü\Programme\Gamescampus [2013.05.15 13:49:47 | 000,000,000 | ---D | C] -- C:\Gamescampus [2013.05.15 12:50:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Lokale Einstellungen\Anwendungsdaten\PMB Files [2013.05.15 12:50:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PMB Files [2013.05.15 12:50:17 | 000,000,000 | ---D | C] -- C:\Programme\Pando Networks [2013.05.15 12:50:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\.swt [2013.05.15 00:11:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Lokale Einstellungen\Anwendungsdaten\assembly [2013.05.15 00:10:25 | 000,000,000 | ---D | C] -- C:\Programme\NCSoft [2013.05.14 23:30:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Lokale Einstellungen\Anwendungsdaten\Chromium [2013.05.14 20:05:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Lokale Einstellungen\Anwendungsdaten\ApplicationHistory [2013.05.14 20:02:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Lokale Einstellungen\Anwendungsdaten\Turbine [2013.05.14 19:52:22 | 000,000,000 | ---D | C] -- C:\WINXP\System32\URTTEMP [2013.05.14 19:19:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Turbine [2013.05.14 19:18:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\HappyCloud [2013.05.12 17:59:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\TeamViewer [2013.05.12 17:31:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\Firstload [2013.05.12 17:29:56 | 000,000,000 | ---D | C] -- C:\Programme\Firstload [2013.05.12 16:00:53 | 000,000,000 | ---D | C] -- C:\Programme\Vendetta Online [2013.05.12 15:13:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\TS3Client [2013.05.12 15:05:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Startmenü\Programme\TeamSpeak 3 Client [2013.05.12 14:21:35 | 000,000,000 | ---D | C] -- C:\Programme\Alex Feinman [2013.05.10 16:28:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\Canon [2013.05.10 16:25:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Canon [2013.05.10 16:25:38 | 000,000,000 | ---D | C] -- C:\Programme\Canon [2013.05.09 19:00:59 | 000,000,000 | ---D | C] -- C:\Programme\Mafia [2013.05.07 21:42:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Lokale Einstellungen\Anwendungsdaten\Alternate [2013.05.07 21:42:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Alternate [2013.05.07 21:35:06 | 000,000,000 | ---D | C] -- C:\Programme\Notepad++ [2013.05.07 21:35:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\Notepad++ [2013.05.07 17:27:24 | 000,000,000 | ---D | C] -- C:\WINXP\ERUNT [2013.05.07 16:38:25 | 000,229,648 | ---- | C] (AVAST Software) -- C:\WINXP\System32\aswBoot.exe [2013.05.07 16:36:30 | 000,000,000 | ---D | C] -- C:\Programme\AVAST Software [2013.05.07 16:35:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVAST Software [2013.05.07 16:32:39 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java [2013.05.07 16:29:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun [2013.05.07 11:54:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\Malwarebytes [2013.05.07 11:53:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware [2013.05.07 11:53:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2013.05.07 11:53:41 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINXP\System32\drivers\mbam.sys [2013.05.07 11:53:41 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2013.05.06 21:10:21 | 000,000,000 | ---D | C] -- C:\Treiber [2013.05.06 19:29:58 | 000,000,000 | RHSD | C] -- C:\cmdcons [2013.05.06 19:26:05 | 000,000,000 | ---D | C] -- C:\WINXP\erdnt [2013.05.06 14:22:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Desktop\Game [2013.05.04 18:28:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Lokale Einstellungen\Anwendungsdaten\Mana [2013.05.04 18:28:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\mana [2013.05.04 18:00:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\.ssh [2013.05.04 15:46:14 | 000,000,000 | ---D | C] -- C:\Programme\Electronic Arts [2013.05.04 15:45:39 | 000,000,000 | ---D | C] -- C:\WINXP\Logs [2013.05.04 14:31:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\ICSharpCode [2013.05.04 14:22:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\TortoiseSVN [2013.05.04 14:21:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\Subversion [2013.05.04 14:18:43 | 000,000,000 | ---D | C] -- C:\Programme\SharpDevelop [2013.05.04 14:15:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\DAoC Portal [2013.05.04 14:13:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TortoiseSVN [2013.05.04 14:13:05 | 000,000,000 | ---D | C] -- C:\Programme\TortoiseSVN [2013.05.04 14:13:05 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\TortoiseOverlays [2013.05.02 14:35:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\Sun [2013.05.01 21:31:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Adobe [2013.05.01 17:58:57 | 000,000,000 | ---D | C] -- C:\Programme\MyPC Backup [2013.05.01 17:55:38 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Maintenance Service [2013.05.01 17:55:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mozilla [2013.04.30 18:59:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Desktop\Browsergame [2013.04.28 17:18:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Eigene Dateien\LiveZilla [2013.04.28 17:18:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{B33DA322-24E5-416A-87BB-22AEF439817F} [2013.04.28 17:18:17 | 000,000,000 | ---D | C] -- C:\Programme\LiveZilla [2013.04.28 17:18:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\LiveZilla [2013.04.27 12:53:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Eigene Dateien\FreeCol [2013.04.27 12:51:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Desktop\Cities of Capture [2013.04.26 20:47:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Eigene Dateien\GitHub [2013.04.26 20:47:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\GitHub [2013.04.26 20:46:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Lokale Einstellungen\Anwendungsdaten\GitHub [2013.04.26 20:46:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Startmenü\Programme\GitHub, Inc [2013.04.25 21:18:20 | 000,000,000 | ---D | C] -- C:\WINXP\System32\RsFx [2013.04.25 21:14:32 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Visual Studio 9.0 [2013.04.25 21:08:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft SQL Server 2008 [2013.04.25 21:07:08 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft SQL Server [2013.04.25 20:58:35 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Silverlight [2013.04.25 20:53:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Eigene Dateien\Visual Studio 2010 [2013.04.25 20:53:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Visual Studio 2010 Express [2013.04.25 20:47:43 | 000,000,000 | ---D | C] -- C:\WINXP\symbols [2013.04.25 20:47:36 | 000,000,000 | ---D | C] -- C:\Programme\Reference Assemblies [2013.04.25 20:47:36 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft SDKs [2013.04.25 20:47:36 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Merge Modules [2013.04.25 20:47:34 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Visual Studio 10.0 [2013.04.25 20:13:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Svem\Lokale Einstellungen\Anwendungsdaten\K-Meleon ========== Files - Modified Within 30 Days ========== [2013.05.23 21:26:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Svem\Desktop\OTL.exe [2013.05.23 21:03:01 | 000,000,352 | -H-- | M] () -- C:\WINXP\tasks\avast! Emergency Update.job [2013.05.23 21:00:01 | 000,001,086 | ---- | M] () -- C:\WINXP\tasks\GoogleUpdateTaskMachineUA.job [2013.05.23 20:56:45 | 000,001,082 | ---- | M] () -- C:\WINXP\tasks\GoogleUpdateTaskMachineCore.job [2013.05.23 20:56:14 | 000,002,048 | --S- | M] () -- C:\WINXP\bootstat.dat [2013.05.23 20:40:15 | 000,000,880 | ---- | M] () -- C:\WINXP\tasks\Adobe Flash Player Updater.job [2013.05.23 20:31:53 | 000,001,324 | ---- | M] () -- C:\WINXP\System32\d3d9caps.dat [2013.05.23 19:33:09 | 000,000,600 | ---- | M] () -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\winscp.rnd [2013.05.23 14:26:56 | 000,002,951 | ---- | M] () -- C:\WINXP\System32\CONFIG.NT [2013.05.22 12:12:05 | 000,000,600 | ---- | M] () -- C:\Dokumente und Einstellungen\Svem\Lokale Einstellungen\Anwendungsdaten\PUTTY.RND [2013.05.22 11:45:02 | 003,513,552 | ---- | M] () -- C:\WINXP\System32\FNTCACHE.DAT [2013.05.22 11:44:20 | 000,002,206 | ---- | M] () -- C:\WINXP\System32\wpa.dbl [2013.05.19 22:30:06 | 000,005,024 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\qiwmnyln.lsb [2013.05.18 02:06:56 | 000,695,296 | ---- | M] (AnjoCaido) -- C:\Dokumente und Einstellungen\Svem\Desktop\MinecraftSP.exe [2013.05.16 17:16:38 | 000,003,584 | ---- | M] () -- C:\Dokumente und Einstellungen\Svem\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013.05.15 13:59:31 | 000,000,678 | ---- | M] () -- C:\Dokumente und Einstellungen\Svem\Desktop\9Dragons starten.lnk [2013.05.14 20:05:44 | 000,000,137 | ---- | M] () -- C:\Dokumente und Einstellungen\Svem\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat [2013.05.14 20:04:32 | 000,566,892 | ---- | M] () -- C:\WINXP\System32\perfh009.dat [2013.05.14 20:04:31 | 000,591,822 | ---- | M] () -- C:\WINXP\System32\perfh007.dat [2013.05.14 20:04:31 | 000,129,492 | ---- | M] () -- C:\WINXP\System32\perfc007.dat [2013.05.14 20:04:31 | 000,111,888 | ---- | M] () -- C:\WINXP\System32\perfc009.dat [2013.05.12 15:05:45 | 000,001,269 | ---- | M] () -- C:\Dokumente und Einstellungen\Svem\Desktop\TeamSpeak 3 Client.lnk [2013.05.09 19:54:38 | 000,000,559 | ---- | M] () -- C:\Dokumente und Einstellungen\Svem\Desktop\Mafia I.lnk [2013.05.09 10:59:10 | 000,765,736 | ---- | M] (AVAST Software) -- C:\WINXP\System32\drivers\aswSnx.sys [2013.05.09 10:59:10 | 000,368,944 | ---- | M] (AVAST Software) -- C:\WINXP\System32\drivers\aswSP.sys [2013.05.09 10:59:10 | 000,174,664 | ---- | M] () -- C:\WINXP\System32\drivers\aswVmm.sys [2013.05.09 10:59:10 | 000,056,080 | ---- | M] (AVAST Software) -- C:\WINXP\System32\drivers\aswTdi.sys [2013.05.09 10:59:10 | 000,049,376 | ---- | M] () -- C:\WINXP\System32\drivers\aswRvrt.sys [2013.05.09 10:59:09 | 000,066,336 | ---- | M] (AVAST Software) -- C:\WINXP\System32\drivers\aswMonFlt.sys [2013.05.09 10:59:09 | 000,049,760 | ---- | M] (AVAST Software) -- C:\WINXP\System32\drivers\aswRdr.sys [2013.05.09 10:59:08 | 000,029,816 | ---- | M] (AVAST Software) -- C:\WINXP\System32\drivers\aswFsBlk.sys [2013.05.09 10:58:37 | 000,041,664 | ---- | M] (AVAST Software) -- C:\WINXP\avastSS.scr [2013.05.09 10:58:28 | 000,229,648 | ---- | M] (AVAST Software) -- C:\WINXP\System32\aswBoot.exe [2013.05.06 20:06:53 | 000,000,027 | ---- | M] () -- C:\WINXP\System32\drivers\etc\hosts [2013.05.06 19:30:11 | 000,000,323 | RHS- | M] () -- C:\boot.ini [2013.05.06 14:24:47 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Svem\defogger_reenable [2013.05.04 18:00:11 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Svem\.gitconfig [2013.05.01 18:03:08 | 000,000,838 | ---- | M] () -- C:\WINXP\System32\InstallUtil.InstallLog [2013.04.28 17:18:21 | 000,000,730 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\LiveZilla Client.lnk ========== Files Created - No Company Name ========== [2013.05.23 14:27:02 | 000,174,664 | ---- | C] () -- C:\WINXP\System32\drivers\aswVmm.sys [2013.05.23 14:26:58 | 000,049,376 | ---- | C] () -- C:\WINXP\System32\drivers\aswRvrt.sys [2013.05.23 14:26:58 | 000,000,352 | -H-- | C] () -- C:\WINXP\tasks\avast! Emergency Update.job [2013.05.19 22:30:06 | 000,005,024 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\qiwmnyln.lsb [2013.05.18 12:55:52 | 000,001,086 | ---- | C] () -- C:\WINXP\tasks\GoogleUpdateTaskMachineUA.job [2013.05.18 12:55:52 | 000,001,082 | ---- | C] () -- C:\WINXP\tasks\GoogleUpdateTaskMachineCore.job [2013.05.16 17:16:38 | 000,003,584 | ---- | C] () -- C:\Dokumente und Einstellungen\Svem\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013.05.15 13:59:31 | 000,000,678 | ---- | C] () -- C:\Dokumente und Einstellungen\Svem\Desktop\9Dragons starten.lnk [2013.05.14 20:05:44 | 000,000,137 | ---- | C] () -- C:\Dokumente und Einstellungen\Svem\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat [2013.05.12 17:30:00 | 000,000,706 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Firstload.lnk [2013.05.12 15:05:45 | 000,001,269 | ---- | C] () -- C:\Dokumente und Einstellungen\Svem\Desktop\TeamSpeak 3 Client.lnk [2013.05.09 19:54:38 | 000,000,559 | ---- | C] () -- C:\Dokumente und Einstellungen\Svem\Desktop\Mafia I.lnk [2013.05.06 19:30:11 | 000,000,207 | ---- | C] () -- C:\Boot.bak [2013.05.06 19:30:04 | 000,262,448 | RHS- | C] () -- C:\cmldr [2013.05.06 14:24:47 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Svem\defogger_reenable [2013.05.04 18:00:11 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Svem\.gitconfig [2013.05.04 14:19:03 | 000,001,792 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\SharpDevelop 4.3.lnk [2013.05.01 17:57:45 | 000,000,838 | ---- | C] () -- C:\WINXP\System32\InstallUtil.InstallLog [2013.05.01 17:55:41 | 000,000,702 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Firefox.lnk [2013.04.30 14:59:58 | 001,514,558 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-1390067357-1682526488-842925246-1003-0.dat [2013.04.30 14:59:50 | 000,280,654 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat [2013.04.28 17:18:21 | 000,000,730 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\LiveZilla Client.lnk [2013.04.17 15:22:49 | 000,000,000 | ---- | C] () -- C:\WINXP\PowerReg.dat [2013.02.01 19:07:40 | 001,589,248 | ---- | C] () -- C:\WINXP\System32\libmysql_d.dll [2013.02.01 14:17:43 | 000,043,520 | ---- | C] () -- C:\WINXP\System32\CmdLineExt03.dll [2013.01.30 17:26:59 | 000,073,728 | ---- | C] () -- C:\WINXP\System32\GkSui18.EXE [2013.01.25 00:35:49 | 000,000,600 | ---- | C] () -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\winscp.rnd [2013.01.22 13:48:06 | 000,000,600 | ---- | C] () -- C:\Dokumente und Einstellungen\Svem\Lokale Einstellungen\Anwendungsdaten\PUTTY.RND [2013.01.07 13:17:45 | 000,000,531 | ---- | C] () -- C:\WINXP\eReg.dat [2012.11.11 22:44:27 | 000,000,307 | ---- | C] () -- C:\WINXP\cncscore.ini [2012.10.22 22:45:43 | 000,000,754 | ---- | C] () -- C:\WINXP\WORDPAD.INI [2012.10.17 21:22:54 | 000,013,931 | ---- | C] () -- C:\WINXP\System32\RaCoInst.dat [2012.10.15 15:54:12 | 000,002,155 | ---- | C] () -- C:\Dokumente und Einstellungen\Svem\Lokale Einstellungen\Anwendungsdaten\recently-used.xbel [2012.09.26 15:41:48 | 000,354,816 | ---- | C] () -- C:\WINXP\System32\psisdecd.dll [2012.09.12 18:48:38 | 000,516,096 | ---- | C] () -- C:\WINXP\System32\ati2sgag.exe [2012.09.12 18:46:06 | 000,451,072 | ---- | C] () -- C:\WINXP\Radeon Omega Drivers v3.8.252 Uninstall.exe [2012.09.12 13:31:03 | 000,558,133 | ---- | C] () -- C:\WINXP\System32\sqlite3.dll [2012.09.12 12:41:20 | 000,000,164 | ---- | C] () -- C:\WINXP\avrack.ini [2012.09.11 23:20:58 | 000,001,324 | ---- | C] () -- C:\WINXP\System32\d3d9caps.dat [2012.09.11 22:54:24 | 000,004,073 | ---- | C] () -- C:\WINXP\ODBCINST.INI [2012.09.11 22:52:46 | 003,513,552 | ---- | C] () -- C:\WINXP\System32\FNTCACHE.DAT [2012.09.11 22:16:30 | 000,002,048 | --S- | C] () -- C:\WINXP\bootstat.dat [2012.09.11 22:07:27 | 000,021,740 | ---- | C] () -- C:\WINXP\System32\emptyregdb.dat ========== ZeroAccess Check ========== [2012.10.18 13:48:07 | 000,000,227 | RHS- | M] () -- C:\WINXP\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2011.04.12 20:55:10 | 001,510,400 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.08.03 18:13:55 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 08:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2013.05.07 21:43:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Alternate [2013.05.23 14:24:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVAST Software [2012.10.02 10:42:12 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ [2013.01.29 21:44:46 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files [2012.09.12 13:50:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite [2013.04.21 15:21:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Pro [2013.04.13 11:23:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\elsterformular [2013.05.19 22:39:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\firebird [2013.04.20 23:03:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\mpb [2013.05.20 17:22:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Native Instruments [2013.03.07 16:13:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nokia [2013.05.15 13:35:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PMB Files [2013.04.18 16:13:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TmForever [2013.05.14 23:45:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Turbine [2013.04.28 17:18:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{B33DA322-24E5-416A-87BB-22AEF439817F} [2013.01.29 21:44:46 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} [2013.05.22 15:26:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\.minecraft [2013.04.21 18:47:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\andro [2012.09.21 16:30:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\Atari [2013.05.22 19:17:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\BitTorrent [2013.05.10 16:41:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\Canon [2013.05.22 19:39:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\CDXReader [2013.05.22 19:39:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\Codec Pack Packages [2012.09.29 21:41:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\DAEMON Tools Lite [2013.04.21 15:20:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\DAEMON Tools Pro [2013.05.04 14:15:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\DAoC Portal [2013.05.22 19:37:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\DSite [2013.05.13 19:21:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\FileZilla [2013.05.22 19:50:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\Firstload [2013.04.26 20:47:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\GitHub [2013.05.04 14:31:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\ICSharpCode [2013.05.22 19:39:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\LavFilters [2013.05.04 18:28:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\mana [2012.11.02 13:03:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\Nokia [2012.11.02 13:03:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\Nokia Suite [2013.05.07 21:37:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\Notepad++ [2012.12.09 18:24:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\OpenOffice.org [2013.04.20 20:27:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\Opera [2013.05.23 14:14:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\Spotify [2013.05.04 14:21:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\Subversion [2013.05.12 18:36:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\TeamViewer [2012.12.29 22:33:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\Thunderbird [2013.05.21 13:10:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\TS3Client [2013.04.21 18:41:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Svem\Anwendungsdaten\Unity ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2012.10.08 14:40:04 | 000,000,000 | ---D | M] -- C:\.jagex_cache_32 [2012.09.30 22:12:46 | 000,000,000 | R--D | M] -- C:\AHCache [2003.02.27 12:33:10 | 000,000,000 | ---D | M] -- C:\Audio [2013.01.21 18:32:03 | 000,000,000 | ---D | M] -- C:\CanoScan [2013.05.06 19:30:11 | 000,000,000 | RHSD | M] -- C:\cmdcons [2013.05.23 20:54:44 | 000,000,000 | -HSD | M] -- C:\Config.Msi [2013.04.13 11:11:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen [2013.05.15 13:49:47 | 000,000,000 | ---D | M] -- C:\Gamescampus [2013.04.20 22:00:40 | 000,000,000 | ---D | M] -- C:\ProgramData [2013.05.23 20:54:43 | 000,000,000 | R--D | M] -- C:\Programme [2013.05.06 20:28:41 | 000,000,000 | -HSD | M] -- C:\RECYCLER [2012.09.11 22:18:25 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2013.05.06 21:10:21 | 000,000,000 | ---D | M] -- C:\Treiber [2013.05.23 17:44:02 | 000,000,000 | ---D | M] -- C:\WINXP < %PROGRAMFILES%\*.exe > Invalid Environment Variable: LOCALAPPDATA < %systemroot%\*. /mp /s > < C:\Windows\system32\*.tsp > [2012.09.11 22:09:05 | 000,000,065 | RH-- | C] () -- C:\WINXP\Tasks\desktop.ini [2012.09.11 22:18:22 | 000,000,006 | -H-- | C] () -- C:\WINXP\Tasks\SA.DAT [2012.11.18 20:05:02 | 000,000,880 | ---- | C] () -- C:\WINXP\Tasks\Adobe Flash Player Updater.job [2013.05.18 12:55:52 | 000,001,082 | ---- | C] () -- C:\WINXP\Tasks\GoogleUpdateTaskMachineCore.job [2013.05.18 12:55:52 | 000,001,086 | ---- | C] () -- C:\WINXP\Tasks\GoogleUpdateTaskMachineUA.job [2013.05.23 14:26:58 | 000,000,352 | -H-- | C] () -- C:\WINXP\Tasks\avast! Emergency Update.job < MD5 for: AGP440.SYS > [2011.06.14 20:26:00 | 017,826,376 | ---- | M] () .cab file -- C:\WINXP\Driver Cache\i386\sp3.cab:AGP440.sys < MD5 for: ATAPI.SYS > [2011.06.14 20:26:00 | 017,826,376 | ---- | M] () .cab file -- C:\WINXP\Driver Cache\i386\sp3.cab:atapi.sys [2008.04.14 08:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINXP\erdnt\cache\atapi.sys [2008.04.14 08:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINXP\system32\drivers\atapi.sys < MD5 for: EVENTLOG.DLL > [2008.04.14 08:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINXP\erdnt\cache\eventlog.dll [2008.04.14 08:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINXP\system32\dllcache\eventlog.dll [2008.04.14 08:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINXP\system32\eventlog.dll < MD5 for: EXPLORER.EXE > [2008.04.14 08:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINXP\erdnt\cache\explorer.exe [2008.04.14 08:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINXP\explorer.exe [2008.04.14 08:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINXP\system32\dllcache\explorer.exe < MD5 for: NETLOGON.DLL > [2008.04.14 08:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINXP\erdnt\cache\netlogon.dll [2008.04.14 08:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINXP\system32\dllcache\netlogon.dll [2008.04.14 08:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINXP\system32\netlogon.dll < MD5 for: SCECLI.DLL > [2008.04.14 08:00:00 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINXP\erdnt\cache\scecli.dll [2008.04.14 08:00:00 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINXP\system32\dllcache\scecli.dll [2008.04.14 08:00:00 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINXP\system32\scecli.dll < MD5 for: USER32.DLL > [2008.04.14 08:00:00 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINXP\erdnt\cache\user32.dll [2008.04.14 08:00:00 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINXP\system32\dllcache\user32.dll [2008.04.14 08:00:00 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINXP\system32\user32.dll < MD5 for: USERINIT.EXE > [2008.04.14 08:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINXP\erdnt\cache\userinit.exe [2008.04.14 08:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINXP\system32\dllcache\userinit.exe [2008.04.14 08:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINXP\system32\userinit.exe < MD5 for: WINLOGON.EXE > [2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2008.04.14 08:00:00 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINXP\erdnt\cache\winlogon.exe [2008.04.14 08:00:00 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINXP\system32\dllcache\winlogon.exe [2008.04.14 08:00:00 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINXP\system32\winlogon.exe < MD5 for: WS2IFSL.SYS > [2008.04.14 08:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINXP\system32\dllcache\ws2ifsl.sys [2008.04.14 08:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINXP\system32\drivers\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > [2012.09.11 23:52:01 | 000,094,208 | ---- | M] () -- C:\WINXP\System32\config\default.sav [2012.09.11 23:52:01 | 001,093,632 | ---- | M] () -- C:\WINXP\System32\config\software.sav [2012.09.11 23:52:01 | 000,442,368 | ---- | M] () -- C:\WINXP\System32\config\system.sav < %systemroot%\system32\*.dll /lockedfiles > < %USERPROFILE%\*.* > [2013.05.04 18:00:11 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Svem\.gitconfig [2013.05.06 14:24:47 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Svem\defogger_reenable [2013.05.16 11:40:20 | 000,012,228 | ---- | M] () -- C:\Dokumente und Einstellungen\Svem\hs_err_pid2064.log [2013.05.23 20:52:53 | 010,485,760 | -H-- | M] () -- C:\Dokumente und Einstellungen\Svem\NTUSER.DAT [2013.05.23 21:44:31 | 000,001,024 | -H-- | M] () -- C:\Dokumente und Einstellungen\Svem\ntuser.dat.LOG [2013.05.23 17:43:35 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Svem\ntuser.ini < %USERPROFILE%\Local Settings\Temp\*.exe > < %USERPROFILE%\Local Settings\Temp\*.dll > < %USERPROFILE%\Application Data\*.exe > < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 ========== Hard Links - Junction Points - Mount Points - Symbolic Links ========== [C:\WINXP\$NtUninstallKB29866$] -> Error: Cannot create file handle -> Unknown point type < End of report > Extra Logfile: OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 23.05.2013 21:27:44 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Svem\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1021,48 Mb Total Physical Memory | 607,57 Mb Available Physical Memory | 59,48% Memory free 2,40 Gb Paging File | 2,11 Gb Available in Paging File | 87,62% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINXP | %ProgramFiles% = C:\Programme Drive C: | 27,94 Gb Total Space | 6,84 Gb Free Space | 24,47% Space Free | Partition Type: NTFS Drive D: | 244,93 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: SVEN-PC | User Name: Svem | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = Opera.HTML] -- C:\Programme\Opera\Opera.exe (Opera Software) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. https [open] -- "C:\Programme\Opera\Opera.exe" "%1" (Opera Software) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OtsMedia.Surf] -- "C:\OtsLabs\OtsPlay.exe" "%1" /play /surf Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2500_series" = Canon iP2500 series "{143FB15C-0C48-41E3-9C30-F56FB69BF3D7}" = Canon CanoScan Toolbox 4.5 "{1C2B3CEA-482E-4453-B3E2-C9731337828A}" = Microsoft SQL Server 2008 Native Client "{1D328E11-3B0C-388C-835D-C9C20E8C7734}" = Microsoft Help Viewer 1.0 Language Pack - DEU "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1 "{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21 "{2D9F8079-7D50-3EFD-B3BD-ED642E4EE756}" = Microsoft Visual Basic PowerPacks 10.0 "{33999F1F-EA46-4E55-A239-1BA803235396}" = Hercules DJ Products Series drivers "{33AE9E89-47C9-4A0D-9E9D-BDD6966A3804}" = Microsoft SQL Server 2008 RsFx Driver "{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{477415F5-93DA-46AA-85C5-640047825995}" = Microsoft SQL Server 2008 Database Engine Shared "{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files "{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008 Browser "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3 "{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}" = Paint.NET v3.5.10 "{576454F8-2E7D-44B3-B7DD-4258B83887E3}" = SharpDevelop 4.3 "{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}" = Microsoft SQL Server System CLR Types "{5BD39911-A12F-4562-98BA-A6E03E3370B1}" = Microsoft SQL Server 2008 Database Engine Services "{5E21B617-F52E-BB10-92F9-C8AB2C799A8A}" = Adobe Download Assistant "{616C6F39-4CE1-3434-A665-2F6A04C09A7F}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools "{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{6FE12C01-2FBC-42E2-AEB9-4CA2238C462F}" = Nokia Connectivity Cable Driver "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003 "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9AA2D735-3375-42D4-9A61-3FFEF82599D6}" = Unterstützungsdateien für Microsoft SQL Server 2008-Setup "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9C218121-C40A-4D68-BEFB-F963D1B0CD2F}" = TortoiseSVN 1.7.12.24070 (32 bit) "{A106D33E-6B43-42C0-9BFC-D03303261FA7}" = Microsoft SQL Server 2008 R2 Management Objects "{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A8D93648-9F7F-407D-915C-62044644C3DA}" = MSI to redistribute MS VS2005 CRT libraries "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services "{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C4C91E02-D4E2-481E-BCBA-7D90CC8D43E1}" = LiveZilla "{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack "{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack "{D074DC76-F6C9-440E-A1D0-1DE958417FDB}" = Microsoft SQL Server VSS Writer "{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}" = Microsoft Visual C++ 2010 Express - DEU "{DFC6573E-124D-4026-BFA4-B433C9D3FF21}" = ISO Recorder "{E3A0C45A-7EDB-48EB-AB86-2445E74FBFBB}" = Nokia Suite "{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86 "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Avance AC'97 Audio "{FF6F95A4-E59B-45C8-BEA8-0BDC8D9CAB51}" = Microsoft SQL Server 2008 Common Files "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software "ATI Display Driver" = ATI Display Driver (Omega 3.8.252) "avast" = avast! Free Antivirus "BitTorrent" = BitTorrent "com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant "DAEMON Tools Pro" = DAEMON Tools Pro "DivX Setup" = DivX-Setup "ElsterFormular" = ElsterFormular "Firstload" = Firstload "Google Chrome" = Google Chrome "ie8" = Windows Internet Explorer 8 "LiveZilla" = LiveZilla "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack "Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0 "Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU "Microsoft SQL Server 10" = Microsoft SQL Server 2008 "Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 "Microsoft Visual C++ 2010 Express - DEU" = Microsoft Visual C++ 2010 Express - DEU "Microsoft.Net.Client.3.5" = Microsoft .NET Framework Client Profile "Microsoft.Net.Client.3.5.LangPack.deu" = Microsoft .NET Framework Client Profile Language Pack - DEU "Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de) "Mozilla Thunderbird 17.0.6 (x86 de)" = Mozilla Thunderbird 17.0.6 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "Opera 12.15.1748" = Opera 12.15 "PSPad editor_is1" = PSPad editor "TmNationsForever_is1" = TmNationsForever "VLC media player" = VLC media player 2.0.3 "Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 "WinRAR archiver" = WinRAR 4.20 (32-Bit) "winscp3_is1" = WinSCP 5.1.3 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "5f7eb300e2ea4ebf" = GitHub "Codec Pack Packages" = Codec Pack Packages "FileZilla Client" = FileZilla Client 3.6.0.2 "Spotify" = Spotify "TeamSpeak 3 Client" = TeamSpeak 3 Client ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 23.05.2013 14:25:56 | Computer Name = SVEN-PC | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung drwtsn32.exe, Version 5.1.2600.0, fehlgeschlagenes Modul dbghelp.dll, Version 5.1.2600.5512, Fehleradresse 0x0001295d. Error - 23.05.2013 14:26:05 | Computer Name = SVEN-PC | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung div116.tmp, Version 2.6.1.8, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 23.05.2013 14:34:03 | Computer Name = SVEN-PC | Source = MSSQL$SQLEXPRESS | ID = 17204 Description = FCB::Open failed: Die Datei e:\sql10_main_t\sql\mkmastr\databases\objfre\i386\model.mdf für die Dateinummer 1 konnte nicht geöffnet werden. Betriebssystemfehler: 21(Das Gerät ist nicht bereit.). Error - 23.05.2013 14:34:03 | Computer Name = SVEN-PC | Source = MSSQL$SQLEXPRESS | ID = 17204 Description = FCB::Open failed: Die Datei e:\sql10_main_t\sql\mkmastr\databases\objfre\i386\MSDBData.mdf für die Dateinummer 1 konnte nicht geöffnet werden. Betriebssystemfehler: 21(Das Gerät ist nicht bereit.). Error - 23.05.2013 14:34:03 | Computer Name = SVEN-PC | Source = MSSQL$SQLEXPRESS | ID = 17207 Description = FileMgr::StartLogFiles: Betriebssystemfehler 2(Das System kann die angegebene Datei nicht finden.) beim Erstellen oder Öffnen der Datei 'e:\sql10_main_t\sql\mkmastr\databases\objfre\i386\modellog.ldf'. Diagnostizieren und korrigieren Sie den Betriebssystemfehler, und wiederholen Sie den Vorgang. Error - 23.05.2013 14:34:03 | Computer Name = SVEN-PC | Source = MSSQL$SQLEXPRESS | ID = 17207 Description = FileMgr::StartLogFiles: Betriebssystemfehler 2(Das System kann die angegebene Datei nicht finden.) beim Erstellen oder Öffnen der Datei 'e:\sql10_main_t\sql\mkmastr\databases\objfre\i386\MSDBLog.ldf'. Diagnostizieren und korrigieren Sie den Betriebssystemfehler, und wiederholen Sie den Vorgang. Error - 23.05.2013 14:56:46 | Computer Name = SVEN-PC | Source = MSSQL$SQLEXPRESS | ID = 17204 Description = FCB::Open failed: Die Datei e:\sql10_main_t\sql\mkmastr\databases\objfre\i386\model.mdf für die Dateinummer 1 konnte nicht geöffnet werden. Betriebssystemfehler: 21(Das Gerät ist nicht bereit.). Error - 23.05.2013 14:56:46 | Computer Name = SVEN-PC | Source = MSSQL$SQLEXPRESS | ID = 17204 Description = FCB::Open failed: Die Datei e:\sql10_main_t\sql\mkmastr\databases\objfre\i386\MSDBData.mdf für die Dateinummer 1 konnte nicht geöffnet werden. Betriebssystemfehler: 21(Das Gerät ist nicht bereit.). Error - 23.05.2013 14:56:46 | Computer Name = SVEN-PC | Source = MSSQL$SQLEXPRESS | ID = 17207 Description = FileMgr::StartLogFiles: Betriebssystemfehler 2(Das System kann die angegebene Datei nicht finden.) beim Erstellen oder Öffnen der Datei 'e:\sql10_main_t\sql\mkmastr\databases\objfre\i386\modellog.ldf'. Diagnostizieren und korrigieren Sie den Betriebssystemfehler, und wiederholen Sie den Vorgang. Error - 23.05.2013 14:56:46 | Computer Name = SVEN-PC | Source = MSSQL$SQLEXPRESS | ID = 17207 Description = FileMgr::StartLogFiles: Betriebssystemfehler 2(Das System kann die angegebene Datei nicht finden.) beim Erstellen oder Öffnen der Datei 'e:\sql10_main_t\sql\mkmastr\databases\objfre\i386\MSDBLog.ldf'. Diagnostizieren und korrigieren Sie den Betriebssystemfehler, und wiederholen Sie den Vorgang. [ System Events ] Error - 23.05.2013 15:24:02 | Computer Name = SVEN-PC | Source = Service Control Manager | ID = 7023 Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem Fehler beendet: %%127 Error - 23.05.2013 15:24:04 | Computer Name = SVEN-PC | Source = Service Control Manager | ID = 7023 Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem Fehler beendet: %%127 Error - 23.05.2013 15:24:04 | Computer Name = SVEN-PC | Source = Service Control Manager | ID = 7023 Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem Fehler beendet: %%127 Error - 23.05.2013 15:24:36 | Computer Name = SVEN-PC | Source = Service Control Manager | ID = 7023 Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem Fehler beendet: %%127 Error - 23.05.2013 15:24:47 | Computer Name = SVEN-PC | Source = Service Control Manager | ID = 7023 Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem Fehler beendet: %%127 Error - 23.05.2013 15:25:28 | Computer Name = SVEN-PC | Source = Service Control Manager | ID = 7023 Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem Fehler beendet: %%127 Error - 23.05.2013 15:25:30 | Computer Name = SVEN-PC | Source = Service Control Manager | ID = 7023 Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem Fehler beendet: %%127 Error - 23.05.2013 15:26:47 | Computer Name = SVEN-PC | Source = Service Control Manager | ID = 7023 Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem Fehler beendet: %%127 Error - 23.05.2013 15:26:52 | Computer Name = SVEN-PC | Source = Service Control Manager | ID = 7023 Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem Fehler beendet: %%127 Error - 23.05.2013 15:44:20 | Computer Name = SVEN-PC | Source = Service Control Manager | ID = 7023 Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem Fehler beendet: %%127 < End of report > |
23.05.2013, 20:55 | #6 |
/// Malware-holic | Komischer Maleware oder Spyware fall hi, Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ --> Komischer Maleware oder Spyware fall |
23.05.2013, 21:08 | #7 |
| Komischer Maleware oder Spyware fall TDSSKiller Logfile: 22:05:43.0509 1912 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 22:05:43.0779 1912 ============================================================ 22:05:43.0779 1912 Current date / time: 2013/05/23 22:05:43.0779 22:05:43.0779 1912 SystemInfo: 22:05:43.0779 1912 22:05:43.0779 1912 OS Version: 5.1.2600 ServicePack: 3.0 22:05:43.0779 1912 Product type: Workstation 22:05:43.0779 1912 ComputerName: SVEN-PC 22:05:43.0779 1912 UserName: Svem 22:05:43.0779 1912 Windows directory: C:\WINXP 22:05:43.0779 1912 System windows directory: C:\WINXP 22:05:43.0779 1912 Processor architecture: Intel x86 22:05:43.0779 1912 Number of processors: 1 22:05:43.0779 1912 Page size: 0x1000 22:05:43.0779 1912 Boot type: Normal boot 22:05:43.0779 1912 ============================================================ 22:05:46.0053 1912 Drive \Device\Harddisk0\DR0 - Size: 0x6FC7C8000 (27.95 Gb), SectorSize: 0x200, Cylinders: 0xE40, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 22:05:46.0053 1912 ============================================================ 22:05:46.0053 1912 \Device\Harddisk0\DR0: 22:05:46.0053 1912 MBR partitions: 22:05:46.0053 1912 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x37DFF40 22:05:46.0053 1912 ============================================================ 22:05:46.0093 1912 C: <-> \Device\Harddisk0\DR0\Partition1 22:05:46.0093 1912 ============================================================ 22:05:46.0093 1912 Initialize success 22:05:46.0093 1912 ============================================================ 22:06:21.0273 2532 ============================================================ 22:06:21.0273 2532 Scan started 22:06:21.0273 2532 Mode: Manual; SigCheck; TDLFS; 22:06:21.0273 2532 ============================================================ 22:06:23.0937 2532 ================ Scan system memory ======================== 22:06:23.0947 2532 System memory - ok 22:06:23.0947 2532 ================ Scan services ============================= 22:06:24.0097 2532 Abiosdsk - ok 22:06:24.0107 2532 abp480n5 - ok 22:06:24.0167 2532 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINXP\system32\DRIVERS\ACPI.sys 22:06:27.0482 2532 ACPI - ok 22:06:27.0532 2532 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINXP\system32\DRIVERS\ACPIEC.sys 22:06:27.0793 2532 ACPIEC - ok 22:06:27.0873 2532 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\WINXP\system32\Macromed\Flash\FlashPlayerUpdateService.exe 22:06:27.0923 2532 AdobeFlashPlayerUpdateSvc - ok 22:06:27.0933 2532 adpu160m - ok 22:06:27.0983 2532 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINXP\system32\drivers\aec.sys 22:06:28.0213 2532 aec - ok 22:06:28.0273 2532 [ 8D499B1276012EB907E7A9E0F4D8FDA4 ] AFD C:\WINXP\System32\drivers\afd.sys 22:06:28.0374 2532 AFD - ok 22:06:28.0384 2532 Aha154x - ok 22:06:28.0394 2532 aic78u2 - ok 22:06:28.0404 2532 aic78xx - ok 22:06:28.0554 2532 [ 97E3A6A6C6CF4A1D58FCD6EAD2FAA942 ] ALCXWDM C:\WINXP\system32\drivers\ALCXWDM.SYS 22:06:28.0774 2532 ALCXWDM - ok 22:06:28.0804 2532 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINXP\system32\alrsvc.dll 22:06:28.0984 2532 Alerter - ok 22:06:29.0014 2532 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINXP\System32\alg.exe 22:06:29.0105 2532 ALG - ok 22:06:29.0115 2532 AliIde - ok 22:06:29.0125 2532 amsint - ok 22:06:29.0165 2532 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINXP\System32\appmgmts.dll 22:06:29.0275 2532 AppMgmt - ok 22:06:29.0305 2532 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINXP\system32\DRIVERS\arp1394.sys 22:06:29.0515 2532 Arp1394 - ok 22:06:29.0525 2532 asc - ok 22:06:29.0535 2532 asc3350p - ok 22:06:29.0545 2532 asc3550 - ok 22:06:29.0705 2532 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINXP\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 22:06:29.0766 2532 aspnet_state - ok 22:06:29.0806 2532 [ 4AF5F360BA1E8794D32B366E45A64A0A ] aswFsBlk C:\WINXP\system32\drivers\aswFsBlk.sys 22:06:29.0896 2532 aswFsBlk - ok 22:06:29.0976 2532 [ 1F7094D4268D46F718C51286DC189791 ] aswMonFlt C:\WINXP\system32\drivers\aswMonFlt.sys 22:06:29.0996 2532 aswMonFlt - ok 22:06:30.0016 2532 [ 7B43265F92257A21CBFD88E7A651044C ] AswRdr C:\WINXP\system32\drivers\AswRdr.sys 22:06:30.0036 2532 AswRdr - ok 22:06:30.0066 2532 [ B680134BA1813B78B47FDD1DFF223CA5 ] aswRvrt C:\WINXP\system32\drivers\aswRvrt.sys 22:06:30.0086 2532 aswRvrt - ok 22:06:30.0176 2532 [ 6CAB0A5991C5C0FC63F5E66593E71D7E ] aswSnx C:\WINXP\system32\drivers\aswSnx.sys 22:06:30.0246 2532 aswSnx - ok 22:06:30.0326 2532 [ 99102F60F344BEBAF4F6114514FD28D3 ] aswSP C:\WINXP\system32\drivers\aswSP.sys 22:06:30.0416 2532 aswSP - ok 22:06:30.0477 2532 [ 1F71F170D90E42EFDE9633D81D5E12DC ] aswTdi C:\WINXP\system32\drivers\aswTdi.sys 22:06:30.0497 2532 aswTdi - ok 22:06:30.0517 2532 [ 16B8E3CD50A460EC32CA680C8210A0A9 ] aswVmm C:\WINXP\system32\drivers\aswVmm.sys 22:06:30.0547 2532 aswVmm - ok 22:06:30.0587 2532 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINXP\system32\DRIVERS\asyncmac.sys 22:06:30.0797 2532 AsyncMac - ok 22:06:30.0817 2532 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINXP\system32\DRIVERS\atapi.sys 22:06:31.0047 2532 atapi - ok 22:06:31.0047 2532 Atdisk - ok 22:06:31.0127 2532 [ A2EAEB497CA29ECAEAF0DF66AD85C57D ] Ati HotKey Poller C:\WINXP\system32\Ati2evxx.exe 22:06:31.0218 2532 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - warning 22:06:31.0218 2532 Ati HotKey Poller - detected UnsignedFile.Multi.Generic (1) 22:06:31.0278 2532 [ 56926CCC03417DFFC39C02AC4C163EBC ] ATI Smart C:\WINXP\system32\ati2sgag.exe 22:06:31.0358 2532 ATI Smart ( UnsignedFile.Multi.Generic ) - warning 22:06:31.0358 2532 ATI Smart - detected UnsignedFile.Multi.Generic (1) 22:06:31.0498 2532 [ 492BD2A5F65F218D4EDE5764A3BB67E9 ] ati2mtag C:\WINXP\system32\DRIVERS\ati2mtag.sys 22:06:31.0728 2532 ati2mtag ( UnsignedFile.Multi.Generic ) - warning 22:06:31.0728 2532 ati2mtag - detected UnsignedFile.Multi.Generic (1) 22:06:31.0778 2532 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINXP\system32\DRIVERS\atmarpc.sys 22:06:31.0999 2532 Atmarpc - ok 22:06:32.0049 2532 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINXP\System32\audiosrv.dll 22:06:32.0259 2532 AudioSrv - ok 22:06:32.0309 2532 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINXP\system32\DRIVERS\audstub.sys 22:06:32.0509 2532 audstub - ok 22:06:32.0670 2532 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Programme\AVAST Software\Avast\AvastSvc.exe 22:06:32.0700 2532 avast! Antivirus - ok 22:06:32.0750 2532 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINXP\system32\drivers\Beep.sys 22:06:32.0970 2532 Beep - ok 22:06:33.0020 2532 [ B42057F06BBB98B31876C0B3F2B54E33 ] Browser C:\WINXP\System32\browser.dll 22:06:33.0231 2532 Browser - ok 22:06:33.0321 2532 [ CB29230EE722C43EED443BAABDED721C ] Bulk C:\WINXP\system32\Drivers\HDJBulk.sys 22:06:33.0351 2532 Bulk ( UnsignedFile.Multi.Generic ) - warning 22:06:33.0351 2532 Bulk - detected UnsignedFile.Multi.Generic (1) 22:06:33.0461 2532 catchme - ok 22:06:33.0521 2532 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINXP\system32\drivers\cbidf2k.sys 22:06:33.0711 2532 cbidf2k - ok 22:06:33.0711 2532 cd20xrnt - ok 22:06:33.0761 2532 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINXP\system32\drivers\Cdaudio.sys 22:06:33.0972 2532 Cdaudio - ok 22:06:34.0022 2532 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINXP\system32\drivers\Cdfs.sys 22:06:34.0212 2532 Cdfs - ok 22:06:34.0242 2532 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINXP\system32\DRIVERS\cdrom.sys 22:06:34.0452 2532 Cdrom - ok 22:06:34.0462 2532 Changer - ok 22:06:34.0492 2532 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINXP\system32\cisvc.exe 22:06:34.0693 2532 CiSvc - ok 22:06:34.0763 2532 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINXP\system32\clipsrv.exe 22:06:34.0963 2532 ClipSrv - ok 22:06:35.0043 2532 [ 7FA87325900183197BC9710D1CE4C9FA ] clr_optimization_v2.0.50727_32 C:\WINXP\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 22:06:35.0133 2532 clr_optimization_v2.0.50727_32 - ok 22:06:35.0173 2532 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINXP\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 22:06:35.0263 2532 clr_optimization_v4.0.30319_32 - ok 22:06:35.0314 2532 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINXP\system32\DRIVERS\CmBatt.sys 22:06:35.0524 2532 CmBatt - ok 22:06:35.0534 2532 CmdIde - ok 22:06:35.0554 2532 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINXP\system32\DRIVERS\compbatt.sys 22:06:35.0774 2532 Compbatt - ok 22:06:35.0784 2532 COMSysApp - ok 22:06:35.0804 2532 Cpqarray - ok 22:06:35.0874 2532 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINXP\System32\cryptsvc.dll 22:06:36.0075 2532 CryptSvc - ok 22:06:36.0085 2532 dac2w2k - ok 22:06:36.0095 2532 dac960nt - ok 22:06:36.0155 2532 [ D3D765E8455A961AE567B408F767D4F9 ] DcomLaunch C:\WINXP\system32\rpcss.dll 22:06:36.0295 2532 DcomLaunch - ok 22:06:36.0365 2532 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINXP\System32\dhcpcsvc.dll 22:06:36.0585 2532 Dhcp - ok 22:06:36.0615 2532 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINXP\system32\DRIVERS\disk.sys 22:06:36.0816 2532 Disk - ok 22:06:36.0826 2532 dmadmin - ok 22:06:36.0896 2532 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINXP\system32\drivers\dmboot.sys 22:06:37.0156 2532 dmboot - ok 22:06:37.0206 2532 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINXP\system32\drivers\dmio.sys 22:06:37.0597 2532 dmio - ok 22:06:37.0647 2532 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINXP\system32\drivers\dmload.sys 22:06:37.0847 2532 dmload - ok 22:06:37.0887 2532 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINXP\System32\dmserver.dll 22:06:38.0098 2532 dmserver - ok 22:06:38.0158 2532 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINXP\system32\drivers\DMusic.sys 22:06:38.0358 2532 DMusic - ok 22:06:38.0408 2532 [ 4548494812BA3B416D489E0C6AF8D643 ] Dnscache C:\WINXP\System32\dnsrslvr.dll 22:06:38.0528 2532 Dnscache - ok 22:06:38.0558 2532 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINXP\System32\dot3svc.dll 22:06:38.0789 2532 Dot3svc - ok 22:06:38.0799 2532 dpti2o - ok 22:06:38.0859 2532 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINXP\system32\drivers\drmkaud.sys 22:06:39.0059 2532 drmkaud - ok 22:06:39.0119 2532 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\WINXP\system32\DRIVERS\dtsoftbus01.sys 22:06:39.0169 2532 dtsoftbus01 - ok 22:06:39.0179 2532 EagleXNt - ok 22:06:39.0219 2532 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINXP\System32\eapsvc.dll 22:06:39.0449 2532 EapHost - ok 22:06:39.0490 2532 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINXP\System32\ersvc.dll 22:06:39.0690 2532 ERSvc - ok 22:06:39.0750 2532 [ F0A7D59AF279326528715B206669B86C ] Eventlog C:\WINXP\system32\services.exe 22:06:39.0800 2532 Eventlog - ok 22:06:39.0840 2532 [ ADA7241C16F3F42C7F210539FAD5F3AA ] EventSystem C:\WINXP\system32\es.dll 22:06:39.0960 2532 EventSystem - ok 22:06:39.0970 2532 EverestDriver - ok 22:06:40.0030 2532 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINXP\system32\drivers\Fastfat.sys 22:06:40.0221 2532 Fastfat - ok 22:06:40.0291 2532 [ 927666F4228E3FBBC3D1171581DC8BDC ] FastUserSwitchingCompatibility C:\WINXP\System32\shsvcs.dll 22:06:40.0401 2532 FastUserSwitchingCompatibility - ok 22:06:40.0421 2532 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINXP\system32\drivers\Fdc.sys 22:06:40.0621 2532 Fdc - ok 22:06:40.0671 2532 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINXP\system32\drivers\Fips.sys 22:06:40.0861 2532 Fips - ok 22:06:40.0882 2532 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINXP\system32\drivers\Flpydisk.sys 22:06:41.0102 2532 Flpydisk - ok 22:06:41.0172 2532 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINXP\system32\DRIVERS\fltMgr.sys 22:06:41.0382 2532 FltMgr - ok 22:06:41.0432 2532 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINXP\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 22:06:41.0452 2532 FontCache3.0.0.0 - ok 22:06:41.0492 2532 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINXP\system32\drivers\Fs_Rec.sys 22:06:41.0693 2532 Fs_Rec - ok 22:06:41.0733 2532 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINXP\system32\DRIVERS\ftdisk.sys 22:06:41.0943 2532 Ftdisk - ok 22:06:41.0993 2532 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINXP\system32\DRIVERS\msgpc.sys 22:06:42.0193 2532 Gpc - ok 22:06:42.0284 2532 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe 22:06:42.0314 2532 gupdate - ok 22:06:42.0334 2532 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe 22:06:42.0354 2532 gupdatem - ok 22:06:42.0394 2532 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\WINXP\system32\DRIVERS\hamachi.sys 22:06:42.0404 2532 hamachi - ok 22:06:42.0464 2532 [ A840EDE400211536C96D38D2C099B284 ] HDJMidi C:\WINXP\system32\DRIVERS\HDJMidi.sys 22:06:42.0484 2532 HDJMidi ( UnsignedFile.Multi.Generic ) - warning 22:06:42.0484 2532 HDJMidi - detected UnsignedFile.Multi.Generic (1) 22:06:42.0564 2532 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINXP\PCHealth\HelpCtr\Binaries\pchsvc.dll 22:06:42.0764 2532 helpsvc - ok 22:06:42.0794 2532 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINXP\System32\hidserv.dll 22:06:42.0995 2532 HidServ - ok 22:06:43.0045 2532 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINXP\system32\DRIVERS\hidusb.sys 22:06:43.0235 2532 hidusb - ok 22:06:43.0275 2532 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINXP\System32\kmsvc.dll 22:06:43.0475 2532 hkmsvc - ok 22:06:43.0475 2532 hpn - ok 22:06:43.0555 2532 [ 937031C085718C1C04A9C0864625EC6B ] HTTP C:\WINXP\system32\Drivers\HTTP.sys 22:06:43.0615 2532 HTTP - ok 22:06:43.0666 2532 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINXP\System32\w3ssl.dll 22:06:43.0886 2532 HTTPFilter - ok 22:06:43.0896 2532 i2omgmt - ok 22:06:43.0906 2532 i2omp - ok 22:06:43.0966 2532 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINXP\system32\DRIVERS\i8042prt.sys 22:06:44.0166 2532 i8042prt - ok 22:06:44.0296 2532 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 22:06:44.0477 2532 idsvc - ok 22:06:44.0537 2532 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINXP\system32\DRIVERS\imapi.sys 22:06:44.0767 2532 Imapi - ok 22:06:44.0847 2532 [ FECBE209E9603DE678C9B6A395B8E2AF ] Imapi Helper C:\Programme\Alex Feinman\ISO Recorder\ImapiHelper.exe 22:06:44.0877 2532 Imapi Helper ( UnsignedFile.Multi.Generic ) - warning 22:06:44.0877 2532 Imapi Helper - detected UnsignedFile.Multi.Generic (1) 22:06:44.0907 2532 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINXP\system32\imapi.exe 22:06:45.0108 2532 ImapiService - ok 22:06:45.0128 2532 ini910u - ok 22:06:45.0138 2532 IntelIde - ok 22:06:45.0198 2532 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINXP\system32\DRIVERS\intelppm.sys 22:06:45.0428 2532 intelppm - ok 22:06:45.0458 2532 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINXP\system32\DRIVERS\Ip6Fw.sys 22:06:45.0668 2532 Ip6Fw - ok 22:06:45.0718 2532 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINXP\system32\DRIVERS\ipfltdrv.sys 22:06:45.0929 2532 IpFilterDriver - ok 22:06:45.0979 2532 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINXP\system32\DRIVERS\ipinip.sys 22:06:46.0179 2532 IpInIp - ok 22:06:46.0219 2532 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINXP\system32\DRIVERS\ipnat.sys 22:06:46.0650 2532 IpNat - ok 22:06:46.0680 2532 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINXP\system32\DRIVERS\ipsec.sys 22:06:46.0890 2532 IPSec - ok 22:06:46.0970 2532 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINXP\system32\DRIVERS\irenum.sys 22:06:47.0211 2532 IRENUM - ok 22:06:47.0251 2532 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINXP\system32\DRIVERS\isapnp.sys 22:06:47.0601 2532 isapnp - ok 22:06:47.0741 2532 [ 5739F2821D49975CEDE6BF0153D0CF01 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe 22:06:47.0771 2532 JavaQuickStarterService - ok 22:06:47.0811 2532 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINXP\system32\DRIVERS\kbdclass.sys 22:06:48.0012 2532 Kbdclass - ok 22:06:48.0032 2532 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINXP\system32\DRIVERS\kbdhid.sys 22:06:48.0262 2532 kbdhid - ok 22:06:48.0312 2532 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINXP\system32\drivers\kmixer.sys 22:06:48.0543 2532 kmixer - ok 22:06:48.0603 2532 [ C6EBF1D6AD71DF30DB49B8D3287E1368 ] KSecDD C:\WINXP\system32\drivers\KSecDD.sys 22:06:48.0713 2532 KSecDD - ok 22:06:48.0763 2532 [ 41202C42C8D1A4465AB121F806E93F24 ] LanmanServer C:\WINXP\System32\srvsvc.dll 22:06:48.0863 2532 LanmanServer - ok 22:06:48.0923 2532 [ C9B816901C1ABF28BA6C5B6CB65EB75B ] LanmanWorkstation C:\WINXP\System32\wkssvc.dll 22:06:49.0023 2532 LanmanWorkstation - ok 22:06:49.0033 2532 lbrtfdc - ok 22:06:49.0103 2532 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINXP\System32\lmhsvc.dll 22:06:49.0324 2532 LmHosts - ok 22:06:49.0704 2532 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINXP\System32\msgsvc.dll 22:06:49.0925 2532 Messenger - ok 22:06:49.0975 2532 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINXP\system32\drivers\mnmdd.sys 22:06:50.0205 2532 mnmdd - ok 22:06:50.0265 2532 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINXP\system32\mnmsrvc.exe 22:06:50.0515 2532 mnmsrvc - ok 22:06:50.0585 2532 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINXP\system32\drivers\Modem.sys 22:06:50.0776 2532 Modem - ok 22:06:50.0836 2532 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINXP\system32\drivers\MODEMCSA.sys 22:06:51.0026 2532 MODEMCSA - ok 22:06:51.0076 2532 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINXP\system32\DRIVERS\mouclass.sys 22:06:51.0256 2532 Mouclass - ok 22:06:51.0286 2532 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINXP\system32\DRIVERS\mouhid.sys 22:06:51.0487 2532 mouhid - ok 22:06:51.0557 2532 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINXP\system32\drivers\MountMgr.sys 22:06:51.0757 2532 MountMgr - ok 22:06:51.0847 2532 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe 22:06:51.0867 2532 MozillaMaintenance - ok 22:06:51.0877 2532 mraid35x - ok 22:06:51.0927 2532 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINXP\system32\DRIVERS\mrxdav.sys 22:06:52.0128 2532 MRxDAV - ok 22:06:52.0188 2532 [ 8DD801E28EB76FDA2A38907882A0036F ] MRxSmb C:\WINXP\system32\DRIVERS\mrxsmb.sys 22:06:52.0338 2532 MRxSmb - ok 22:06:52.0398 2532 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINXP\system32\msdtc.exe 22:06:52.0608 2532 MSDTC - ok 22:06:52.0648 2532 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINXP\system32\drivers\Msfs.sys 22:06:52.0839 2532 Msfs - ok 22:06:52.0869 2532 MSIServer - ok 22:06:52.0929 2532 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINXP\system32\drivers\MSKSSRV.sys 22:06:53.0099 2532 MSKSSRV - ok 22:06:53.0139 2532 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINXP\system32\drivers\MSPCLOCK.sys 22:06:53.0319 2532 MSPCLOCK - ok 22:06:53.0359 2532 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINXP\system32\drivers\MSPQM.sys 22:06:53.0550 2532 MSPQM - ok 22:06:53.0620 2532 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINXP\system32\DRIVERS\mssmbios.sys 22:06:53.0780 2532 mssmbios - ok 22:06:53.0870 2532 MSSQL$SQLEXPRESS - ok 22:06:53.0970 2532 [ F1761C8FB2B25A32C6D63E36BB88C3AE ] MSSQLServerADHelper100 c:\Programme\Microsoft SQL Server\100\Shared\SQLADHLP.EXE 22:06:53.0990 2532 MSSQLServerADHelper100 - ok 22:06:54.0030 2532 [ F7B1AD991491F02AF6DA70B00B8BF114 ] Mup C:\WINXP\system32\drivers\Mup.sys 22:06:54.0091 2532 Mup - ok 22:06:54.0141 2532 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINXP\System32\qagentrt.dll 22:06:54.0351 2532 napagent - ok 22:06:54.0441 2532 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINXP\system32\drivers\NDIS.sys 22:06:54.0631 2532 NDIS - ok 22:06:54.0681 2532 [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi C:\WINXP\system32\DRIVERS\ndistapi.sys 22:06:54.0872 2532 NdisTapi - ok 22:06:54.0922 2532 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINXP\system32\DRIVERS\ndisuio.sys 22:06:55.0112 2532 Ndisuio - ok 22:06:55.0152 2532 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINXP\system32\DRIVERS\ndiswan.sys 22:06:55.0342 2532 NdisWan - ok 22:06:55.0362 2532 [ 816460BD4B4ACD27937D1D0813E2E9E9 ] NDProxy C:\WINXP\system32\drivers\NDProxy.sys 22:06:55.0462 2532 NDProxy - ok 22:06:55.0493 2532 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINXP\system32\DRIVERS\netbios.sys 22:06:55.0703 2532 NetBIOS - ok 22:06:55.0733 2532 [ 1E86E1FB2E4637B4A825D6DF14BC29A1 ] NetBT C:\WINXP\system32\DRIVERS\netbt.sys 22:06:55.0753 2532 Suspicious file (Forged): C:\WINXP\system32\DRIVERS\netbt.sys. Real md5: 1E86E1FB2E4637B4A825D6DF14BC29A1, Fake md5: 74B2B2F5BEA5E9A3DC021D685551BD3D 22:06:55.0753 2532 NetBT ( Virus.Win32.ZAccess.aml ) - infected 22:06:55.0753 2532 NetBT - detected Virus.Win32.ZAccess.aml (0) 22:06:55.0803 2532 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINXP\system32\netdde.exe 22:06:55.0993 2532 NetDDE - ok 22:06:56.0023 2532 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINXP\system32\netdde.exe 22:06:56.0204 2532 NetDDEdsdm - ok 22:06:56.0274 2532 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINXP\system32\lsass.exe 22:06:56.0474 2532 Netlogon - ok 22:06:56.0524 2532 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINXP\System32\netman.dll 22:06:56.0754 2532 Netman - ok 22:06:56.0804 2532 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINXP\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 22:06:56.0854 2532 NetTcpPortSharing - ok 22:06:56.0915 2532 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINXP\system32\DRIVERS\nic1394.sys 22:06:57.0105 2532 NIC1394 - ok 22:06:57.0175 2532 NIHardwareService - ok 22:06:57.0245 2532 [ 4AA50627B01C0E9C6B4C6BD3AF648F12 ] Nla C:\WINXP\System32\mswsock.dll 22:06:57.0315 2532 Nla - ok 22:06:57.0385 2532 [ 33A4B24A4C4DCF3C168E2C1151A62FC5 ] nmwcd C:\WINXP\system32\drivers\ccdcmb.sys 22:06:57.0766 2532 nmwcd - ok 22:06:57.0816 2532 [ A77265EF7BF998B8BB22A1A23E72B45D ] nmwcdc C:\WINXP\system32\drivers\ccdcmbo.sys 22:06:57.0946 2532 nmwcdc - ok 22:06:58.0016 2532 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINXP\system32\drivers\Npfs.sys 22:06:58.0216 2532 Npfs - ok 22:06:58.0267 2532 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINXP\system32\drivers\Ntfs.sys 22:06:58.0547 2532 Ntfs - ok 22:06:58.0607 2532 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINXP\system32\lsass.exe 22:06:58.0777 2532 NtLmSsp - ok 22:06:58.0847 2532 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINXP\system32\ntmssvc.dll 22:06:59.0088 2532 NtmsSvc - ok 22:06:59.0138 2532 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINXP\system32\drivers\Null.sys 22:06:59.0348 2532 Null - ok 22:06:59.0388 2532 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINXP\system32\DRIVERS\nwlnkflt.sys 22:06:59.0568 2532 NwlnkFlt - ok 22:06:59.0618 2532 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINXP\system32\DRIVERS\nwlnkfwd.sys 22:06:59.0819 2532 NwlnkFwd - ok 22:06:59.0849 2532 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINXP\system32\DRIVERS\ohci1394.sys 22:07:00.0049 2532 ohci1394 - ok 22:07:00.0139 2532 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE 22:07:00.0159 2532 ose - ok 22:07:00.0209 2532 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINXP\system32\DRIVERS\parport.sys 22:07:00.0410 2532 Parport - ok 22:07:00.0450 2532 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINXP\system32\drivers\PartMgr.sys 22:07:00.0650 2532 PartMgr - ok 22:07:00.0710 2532 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINXP\system32\drivers\ParVdm.sys 22:07:00.0890 2532 ParVdm - ok 22:07:00.0950 2532 [ F451DCACBAA67F3307305EBD4A39EA07 ] pccsmcfd C:\WINXP\system32\DRIVERS\pccsmcfd.sys 22:07:01.0040 2532 pccsmcfd - ok 22:07:01.0071 2532 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINXP\system32\DRIVERS\pci.sys 22:07:01.0261 2532 PCI - ok 22:07:01.0281 2532 PCIDump - ok 22:07:01.0321 2532 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINXP\system32\DRIVERS\pciide.sys 22:07:01.0521 2532 PCIIde - ok 22:07:01.0591 2532 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINXP\system32\DRIVERS\pcmcia.sys 22:07:01.0792 2532 Pcmcia - ok 22:07:01.0802 2532 PDCOMP - ok 22:07:01.0822 2532 PDFRAME - ok 22:07:01.0842 2532 PDRELI - ok 22:07:01.0862 2532 PDRFRAME - ok 22:07:01.0882 2532 perc2 - ok 22:07:01.0902 2532 perc2hib - ok 22:07:01.0982 2532 [ F0A7D59AF279326528715B206669B86C ] PlugPlay C:\WINXP\system32\services.exe 22:07:02.0022 2532 PlugPlay - ok 22:07:02.0052 2532 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINXP\system32\lsass.exe 22:07:02.0232 2532 PolicyAgent - ok 22:07:02.0272 2532 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINXP\system32\DRIVERS\raspptp.sys 22:07:02.0453 2532 PptpMiniport - ok 22:07:02.0473 2532 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINXP\system32\lsass.exe 22:07:02.0653 2532 ProtectedStorage - ok 22:07:02.0693 2532 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINXP\system32\DRIVERS\psched.sys 22:07:02.0893 2532 PSched - ok 22:07:02.0953 2532 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINXP\system32\DRIVERS\ptilink.sys 22:07:03.0134 2532 Ptilink - ok 22:07:03.0154 2532 ql1080 - ok 22:07:03.0174 2532 Ql10wnt - ok 22:07:03.0194 2532 ql12160 - ok 22:07:03.0214 2532 ql1240 - ok 22:07:03.0224 2532 ql1280 - ok 22:07:03.0274 2532 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINXP\system32\DRIVERS\rasacd.sys 22:07:03.0464 2532 RasAcd - ok 22:07:03.0514 2532 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINXP\System32\rasauto.dll 22:07:03.0734 2532 RasAuto - ok 22:07:03.0774 2532 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINXP\system32\DRIVERS\rasl2tp.sys 22:07:03.0955 2532 Rasl2tp - ok 22:07:04.0005 2532 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINXP\System32\rasmans.dll 22:07:04.0215 2532 RasMan - ok 22:07:04.0255 2532 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINXP\system32\DRIVERS\raspppoe.sys 22:07:04.0455 2532 RasPppoe - ok 22:07:04.0515 2532 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINXP\system32\DRIVERS\raspti.sys 22:07:04.0706 2532 Raspti - ok 22:07:04.0786 2532 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINXP\system32\DRIVERS\rdbss.sys 22:07:04.0956 2532 Rdbss - ok 22:07:04.0996 2532 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINXP\system32\DRIVERS\RDPCDD.sys 22:07:05.0176 2532 RDPCDD - ok 22:07:05.0237 2532 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINXP\system32\DRIVERS\rdpdr.sys 22:07:05.0457 2532 rdpdr - ok 22:07:05.0527 2532 [ 6728E45B66F93C08F11DE2E316FC70DD ] RDPWD C:\WINXP\system32\drivers\RDPWD.sys 22:07:05.0707 2532 RDPWD - ok 22:07:05.0777 2532 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINXP\system32\sessmgr.exe 22:07:05.0978 2532 RDSessMgr - ok 22:07:06.0028 2532 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINXP\system32\DRIVERS\redbook.sys 22:07:06.0218 2532 redbook - ok 22:07:06.0278 2532 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINXP\System32\mprdim.dll 22:07:06.0488 2532 RemoteAccess - ok 22:07:06.0578 2532 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINXP\system32\regsvc.dll 22:07:06.0759 2532 RemoteRegistry - ok 22:07:06.0819 2532 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINXP\system32\locator.exe 22:07:07.0029 2532 RpcLocator - ok 22:07:07.0099 2532 [ D3D765E8455A961AE567B408F767D4F9 ] RpcSs C:\WINXP\System32\rpcss.dll 22:07:07.0169 2532 RpcSs - ok 22:07:07.0239 2532 [ FD692C6FFADE58F7C4C3C3C9A0EC35BD ] RsFx0103 C:\WINXP\system32\DRIVERS\RsFx0103.sys 22:07:07.0299 2532 RsFx0103 - ok 22:07:07.0340 2532 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINXP\system32\rsvp.exe 22:07:07.0540 2532 RSVP - ok 22:07:07.0640 2532 [ E2E588D92C8E151CD3515EE09FEC90E2 ] rt2870 C:\WINXP\system32\DRIVERS\rt2870.sys 22:07:07.0790 2532 rt2870 - ok 22:07:07.0830 2532 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINXP\system32\lsass.exe 22:07:07.0990 2532 SamSs - ok 22:07:08.0051 2532 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINXP\System32\SCardSvr.exe 22:07:08.0251 2532 SCardSvr - ok 22:07:08.0311 2532 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINXP\system32\schedsvc.dll 22:07:08.0541 2532 Schedule - ok 22:07:08.0591 2532 [ A689D522EEDF89401E1DA2FE883AA7EC ] SCREAMINGBDRIVER C:\WINXP\system32\drivers\ScreamingBAudio.sys 22:07:08.0601 2532 SCREAMINGBDRIVER - ok 22:07:08.0611 2532 Scutum50 - ok 22:07:08.0661 2532 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINXP\system32\DRIVERS\secdrv.sys 22:07:08.0742 2532 Secdrv - ok 22:07:08.0772 2532 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINXP\System32\seclogon.dll 22:07:08.0972 2532 seclogon - ok 22:07:09.0012 2532 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINXP\system32\sens.dll 22:07:09.0202 2532 SENS - ok 22:07:09.0242 2532 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINXP\system32\drivers\Serial.sys 22:07:09.0433 2532 Serial - ok 22:07:09.0573 2532 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINXP\system32\drivers\Sfloppy.sys 22:07:09.0763 2532 Sfloppy - ok 22:07:09.0803 2532 [ 927666F4228E3FBBC3D1171581DC8BDC ] ShellHWDetection C:\WINXP\System32\shsvcs.dll 22:07:09.0863 2532 ShellHWDetection - ok 22:07:09.0883 2532 Simbad - ok 22:07:09.0933 2532 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINXP\system32\DRIVERS\sisagp.sys 22:07:10.0114 2532 sisagp - ok 22:07:10.0144 2532 [ 3FBB6EF8B5A71A2FA11F5F461BB73219 ] SISNIC C:\WINXP\system32\DRIVERS\sisnic.sys 22:07:10.0304 2532 SISNIC - ok 22:07:10.0414 2532 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Programme\Skype\Updater\Updater.exe 22:07:10.0444 2532 SkypeUpdate - ok 22:07:10.0474 2532 Sparrow - ok 22:07:10.0534 2532 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINXP\system32\drivers\splitter.sys 22:07:10.0734 2532 splitter - ok 22:07:10.0795 2532 [ 258DD5D4283FD9F9A7166BE9AE45CE73 ] Spooler C:\WINXP\system32\spoolsv.exe 22:07:10.0855 2532 Spooler - ok 22:07:10.0915 2532 [ A687B5B326AFCFCF182C4931D1FF9771 ] SQLAgent$SQLEXPRESS c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE 22:07:10.0965 2532 SQLAgent$SQLEXPRESS - ok 22:07:11.0085 2532 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser c:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe 22:07:11.0125 2532 SQLBrowser - ok 22:07:11.0175 2532 [ 637A0F23F9012358E92E6F99835494D1 ] SQLWriter c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe 22:07:11.0195 2532 SQLWriter - ok 22:07:11.0255 2532 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINXP\system32\DRIVERS\sr.sys 22:07:11.0335 2532 sr - ok 22:07:11.0395 2532 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINXP\system32\srsvc.dll 22:07:11.0526 2532 srservice - ok 22:07:11.0586 2532 [ 9B390283569EA58D43D2586032B892F5 ] Srv C:\WINXP\system32\DRIVERS\srv.sys 22:07:11.0706 2532 Srv - ok 22:07:11.0766 2532 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINXP\System32\ssdpsrv.dll 22:07:11.0886 2532 SSDPSRV - ok 22:07:11.0946 2532 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINXP\system32\wiaservc.dll 22:07:12.0156 2532 stisvc - ok 22:07:12.0207 2532 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINXP\system32\DRIVERS\swenum.sys 22:07:12.0387 2532 swenum - ok 22:07:12.0417 2532 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINXP\system32\drivers\swmidi.sys 22:07:12.0627 2532 swmidi - ok 22:07:12.0637 2532 SwPrv - ok 22:07:12.0657 2532 symc810 - ok 22:07:12.0677 2532 symc8xx - ok 22:07:12.0697 2532 sym_hi - ok 22:07:12.0717 2532 sym_u3 - ok 22:07:12.0787 2532 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINXP\system32\drivers\sysaudio.sys 22:07:12.0988 2532 sysaudio - ok 22:07:13.0028 2532 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINXP\system32\smlogsvc.exe 22:07:13.0248 2532 SysmonLog - ok 22:07:13.0318 2532 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINXP\System32\tapisrv.dll 22:07:13.0528 2532 TapiSrv - ok 22:07:13.0579 2532 [ AD978A1B783B5719720CFF204B666C8E ] Tcpip C:\WINXP\system32\DRIVERS\tcpip.sys 22:07:13.0679 2532 Tcpip - ok 22:07:13.0729 2532 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINXP\system32\drivers\TDPIPE.sys 22:07:13.0919 2532 TDPIPE - ok 22:07:13.0969 2532 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINXP\system32\drivers\TDTCP.sys 22:07:14.0159 2532 TDTCP - ok 22:07:14.0199 2532 [ 88155247177638048422893737429D9E ] TermDD C:\WINXP\system32\DRIVERS\termdd.sys 22:07:14.0360 2532 TermDD - ok 22:07:14.0430 2532 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINXP\System32\termsrv.dll 22:07:14.0650 2532 TermService - ok 22:07:14.0690 2532 [ 927666F4228E3FBBC3D1171581DC8BDC ] Themes C:\WINXP\System32\shsvcs.dll 22:07:14.0720 2532 Themes - ok 22:07:14.0770 2532 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINXP\system32\tlntsvr.exe 22:07:14.0900 2532 TlntSvr - ok 22:07:14.0910 2532 TosIde - ok 22:07:14.0940 2532 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINXP\system32\trkwks.dll 22:07:15.0121 2532 TrkWks - ok 22:07:15.0171 2532 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINXP\system32\drivers\Udfs.sys 22:07:15.0361 2532 Udfs - ok 22:07:15.0371 2532 ultra - ok 22:07:15.0431 2532 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINXP\system32\DRIVERS\update.sys 22:07:15.0712 2532 Update - ok 22:07:15.0792 2532 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINXP\System32\upnphost.dll 22:07:15.0912 2532 upnphost - ok 22:07:15.0962 2532 [ B671514497DF7417F83919A6A5BD6BB9 ] upperdev C:\WINXP\system32\DRIVERS\usbser_lowerflt.sys 22:07:16.0092 2532 upperdev - ok 22:07:16.0162 2532 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINXP\System32\ups.exe 22:07:16.0343 2532 UPS - ok 22:07:16.0393 2532 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINXP\system32\drivers\usbaudio.sys 22:07:16.0713 2532 usbaudio - ok 22:07:16.0773 2532 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINXP\system32\DRIVERS\usbccgp.sys 22:07:17.0054 2532 usbccgp - ok 22:07:17.0094 2532 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINXP\system32\DRIVERS\usbehci.sys 22:07:17.0264 2532 usbehci - ok 22:07:17.0294 2532 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINXP\system32\DRIVERS\usbhub.sys 22:07:17.0474 2532 usbhub - ok 22:07:17.0524 2532 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINXP\system32\DRIVERS\usbohci.sys 22:07:17.0704 2532 usbohci - ok 22:07:17.0755 2532 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINXP\system32\DRIVERS\usbprint.sys 22:07:17.0925 2532 usbprint - ok 22:07:17.0975 2532 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINXP\system32\DRIVERS\usbscan.sys 22:07:18.0145 2532 usbscan - ok 22:07:18.0195 2532 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINXP\system32\drivers\usbser.sys 22:07:18.0375 2532 usbser - ok 22:07:18.0415 2532 [ FF358FD3176B2E5605C4ACCD5026A5AC ] UsbserFilt C:\WINXP\system32\DRIVERS\usbser_lowerfltj.sys 22:07:18.0566 2532 UsbserFilt - ok 22:07:18.0626 2532 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINXP\system32\DRIVERS\USBSTOR.SYS 22:07:18.0866 2532 USBSTOR - ok 22:07:18.0906 2532 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINXP\System32\drivers\vga.sys 22:07:19.0086 2532 VgaSave - ok 22:07:19.0096 2532 ViaIde - ok 22:07:19.0137 2532 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINXP\system32\drivers\VolSnap.sys 22:07:19.0317 2532 VolSnap - ok 22:07:19.0377 2532 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINXP\System32\vssvc.exe 22:07:19.0487 2532 VSS - ok 22:07:19.0547 2532 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINXP\system32\w32time.dll 22:07:19.0757 2532 W32Time - ok 22:07:19.0807 2532 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINXP\system32\DRIVERS\wanarp.sys 22:07:20.0048 2532 Wanarp - ok 22:07:20.0128 2532 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINXP\system32\Drivers\wdf01000.sys 22:07:20.0188 2532 Wdf01000 - ok 22:07:20.0198 2532 WDICA - ok 22:07:20.0248 2532 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINXP\system32\drivers\wdmaud.sys 22:07:20.0418 2532 wdmaud - ok 22:07:20.0458 2532 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINXP\System32\webclnt.dll 22:07:20.0659 2532 WebClient - ok 22:07:20.0769 2532 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINXP\system32\wbem\WMIsvc.dll 22:07:20.0969 2532 winmgmt - ok 22:07:21.0039 2532 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINXP\system32\mspmsnsv.dll 22:07:21.0179 2532 WmdmPmSN - ok 22:07:21.0240 2532 [ 57FA31A965D8FC3172641A93618FBE9E ] Wmi C:\WINXP\System32\advapi32.dll 22:07:21.0340 2532 Wmi - ok 22:07:21.0390 2532 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINXP\system32\wbem\wmiapsrv.exe 22:07:21.0580 2532 WmiApSrv - ok 22:07:21.0670 2532 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe 22:07:21.0830 2532 WMPNetworkSvc - ok 22:07:21.0870 2532 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINXP\system32\DRIVERS\wpdusb.sys 22:07:21.0921 2532 WpdUsb - ok 22:07:22.0041 2532 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINXP\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 22:07:22.0171 2532 WPFFontCache_v0400 - ok 22:07:22.0221 2532 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINXP\System32\drivers\ws2ifsl.sys 22:07:22.0381 2532 WS2IFSL - ok 22:07:22.0421 2532 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINXP\system32\DRIVERS\WudfPf.sys 22:07:22.0481 2532 WudfPf - ok 22:07:22.0521 2532 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINXP\system32\DRIVERS\wudfrd.sys 22:07:22.0561 2532 WudfRd - ok 22:07:22.0581 2532 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINXP\System32\WUDFSvc.dll 22:07:22.0632 2532 WudfSvc - ok 22:07:22.0702 2532 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINXP\System32\wzcsvc.dll 22:07:22.0922 2532 WZCSVC - ok 22:07:22.0922 2532 XDva401 - ok 22:07:22.0962 2532 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINXP\System32\xmlprov.dll 22:07:23.0152 2532 xmlprov - ok 22:07:23.0172 2532 ================ Scan global =============================== 22:07:23.0222 2532 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINXP\system32\basesrv.dll 22:07:23.0292 2532 [ 5DC29EE01D053ACE8AC2DCE3BC8624BB ] C:\WINXP\system32\winsrv.dll 22:07:23.0353 2532 [ 5DC29EE01D053ACE8AC2DCE3BC8624BB ] C:\WINXP\system32\winsrv.dll 22:07:23.0383 2532 [ F0A7D59AF279326528715B206669B86C ] C:\WINXP\system32\services.exe 22:07:23.0393 2532 [Global] - ok 22:07:23.0393 2532 ================ Scan MBR ================================== 22:07:23.0413 2532 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0 22:07:23.0753 2532 \Device\Harddisk0\DR0 - ok 22:07:23.0763 2532 ================ Scan VBR ================================== 22:07:23.0763 2532 [ 39CB30A6F960512CCC2C9A4EDB4522D0 ] \Device\Harddisk0\DR0\Partition1 22:07:23.0763 2532 \Device\Harddisk0\DR0\Partition1 - ok 22:07:23.0763 2532 ============================================================ 22:07:23.0763 2532 Scan finished 22:07:23.0763 2532 ============================================================ 22:07:23.0913 3552 Detected object count: 7 22:07:23.0913 3552 Actual detected object count: 7 22:07:44.0233 3552 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - skipped by user 22:07:44.0233 3552 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:07:44.0233 3552 ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user 22:07:44.0233 3552 ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:07:44.0253 3552 ati2mtag ( UnsignedFile.Multi.Generic ) - skipped by user 22:07:44.0253 3552 ati2mtag ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:07:44.0263 3552 Bulk ( UnsignedFile.Multi.Generic ) - skipped by user 22:07:44.0263 3552 Bulk ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:07:44.0263 3552 HDJMidi ( UnsignedFile.Multi.Generic ) - skipped by user 22:07:44.0263 3552 HDJMidi ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:07:44.0273 3552 Imapi Helper ( UnsignedFile.Multi.Generic ) - skipped by user 22:07:44.0273 3552 Imapi Helper ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:07:44.0283 3552 NetBT ( Virus.Win32.ZAccess.aml ) - skipped by user 22:07:44.0283 3552 NetBT ( Virus.Win32.ZAccess.aml ) - User select action: Skip 22:07:49.0731 0800 Deinitialize success |
23.05.2013, 21:17 | #8 |
/// Malware-holic | Komischer Maleware oder Spyware fall scanne noch mal wie eben konfiguriert und wähle cure. starte neu, scanne noch mal poste neues Log
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
23.05.2013, 21:30 | #9 |
| Komischer Maleware oder Spyware fall TDSSKiller Logfile: 22:25:31.0564 3888 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 22:25:31.0925 3888 ============================================================ 22:25:31.0925 3888 Current date / time: 2013/05/23 22:25:31.0925 22:25:31.0925 3888 SystemInfo: 22:25:31.0925 3888 22:25:31.0925 3888 OS Version: 5.1.2600 ServicePack: 3.0 22:25:31.0925 3888 Product type: Workstation 22:25:31.0925 3888 ComputerName: SVEN-PC 22:25:31.0935 3888 UserName: Svem 22:25:31.0935 3888 Windows directory: C:\WINXP 22:25:31.0935 3888 System windows directory: C:\WINXP 22:25:31.0935 3888 Processor architecture: Intel x86 22:25:31.0935 3888 Number of processors: 1 22:25:31.0935 3888 Page size: 0x1000 22:25:31.0935 3888 Boot type: Normal boot 22:25:31.0935 3888 ============================================================ 22:25:37.0803 3888 BG loaded 22:25:38.0715 3888 Drive \Device\Harddisk0\DR0 - Size: 0x6FC7C8000 (27.95 Gb), SectorSize: 0x200, Cylinders: 0xE40, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 22:25:38.0765 3888 ============================================================ 22:25:38.0765 3888 \Device\Harddisk0\DR0: 22:25:38.0785 3888 MBR partitions: 22:25:38.0805 3888 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x37DFF40 22:25:38.0805 3888 ============================================================ 22:25:39.0055 3888 C: <-> \Device\Harddisk0\DR0\Partition1 22:25:39.0135 3888 ============================================================ 22:25:39.0135 3888 Initialize success 22:25:39.0135 3888 ============================================================ 22:25:46.0666 1276 ============================================================ 22:25:46.0666 1276 Scan started 22:25:46.0666 1276 Mode: Manual; SigCheck; TDLFS; 22:25:46.0666 1276 ============================================================ 22:25:50.0892 1276 ================ Scan system memory ======================== 22:25:50.0892 1276 System memory - ok 22:25:50.0902 1276 ================ Scan services ============================= 22:25:51.0753 1276 Abiosdsk - ok 22:25:51.0783 1276 abp480n5 - ok 22:25:51.0913 1276 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINXP\system32\DRIVERS\ACPI.sys 22:26:17.0510 1276 ACPI - ok 22:26:17.0580 1276 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINXP\system32\DRIVERS\ACPIEC.sys 22:26:17.0921 1276 ACPIEC - ok 22:26:18.0111 1276 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\WINXP\system32\Macromed\Flash\FlashPlayerUpdateService.exe 22:26:18.0221 1276 AdobeFlashPlayerUpdateSvc - ok 22:26:18.0231 1276 adpu160m - ok 22:26:18.0392 1276 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINXP\system32\drivers\aec.sys 22:26:18.0622 1276 aec - ok 22:26:18.0722 1276 [ 8D499B1276012EB907E7A9E0F4D8FDA4 ] AFD C:\WINXP\System32\drivers\afd.sys 22:26:18.0792 1276 AFD - ok 22:26:18.0802 1276 Aha154x - ok 22:26:18.0822 1276 aic78u2 - ok 22:26:18.0842 1276 aic78xx - ok 22:26:19.0413 1276 [ 97E3A6A6C6CF4A1D58FCD6EAD2FAA942 ] ALCXWDM C:\WINXP\system32\drivers\ALCXWDM.SYS 22:26:20.0144 1276 ALCXWDM - ok 22:26:20.0414 1276 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINXP\system32\alrsvc.dll 22:26:20.0645 1276 Alerter - ok 22:26:20.0675 1276 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINXP\System32\alg.exe 22:26:20.0755 1276 ALG - ok 22:26:20.0765 1276 AliIde - ok 22:26:20.0785 1276 amsint - ok 22:26:20.0935 1276 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINXP\System32\appmgmts.dll 22:26:21.0166 1276 AppMgmt - ok 22:26:21.0236 1276 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINXP\system32\DRIVERS\arp1394.sys 22:26:21.0446 1276 Arp1394 - ok 22:26:21.0456 1276 asc - ok 22:26:21.0476 1276 asc3350p - ok 22:26:21.0496 1276 asc3550 - ok 22:26:21.0666 1276 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINXP\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 22:26:21.0827 1276 aspnet_state - ok 22:26:21.0877 1276 [ 4AF5F360BA1E8794D32B366E45A64A0A ] aswFsBlk C:\WINXP\system32\drivers\aswFsBlk.sys 22:26:21.0947 1276 aswFsBlk - ok 22:26:22.0007 1276 [ 1F7094D4268D46F718C51286DC189791 ] aswMonFlt C:\WINXP\system32\drivers\aswMonFlt.sys 22:26:22.0057 1276 aswMonFlt - ok 22:26:22.0107 1276 [ 7B43265F92257A21CBFD88E7A651044C ] AswRdr C:\WINXP\system32\drivers\AswRdr.sys 22:26:22.0167 1276 AswRdr - ok 22:26:22.0197 1276 [ B680134BA1813B78B47FDD1DFF223CA5 ] aswRvrt C:\WINXP\system32\drivers\aswRvrt.sys 22:26:22.0227 1276 aswRvrt - ok 22:26:22.0958 1276 [ 6CAB0A5991C5C0FC63F5E66593E71D7E ] aswSnx C:\WINXP\system32\drivers\aswSnx.sys 22:26:23.0008 1276 aswSnx - ok 22:26:23.0239 1276 [ 99102F60F344BEBAF4F6114514FD28D3 ] aswSP C:\WINXP\system32\drivers\aswSP.sys 22:26:23.0279 1276 aswSP - ok 22:26:23.0329 1276 [ 1F71F170D90E42EFDE9633D81D5E12DC ] aswTdi C:\WINXP\system32\drivers\aswTdi.sys 22:26:23.0339 1276 aswTdi - ok 22:26:23.0399 1276 [ 16B8E3CD50A460EC32CA680C8210A0A9 ] aswVmm C:\WINXP\system32\drivers\aswVmm.sys 22:26:23.0419 1276 aswVmm - ok 22:26:23.0479 1276 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINXP\system32\DRIVERS\asyncmac.sys 22:26:23.0679 1276 AsyncMac - ok 22:26:23.0719 1276 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINXP\system32\DRIVERS\atapi.sys 22:26:23.0930 1276 atapi - ok 22:26:23.0950 1276 Atdisk - ok 22:26:24.0110 1276 [ A2EAEB497CA29ECAEAF0DF66AD85C57D ] Ati HotKey Poller C:\WINXP\system32\Ati2evxx.exe 22:26:24.0170 1276 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - warning 22:26:24.0170 1276 Ati HotKey Poller - detected UnsignedFile.Multi.Generic (1) 22:26:24.0380 1276 [ 56926CCC03417DFFC39C02AC4C163EBC ] ATI Smart C:\WINXP\system32\ati2sgag.exe 22:26:24.0450 1276 ATI Smart ( UnsignedFile.Multi.Generic ) - warning 22:26:24.0450 1276 ATI Smart - detected UnsignedFile.Multi.Generic (1) 22:26:24.0871 1276 [ 492BD2A5F65F218D4EDE5764A3BB67E9 ] ati2mtag C:\WINXP\system32\DRIVERS\ati2mtag.sys 22:26:25.0121 1276 ati2mtag ( UnsignedFile.Multi.Generic ) - warning 22:26:25.0121 1276 ati2mtag - detected UnsignedFile.Multi.Generic (1) 22:26:25.0231 1276 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINXP\system32\DRIVERS\atmarpc.sys 22:26:25.0452 1276 Atmarpc - ok 22:26:25.0492 1276 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINXP\System32\audiosrv.dll 22:26:25.0712 1276 AudioSrv - ok 22:26:25.0772 1276 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINXP\system32\DRIVERS\audstub.sys 22:26:25.0982 1276 audstub - ok 22:26:26.0213 1276 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Programme\AVAST Software\Avast\AvastSvc.exe 22:26:26.0223 1276 avast! Antivirus - ok 22:26:26.0283 1276 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINXP\system32\drivers\Beep.sys 22:26:26.0503 1276 Beep - ok 22:26:26.0573 1276 [ B42057F06BBB98B31876C0B3F2B54E33 ] Browser C:\WINXP\System32\browser.dll 22:26:26.0784 1276 Browser - ok 22:26:26.0884 1276 [ CB29230EE722C43EED443BAABDED721C ] Bulk C:\WINXP\system32\Drivers\HDJBulk.sys 22:26:26.0944 1276 Bulk ( UnsignedFile.Multi.Generic ) - warning 22:26:26.0944 1276 Bulk - detected UnsignedFile.Multi.Generic (1) 22:26:27.0114 1276 catchme - ok 22:26:27.0164 1276 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINXP\system32\drivers\cbidf2k.sys 22:26:27.0364 1276 cbidf2k - ok 22:26:27.0374 1276 cd20xrnt - ok 22:26:27.0415 1276 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINXP\system32\drivers\Cdaudio.sys 22:26:27.0615 1276 Cdaudio - ok 22:26:27.0675 1276 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINXP\system32\drivers\Cdfs.sys 22:26:27.0875 1276 Cdfs - ok 22:26:27.0905 1276 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINXP\system32\DRIVERS\cdrom.sys 22:26:28.0106 1276 Cdrom - ok 22:26:28.0116 1276 Changer - ok 22:26:28.0196 1276 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINXP\system32\cisvc.exe 22:26:28.0416 1276 CiSvc - ok 22:26:28.0456 1276 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINXP\system32\clipsrv.exe 22:26:28.0666 1276 ClipSrv - ok 22:26:28.0807 1276 [ 7FA87325900183197BC9710D1CE4C9FA ] clr_optimization_v2.0.50727_32 C:\WINXP\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 22:26:29.0307 1276 clr_optimization_v2.0.50727_32 - ok 22:26:29.0387 1276 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINXP\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 22:26:29.0447 1276 clr_optimization_v4.0.30319_32 - ok 22:26:29.0508 1276 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINXP\system32\DRIVERS\CmBatt.sys 22:26:29.0708 1276 CmBatt - ok 22:26:29.0718 1276 CmdIde - ok 22:26:29.0778 1276 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINXP\system32\DRIVERS\compbatt.sys 22:26:30.0018 1276 Compbatt - ok 22:26:30.0028 1276 COMSysApp - ok 22:26:30.0058 1276 Cpqarray - ok 22:26:30.0138 1276 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINXP\System32\cryptsvc.dll 22:26:30.0359 1276 CryptSvc - ok 22:26:30.0369 1276 dac2w2k - ok 22:26:30.0389 1276 dac960nt - ok 22:26:30.0569 1276 [ D3D765E8455A961AE567B408F767D4F9 ] DcomLaunch C:\WINXP\system32\rpcss.dll 22:26:30.0659 1276 DcomLaunch - ok 22:26:30.0749 1276 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINXP\System32\dhcpcsvc.dll 22:26:30.0970 1276 Dhcp - ok 22:26:31.0010 1276 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINXP\system32\DRIVERS\disk.sys 22:26:31.0280 1276 Disk - ok 22:26:31.0290 1276 dmadmin - ok 22:26:31.0340 1276 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINXP\system32\drivers\dmboot.sys 22:26:31.0681 1276 dmboot - ok 22:26:31.0821 1276 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINXP\system32\drivers\dmio.sys 22:26:32.0051 1276 dmio - ok 22:26:32.0091 1276 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINXP\system32\drivers\dmload.sys 22:26:32.0302 1276 dmload - ok 22:26:32.0362 1276 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINXP\System32\dmserver.dll 22:26:32.0572 1276 dmserver - ok 22:26:32.0662 1276 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINXP\system32\drivers\DMusic.sys 22:26:32.0882 1276 DMusic - ok 22:26:32.0932 1276 [ 4548494812BA3B416D489E0C6AF8D643 ] Dnscache C:\WINXP\System32\dnsrslvr.dll 22:26:32.0973 1276 Dnscache - ok 22:26:33.0023 1276 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINXP\System32\dot3svc.dll 22:26:33.0233 1276 Dot3svc - ok 22:26:33.0243 1276 dpti2o - ok 22:26:33.0313 1276 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINXP\system32\drivers\drmkaud.sys 22:26:33.0583 1276 drmkaud - ok 22:26:33.0654 1276 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\WINXP\system32\DRIVERS\dtsoftbus01.sys 22:26:33.0694 1276 dtsoftbus01 - ok 22:26:33.0704 1276 EagleXNt - ok 22:26:33.0734 1276 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINXP\System32\eapsvc.dll 22:26:33.0944 1276 EapHost - ok 22:26:33.0974 1276 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINXP\System32\ersvc.dll 22:26:34.0194 1276 ERSvc - ok 22:26:34.0284 1276 [ F0A7D59AF279326528715B206669B86C ] Eventlog C:\WINXP\system32\services.exe 22:26:34.0324 1276 Eventlog - ok 22:26:34.0405 1276 [ ADA7241C16F3F42C7F210539FAD5F3AA ] EventSystem C:\WINXP\system32\es.dll 22:26:34.0455 1276 EventSystem - ok 22:26:34.0465 1276 EverestDriver - ok 22:26:34.0545 1276 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINXP\system32\drivers\Fastfat.sys 22:26:34.0745 1276 Fastfat - ok 22:26:34.0835 1276 [ 927666F4228E3FBBC3D1171581DC8BDC ] FastUserSwitchingCompatibility C:\WINXP\System32\shsvcs.dll 22:26:34.0885 1276 FastUserSwitchingCompatibility - ok 22:26:34.0925 1276 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINXP\system32\drivers\Fdc.sys 22:26:35.0166 1276 Fdc - ok 22:26:35.0246 1276 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINXP\system32\drivers\Fips.sys 22:26:35.0456 1276 Fips - ok 22:26:35.0486 1276 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINXP\system32\drivers\Flpydisk.sys 22:26:35.0686 1276 Flpydisk - ok 22:26:35.0777 1276 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINXP\system32\DRIVERS\fltMgr.sys 22:26:36.0017 1276 FltMgr - ok 22:26:36.0117 1276 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINXP\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 22:26:36.0177 1276 FontCache3.0.0.0 - ok 22:26:36.0217 1276 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINXP\system32\drivers\Fs_Rec.sys 22:26:36.0428 1276 Fs_Rec - ok 22:26:36.0458 1276 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINXP\system32\DRIVERS\ftdisk.sys 22:26:36.0698 1276 Ftdisk - ok 22:26:36.0748 1276 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINXP\system32\DRIVERS\msgpc.sys 22:26:36.0968 1276 Gpc - ok 22:26:37.0078 1276 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe 22:26:37.0098 1276 gupdate - ok 22:26:37.0108 1276 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe 22:26:37.0129 1276 gupdatem - ok 22:26:37.0189 1276 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\WINXP\system32\DRIVERS\hamachi.sys 22:26:37.0229 1276 hamachi - ok 22:26:37.0279 1276 [ A840EDE400211536C96D38D2C099B284 ] HDJMidi C:\WINXP\system32\DRIVERS\HDJMidi.sys 22:26:37.0299 1276 HDJMidi ( UnsignedFile.Multi.Generic ) - warning 22:26:37.0299 1276 HDJMidi - detected UnsignedFile.Multi.Generic (1) 22:26:37.0419 1276 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINXP\PCHealth\HelpCtr\Binaries\pchsvc.dll 22:26:37.0609 1276 helpsvc - ok 22:26:37.0649 1276 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINXP\System32\hidserv.dll 22:26:37.0860 1276 HidServ - ok 22:26:37.0940 1276 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINXP\system32\DRIVERS\hidusb.sys 22:26:38.0140 1276 hidusb - ok 22:26:38.0220 1276 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINXP\System32\kmsvc.dll 22:26:38.0420 1276 hkmsvc - ok 22:26:38.0430 1276 hpn - ok 22:26:38.0611 1276 [ 937031C085718C1C04A9C0864625EC6B ] HTTP C:\WINXP\system32\Drivers\HTTP.sys 22:26:38.0691 1276 HTTP - ok 22:26:38.0741 1276 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINXP\System32\w3ssl.dll 22:26:38.0961 1276 HTTPFilter - ok 22:26:38.0971 1276 i2omgmt - ok 22:26:38.0991 1276 i2omp - ok 22:26:39.0091 1276 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINXP\system32\DRIVERS\i8042prt.sys 22:26:39.0312 1276 i8042prt - ok 22:26:39.0482 1276 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 22:26:39.0702 1276 idsvc - ok 22:26:39.0742 1276 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINXP\system32\DRIVERS\imapi.sys 22:26:39.0993 1276 Imapi - ok 22:26:40.0093 1276 [ FECBE209E9603DE678C9B6A395B8E2AF ] Imapi Helper C:\Programme\Alex Feinman\ISO Recorder\ImapiHelper.exe 22:26:40.0243 1276 Imapi Helper ( UnsignedFile.Multi.Generic ) - warning 22:26:40.0243 1276 Imapi Helper - detected UnsignedFile.Multi.Generic (1) 22:26:40.0283 1276 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINXP\system32\imapi.exe 22:26:40.0483 1276 ImapiService - ok 22:26:40.0503 1276 ini910u - ok 22:26:40.0523 1276 IntelIde - ok 22:26:40.0593 1276 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINXP\system32\DRIVERS\intelppm.sys 22:26:40.0794 1276 intelppm - ok 22:26:40.0834 1276 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINXP\system32\DRIVERS\Ip6Fw.sys 22:26:41.0044 1276 Ip6Fw - ok 22:26:41.0134 1276 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINXP\system32\DRIVERS\ipfltdrv.sys 22:26:41.0345 1276 IpFilterDriver - ok 22:26:41.0415 1276 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINXP\system32\DRIVERS\ipinip.sys 22:26:41.0595 1276 IpInIp - ok 22:26:41.0655 1276 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINXP\system32\DRIVERS\ipnat.sys 22:26:41.0855 1276 IpNat - ok 22:26:41.0915 1276 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINXP\system32\DRIVERS\ipsec.sys 22:26:42.0116 1276 IPSec - ok 22:26:42.0186 1276 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINXP\system32\DRIVERS\irenum.sys 22:26:42.0286 1276 IRENUM - ok 22:26:42.0316 1276 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINXP\system32\DRIVERS\isapnp.sys 22:26:42.0506 1276 isapnp - ok 22:26:42.0697 1276 [ 5739F2821D49975CEDE6BF0153D0CF01 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe 22:26:42.0717 1276 JavaQuickStarterService - ok 22:26:42.0777 1276 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINXP\system32\DRIVERS\kbdclass.sys 22:26:42.0997 1276 Kbdclass - ok 22:26:43.0027 1276 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINXP\system32\DRIVERS\kbdhid.sys 22:26:43.0307 1276 kbdhid - ok 22:26:43.0347 1276 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINXP\system32\drivers\kmixer.sys 22:26:43.0548 1276 kmixer - ok 22:26:43.0608 1276 [ C6EBF1D6AD71DF30DB49B8D3287E1368 ] KSecDD C:\WINXP\system32\drivers\KSecDD.sys 22:26:43.0628 1276 KSecDD - ok 22:26:43.0678 1276 [ 41202C42C8D1A4465AB121F806E93F24 ] LanmanServer C:\WINXP\System32\srvsvc.dll 22:26:43.0758 1276 LanmanServer - ok 22:26:43.0828 1276 [ C9B816901C1ABF28BA6C5B6CB65EB75B ] LanmanWorkstation C:\WINXP\System32\wkssvc.dll 22:26:43.0878 1276 LanmanWorkstation - ok 22:26:43.0888 1276 lbrtfdc - ok 22:26:43.0938 1276 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINXP\System32\lmhsvc.dll 22:26:44.0119 1276 LmHosts - ok 22:26:44.0179 1276 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINXP\System32\msgsvc.dll 22:26:44.0419 1276 Messenger - ok 22:26:44.0459 1276 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINXP\system32\drivers\mnmdd.sys 22:26:44.0649 1276 mnmdd - ok 22:26:44.0699 1276 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINXP\system32\mnmsrvc.exe 22:26:44.0920 1276 mnmsrvc - ok 22:26:44.0960 1276 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINXP\system32\drivers\Modem.sys 22:26:45.0180 1276 Modem - ok 22:26:45.0240 1276 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINXP\system32\drivers\MODEMCSA.sys 22:26:45.0440 1276 MODEMCSA - ok 22:26:45.0460 1276 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINXP\system32\DRIVERS\mouclass.sys 22:26:45.0701 1276 Mouclass - ok 22:26:45.0731 1276 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINXP\system32\DRIVERS\mouhid.sys 22:26:45.0971 1276 mouhid - ok 22:26:46.0031 1276 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINXP\system32\drivers\MountMgr.sys 22:26:46.0252 1276 MountMgr - ok 22:26:46.0342 1276 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe 22:26:46.0402 1276 MozillaMaintenance - ok 22:26:46.0412 1276 mraid35x - ok 22:26:46.0472 1276 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINXP\system32\DRIVERS\mrxdav.sys 22:26:46.0672 1276 MRxDAV - ok 22:26:46.0792 1276 [ 8DD801E28EB76FDA2A38907882A0036F ] MRxSmb C:\WINXP\system32\DRIVERS\mrxsmb.sys 22:26:46.0852 1276 MRxSmb - ok 22:26:46.0913 1276 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINXP\system32\msdtc.exe 22:26:47.0083 1276 MSDTC - ok 22:26:47.0133 1276 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINXP\system32\drivers\Msfs.sys 22:26:47.0343 1276 Msfs - ok 22:26:47.0353 1276 MSIServer - ok 22:26:47.0413 1276 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINXP\system32\drivers\MSKSSRV.sys 22:26:47.0614 1276 MSKSSRV - ok 22:26:47.0644 1276 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINXP\system32\drivers\MSPCLOCK.sys 22:26:47.0824 1276 MSPCLOCK - ok 22:26:47.0854 1276 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINXP\system32\drivers\MSPQM.sys 22:26:48.0074 1276 MSPQM - ok 22:26:48.0144 1276 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINXP\system32\DRIVERS\mssmbios.sys 22:26:48.0335 1276 mssmbios - ok 22:26:48.0495 1276 MSSQL$SQLEXPRESS - ok 22:26:48.0765 1276 [ F1761C8FB2B25A32C6D63E36BB88C3AE ] MSSQLServerADHelper100 c:\Programme\Microsoft SQL Server\100\Shared\SQLADHLP.EXE 22:26:48.0815 1276 MSSQLServerADHelper100 - ok 22:26:48.0905 1276 [ F7B1AD991491F02AF6DA70B00B8BF114 ] Mup C:\WINXP\system32\drivers\Mup.sys 22:26:48.0986 1276 Mup - ok 22:26:49.0246 1276 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINXP\System32\qagentrt.dll 22:26:49.0456 1276 napagent - ok 22:26:49.0596 1276 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINXP\system32\drivers\NDIS.sys 22:26:49.0817 1276 NDIS - ok 22:26:49.0847 1276 [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi C:\WINXP\system32\DRIVERS\ndistapi.sys 22:26:50.0047 1276 NdisTapi - ok 22:26:50.0097 1276 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINXP\system32\DRIVERS\ndisuio.sys 22:26:50.0317 1276 Ndisuio - ok 22:26:50.0358 1276 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINXP\system32\DRIVERS\ndiswan.sys 22:26:50.0558 1276 NdisWan - ok 22:26:50.0588 1276 [ 816460BD4B4ACD27937D1D0813E2E9E9 ] NDProxy C:\WINXP\system32\drivers\NDProxy.sys 22:26:50.0628 1276 NDProxy - ok 22:26:50.0678 1276 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINXP\system32\DRIVERS\netbios.sys 22:26:50.0908 1276 NetBIOS - ok 22:26:50.0948 1276 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINXP\system32\DRIVERS\netbt.sys 22:26:51.0149 1276 NetBT - ok 22:26:51.0219 1276 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINXP\system32\netdde.exe 22:26:51.0399 1276 NetDDE - ok 22:26:51.0409 1276 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINXP\system32\netdde.exe 22:26:51.0609 1276 NetDDEdsdm - ok 22:26:51.0689 1276 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINXP\system32\lsass.exe 22:26:51.0890 1276 Netlogon - ok 22:26:51.0940 1276 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINXP\System32\netman.dll 22:26:52.0140 1276 Netman - ok 22:26:52.0230 1276 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINXP\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 22:26:52.0250 1276 NetTcpPortSharing - ok 22:26:52.0320 1276 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINXP\system32\DRIVERS\nic1394.sys 22:26:52.0521 1276 NIC1394 - ok 22:26:52.0611 1276 NIHardwareService - ok 22:26:52.0661 1276 [ 4AA50627B01C0E9C6B4C6BD3AF648F12 ] Nla C:\WINXP\System32\mswsock.dll 22:26:52.0711 1276 Nla - ok 22:26:52.0771 1276 [ 33A4B24A4C4DCF3C168E2C1151A62FC5 ] nmwcd C:\WINXP\system32\drivers\ccdcmb.sys 22:26:56.0096 1276 nmwcd - ok 22:26:59.0521 1276 [ A77265EF7BF998B8BB22A1A23E72B45D ] nmwcdc C:\WINXP\system32\drivers\ccdcmbo.sys 22:26:59.0851 1276 nmwcdc - ok 22:26:59.0931 1276 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINXP\system32\drivers\Npfs.sys 22:27:00.0162 1276 Npfs - ok 22:27:00.0732 1276 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINXP\system32\drivers\Ntfs.sys 22:27:01.0544 1276 Ntfs - ok 22:27:01.0594 1276 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINXP\system32\lsass.exe 22:27:01.0774 1276 NtLmSsp - ok 22:27:02.0375 1276 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINXP\system32\ntmssvc.dll 22:27:03.0647 1276 NtmsSvc - ok 22:27:03.0777 1276 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINXP\system32\drivers\Null.sys 22:27:03.0997 1276 Null - ok 22:27:04.0107 1276 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINXP\system32\DRIVERS\nwlnkflt.sys 22:27:04.0398 1276 NwlnkFlt - ok 22:27:04.0438 1276 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINXP\system32\DRIVERS\nwlnkfwd.sys 22:27:09.0245 1276 NwlnkFwd - ok 22:27:09.0295 1276 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINXP\system32\DRIVERS\ohci1394.sys 22:27:09.0515 1276 ohci1394 - ok 22:27:09.0775 1276 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE 22:27:09.0916 1276 ose - ok 22:27:10.0056 1276 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINXP\system32\DRIVERS\parport.sys 22:27:10.0286 1276 Parport - ok 22:27:10.0316 1276 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINXP\system32\drivers\PartMgr.sys 22:27:10.0587 1276 PartMgr - ok 22:27:10.0687 1276 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINXP\system32\drivers\ParVdm.sys 22:27:10.0917 1276 ParVdm - ok 22:27:10.0987 1276 [ F451DCACBAA67F3307305EBD4A39EA07 ] pccsmcfd C:\WINXP\system32\DRIVERS\pccsmcfd.sys 22:27:11.0157 1276 pccsmcfd - ok 22:27:11.0238 1276 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINXP\system32\DRIVERS\pci.sys 22:27:11.0508 1276 PCI - ok 22:27:11.0518 1276 PCIDump - ok 22:27:11.0568 1276 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINXP\system32\DRIVERS\pciide.sys 22:27:11.0858 1276 PCIIde - ok 22:27:12.0299 1276 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINXP\system32\DRIVERS\pcmcia.sys 22:27:12.0600 1276 Pcmcia - ok 22:27:12.0620 1276 PDCOMP - ok 22:27:12.0640 1276 PDFRAME - ok 22:27:12.0660 1276 PDRELI - ok 22:27:12.0690 1276 PDRFRAME - ok 22:27:12.0710 1276 perc2 - ok 22:27:12.0720 1276 perc2hib - ok 22:27:12.0820 1276 [ F0A7D59AF279326528715B206669B86C ] PlugPlay C:\WINXP\system32\services.exe 22:27:12.0890 1276 PlugPlay - ok 22:27:12.0950 1276 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINXP\system32\lsass.exe 22:27:13.0120 1276 PolicyAgent - ok 22:27:13.0240 1276 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINXP\system32\DRIVERS\raspptp.sys 22:27:13.0521 1276 PptpMiniport - ok 22:27:13.0561 1276 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINXP\system32\lsass.exe 22:27:13.0731 1276 ProtectedStorage - ok 22:27:13.0821 1276 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINXP\system32\DRIVERS\psched.sys 22:27:14.0042 1276 PSched - ok 22:27:14.0132 1276 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINXP\system32\DRIVERS\ptilink.sys 22:27:14.0342 1276 Ptilink - ok 22:27:14.0362 1276 ql1080 - ok 22:27:14.0372 1276 Ql10wnt - ok 22:27:14.0392 1276 ql12160 - ok 22:27:14.0412 1276 ql1240 - ok 22:27:14.0432 1276 ql1280 - ok 22:27:14.0522 1276 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINXP\system32\DRIVERS\rasacd.sys 22:27:14.0733 1276 RasAcd - ok 22:27:14.0843 1276 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINXP\System32\rasauto.dll 22:27:15.0103 1276 RasAuto - ok 22:27:15.0193 1276 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINXP\system32\DRIVERS\rasl2tp.sys 22:27:15.0404 1276 Rasl2tp - ok 22:27:15.0484 1276 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINXP\System32\rasmans.dll 22:27:15.0694 1276 RasMan - ok 22:27:15.0774 1276 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINXP\system32\DRIVERS\raspppoe.sys 22:27:16.0004 1276 RasPppoe - ok 22:27:16.0115 1276 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINXP\system32\DRIVERS\raspti.sys 22:27:16.0315 1276 Raspti - ok 22:27:16.0455 1276 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINXP\system32\DRIVERS\rdbss.sys 22:27:16.0625 1276 Rdbss - ok 22:27:16.0786 1276 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINXP\system32\DRIVERS\RDPCDD.sys 22:27:16.0996 1276 RDPCDD - ok 22:27:17.0527 1276 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINXP\system32\DRIVERS\rdpdr.sys 22:27:17.0717 1276 rdpdr - ok 22:27:17.0877 1276 [ 6728E45B66F93C08F11DE2E316FC70DD ] RDPWD C:\WINXP\system32\drivers\RDPWD.sys 22:27:18.0087 1276 RDPWD - ok 22:27:18.0147 1276 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINXP\system32\sessmgr.exe 22:27:19.0289 1276 RDSessMgr - ok 22:27:19.0339 1276 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINXP\system32\DRIVERS\redbook.sys 22:27:19.0539 1276 redbook - ok 22:27:19.0660 1276 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINXP\System32\mprdim.dll 22:27:19.0890 1276 RemoteAccess - ok 22:27:19.0990 1276 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINXP\system32\regsvc.dll 22:27:20.0150 1276 RemoteRegistry - ok 22:27:20.0291 1276 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINXP\system32\locator.exe 22:27:20.0561 1276 RpcLocator - ok 22:27:20.0691 1276 [ D3D765E8455A961AE567B408F767D4F9 ] RpcSs C:\WINXP\System32\rpcss.dll 22:27:20.0791 1276 RpcSs - ok 22:27:20.0952 1276 [ FD692C6FFADE58F7C4C3C3C9A0EC35BD ] RsFx0103 C:\WINXP\system32\DRIVERS\RsFx0103.sys 22:27:21.0042 1276 RsFx0103 - ok 22:27:21.0182 1276 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINXP\system32\rsvp.exe 22:27:21.0412 1276 RSVP - ok 22:27:21.0683 1276 [ E2E588D92C8E151CD3515EE09FEC90E2 ] rt2870 C:\WINXP\system32\DRIVERS\rt2870.sys 22:27:21.0863 1276 rt2870 - ok 22:27:21.0893 1276 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINXP\system32\lsass.exe 22:27:22.0073 1276 SamSs - ok 22:27:22.0213 1276 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINXP\System32\SCardSvr.exe 22:27:22.0474 1276 SCardSvr - ok 22:27:22.0584 1276 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINXP\system32\schedsvc.dll 22:27:22.0794 1276 Schedule - ok 22:27:22.0904 1276 [ A689D522EEDF89401E1DA2FE883AA7EC ] SCREAMINGBDRIVER C:\WINXP\system32\drivers\ScreamingBAudio.sys 22:27:23.0055 1276 SCREAMINGBDRIVER - ok 22:27:23.0075 1276 Scutum50 - ok 22:27:23.0175 1276 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINXP\system32\DRIVERS\secdrv.sys 22:27:23.0285 1276 Secdrv - ok 22:27:23.0315 1276 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINXP\System32\seclogon.dll 22:27:23.0525 1276 seclogon - ok 22:27:23.0625 1276 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINXP\system32\sens.dll 22:27:23.0826 1276 SENS - ok 22:27:23.0876 1276 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINXP\system32\drivers\Serial.sys 22:27:24.0086 1276 Serial - ok 22:27:24.0216 1276 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINXP\system32\drivers\Sfloppy.sys 22:27:24.0417 1276 Sfloppy - ok 22:27:24.0517 1276 [ 927666F4228E3FBBC3D1171581DC8BDC ] ShellHWDetection C:\WINXP\System32\shsvcs.dll 22:27:24.0567 1276 ShellHWDetection - ok 22:27:24.0577 1276 Simbad - ok 22:27:24.0677 1276 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINXP\system32\DRIVERS\sisagp.sys 22:27:24.0887 1276 sisagp - ok 22:27:24.0907 1276 [ 3FBB6EF8B5A71A2FA11F5F461BB73219 ] SISNIC C:\WINXP\system32\DRIVERS\sisnic.sys 22:27:25.0158 1276 SISNIC - ok 22:27:25.0508 1276 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Programme\Skype\Updater\Updater.exe 22:27:25.0528 1276 SkypeUpdate - ok 22:27:25.0558 1276 Sparrow - ok 22:27:25.0628 1276 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINXP\system32\drivers\splitter.sys 22:27:25.0839 1276 splitter - ok 22:27:25.0919 1276 [ 258DD5D4283FD9F9A7166BE9AE45CE73 ] Spooler C:\WINXP\system32\spoolsv.exe 22:27:25.0979 1276 Spooler - ok 22:27:26.0109 1276 [ A687B5B326AFCFCF182C4931D1FF9771 ] SQLAgent$SQLEXPRESS c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE 22:27:26.0429 1276 SQLAgent$SQLEXPRESS - ok 22:27:26.0650 1276 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser c:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe 22:27:26.0870 1276 SQLBrowser - ok 22:27:27.0000 1276 [ 637A0F23F9012358E92E6F99835494D1 ] SQLWriter c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe 22:27:27.0010 1276 SQLWriter - ok 22:27:27.0090 1276 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINXP\system32\DRIVERS\sr.sys 22:27:27.0221 1276 sr - ok 22:27:27.0321 1276 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINXP\system32\srsvc.dll 22:27:27.0451 1276 srservice - ok 22:27:27.0511 1276 [ 9B390283569EA58D43D2586032B892F5 ] Srv C:\WINXP\system32\DRIVERS\srv.sys 22:27:27.0601 1276 Srv - ok 22:27:27.0701 1276 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINXP\System32\ssdpsrv.dll 22:27:27.0821 1276 SSDPSRV - ok 22:27:27.0952 1276 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINXP\system32\wiaservc.dll 22:27:28.0532 1276 stisvc - ok 22:27:28.0593 1276 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINXP\system32\DRIVERS\swenum.sys 22:27:28.0813 1276 swenum - ok 22:27:28.0853 1276 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINXP\system32\drivers\swmidi.sys 22:27:29.0053 1276 swmidi - ok 22:27:29.0073 1276 SwPrv - ok 22:27:29.0093 1276 symc810 - ok 22:27:29.0103 1276 symc8xx - ok 22:27:29.0123 1276 sym_hi - ok 22:27:29.0143 1276 sym_u3 - ok 22:27:29.0223 1276 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINXP\system32\drivers\sysaudio.sys 22:27:29.0424 1276 sysaudio - ok 22:27:29.0484 1276 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINXP\system32\smlogsvc.exe 22:27:29.0704 1276 SysmonLog - ok 22:27:29.0754 1276 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINXP\System32\tapisrv.dll 22:27:29.0964 1276 TapiSrv - ok 22:27:30.0035 1276 [ AD978A1B783B5719720CFF204B666C8E ] Tcpip C:\WINXP\system32\DRIVERS\tcpip.sys 22:27:30.0115 1276 Tcpip - ok 22:27:30.0145 1276 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINXP\system32\drivers\TDPIPE.sys 22:27:30.0345 1276 TDPIPE - ok 22:27:30.0405 1276 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINXP\system32\drivers\TDTCP.sys 22:27:30.0635 1276 TDTCP - ok 22:27:30.0676 1276 [ 88155247177638048422893737429D9E ] TermDD C:\WINXP\system32\DRIVERS\termdd.sys 22:27:30.0896 1276 TermDD - ok 22:27:30.0966 1276 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINXP\System32\termsrv.dll 22:27:31.0176 1276 TermService - ok 22:27:31.0216 1276 [ 927666F4228E3FBBC3D1171581DC8BDC ] Themes C:\WINXP\System32\shsvcs.dll 22:27:31.0246 1276 Themes - ok 22:27:31.0306 1276 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINXP\system32\tlntsvr.exe 22:27:31.0437 1276 TlntSvr - ok 22:27:31.0457 1276 TosIde - ok 22:27:31.0517 1276 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINXP\system32\trkwks.dll 22:27:31.0727 1276 TrkWks - ok 22:27:31.0787 1276 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINXP\system32\drivers\Udfs.sys 22:27:32.0088 1276 Udfs - ok 22:27:32.0098 1276 ultra - ok 22:27:32.0228 1276 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINXP\system32\DRIVERS\update.sys 22:27:32.0448 1276 Update - ok 22:27:32.0568 1276 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINXP\System32\upnphost.dll 22:27:32.0809 1276 upnphost - ok 22:27:32.0859 1276 [ B671514497DF7417F83919A6A5BD6BB9 ] upperdev C:\WINXP\system32\DRIVERS\usbser_lowerflt.sys 22:27:33.0029 1276 upperdev - ok 22:27:33.0099 1276 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINXP\System32\ups.exe 22:27:33.0279 1276 UPS - ok 22:27:33.0339 1276 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINXP\system32\drivers\usbaudio.sys 22:27:33.0560 1276 usbaudio - ok 22:27:33.0590 1276 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINXP\system32\DRIVERS\usbccgp.sys 22:27:33.0780 1276 usbccgp - ok 22:27:33.0830 1276 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINXP\system32\DRIVERS\usbehci.sys 22:27:34.0030 1276 usbehci - ok 22:27:34.0100 1276 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINXP\system32\DRIVERS\usbhub.sys 22:27:34.0301 1276 usbhub - ok 22:27:34.0361 1276 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINXP\system32\DRIVERS\usbohci.sys 22:27:34.0551 1276 usbohci - ok 22:27:34.0611 1276 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINXP\system32\DRIVERS\usbprint.sys 22:27:34.0852 1276 usbprint - ok 22:27:34.0922 1276 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINXP\system32\DRIVERS\usbscan.sys 22:27:35.0112 1276 usbscan - ok 22:27:35.0172 1276 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINXP\system32\drivers\usbser.sys 22:27:35.0362 1276 usbser - ok 22:27:35.0402 1276 [ FF358FD3176B2E5605C4ACCD5026A5AC ] UsbserFilt C:\WINXP\system32\DRIVERS\usbser_lowerfltj.sys 22:27:35.0553 1276 UsbserFilt - ok 22:27:35.0603 1276 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINXP\system32\DRIVERS\USBSTOR.SYS 22:27:35.0803 1276 USBSTOR - ok 22:27:35.0883 1276 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINXP\System32\drivers\vga.sys 22:27:36.0093 1276 VgaSave - ok 22:27:36.0113 1276 ViaIde - ok 22:27:36.0163 1276 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINXP\system32\drivers\VolSnap.sys 22:27:36.0354 1276 VolSnap - ok 22:27:36.0394 1276 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINXP\System32\vssvc.exe 22:27:36.0574 1276 VSS - ok 22:27:36.0624 1276 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINXP\system32\w32time.dll 22:27:36.0824 1276 W32Time - ok 22:27:36.0864 1276 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINXP\system32\DRIVERS\wanarp.sys 22:27:37.0075 1276 Wanarp - ok 22:27:37.0375 1276 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINXP\system32\Drivers\wdf01000.sys 22:27:37.0535 1276 Wdf01000 - ok 22:27:37.0555 1276 WDICA - ok 22:27:37.0626 1276 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINXP\system32\drivers\wdmaud.sys 22:27:37.0806 1276 wdmaud - ok 22:27:37.0906 1276 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINXP\System32\webclnt.dll 22:27:38.0106 1276 WebClient - ok 22:27:38.0306 1276 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINXP\system32\wbem\WMIsvc.dll 22:27:38.0497 1276 winmgmt - ok 22:27:38.0577 1276 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINXP\system32\mspmsnsv.dll 22:27:38.0657 1276 WmdmPmSN - ok 22:27:39.0208 1276 [ 57FA31A965D8FC3172641A93618FBE9E ] Wmi C:\WINXP\System32\advapi32.dll 22:27:39.0288 1276 Wmi - ok 22:27:39.0378 1276 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINXP\system32\wbem\wmiapsrv.exe 22:27:39.0568 1276 WmiApSrv - ok 22:27:39.0729 1276 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe 22:27:39.0999 1276 WMPNetworkSvc - ok 22:27:40.0199 1276 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINXP\system32\DRIVERS\wpdusb.sys 22:27:40.0259 1276 WpdUsb - ok 22:27:40.0430 1276 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINXP\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 22:27:40.0710 1276 WPFFontCache_v0400 - ok 22:27:40.0800 1276 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINXP\System32\drivers\ws2ifsl.sys 22:27:41.0010 1276 WS2IFSL - ok 22:27:41.0111 1276 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINXP\system32\DRIVERS\WudfPf.sys 22:27:41.0161 1276 WudfPf - ok 22:27:41.0201 1276 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINXP\system32\DRIVERS\wudfrd.sys 22:27:41.0271 1276 WudfRd - ok 22:27:41.0341 1276 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINXP\System32\WUDFSvc.dll 22:27:41.0401 1276 WudfSvc - ok 22:27:41.0471 1276 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINXP\System32\wzcsvc.dll 22:27:41.0671 1276 WZCSVC - ok 22:27:41.0701 1276 XDva401 - ok 22:27:41.0832 1276 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINXP\System32\xmlprov.dll 22:27:42.0072 1276 xmlprov - ok 22:27:42.0112 1276 ================ Scan global =============================== 22:27:42.0553 1276 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINXP\system32\basesrv.dll 22:27:42.0653 1276 [ 5DC29EE01D053ACE8AC2DCE3BC8624BB ] C:\WINXP\system32\winsrv.dll 22:27:42.0723 1276 [ 5DC29EE01D053ACE8AC2DCE3BC8624BB ] C:\WINXP\system32\winsrv.dll 22:27:42.0803 1276 [ F0A7D59AF279326528715B206669B86C ] C:\WINXP\system32\services.exe 22:27:42.0803 1276 [Global] - ok 22:27:42.0813 1276 ================ Scan MBR ================================== 22:27:42.0843 1276 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0 22:28:01.0730 1276 \Device\Harddisk0\DR0 - ok 22:28:01.0760 1276 ================ Scan VBR ================================== 22:28:01.0760 1276 [ 39CB30A6F960512CCC2C9A4EDB4522D0 ] \Device\Harddisk0\DR0\Partition1 22:28:01.0770 1276 \Device\Harddisk0\DR0\Partition1 - ok 22:28:01.0770 1276 ============================================================ 22:28:01.0770 1276 Scan finished 22:28:01.0770 1276 ============================================================ 22:28:01.0910 1268 Detected object count: 6 22:28:01.0910 1268 Actual detected object count: 6 22:28:12.0576 1268 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - skipped by user 22:28:12.0576 1268 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:28:12.0606 1268 ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user 22:28:12.0606 1268 ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:28:12.0626 1268 ati2mtag ( UnsignedFile.Multi.Generic ) - skipped by user 22:28:12.0636 1268 ati2mtag ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:28:12.0636 1268 Bulk ( UnsignedFile.Multi.Generic ) - skipped by user 22:28:12.0636 1268 Bulk ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:28:12.0646 1268 HDJMidi ( UnsignedFile.Multi.Generic ) - skipped by user 22:28:12.0646 1268 HDJMidi ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:28:12.0646 1268 Imapi Helper ( UnsignedFile.Multi.Generic ) - skipped by user 22:28:12.0646 1268 Imapi Helper ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:28:18.0124 3636 Deinitialize success |
23.05.2013, 21:32 | #10 |
/// Malware-holic | Komischer Maleware oder Spyware fall Hi, nutzt du den PC fürs Onlinebanking, zum Einkaufen, für sonstige Zahlungsabwicklungen, oder ähnlich wichtigem, wie beruflichem?
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
23.05.2013, 21:35 | #11 |
| Komischer Maleware oder Spyware fall Ehm. Ja, diesen Laptop benutze ich für mein Studium. Überweisungen für Studiums und Arbeitszwecken ebenfals. |
23.05.2013, 21:38 | #12 |
/// Malware-holic | Komischer Maleware oder Spyware fall Ok. Wenn du Onlinebanking machst, lasse es sperren aufgrund des Zero Access Rootkits. Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und der sicherste Weg, zumal du deinen PC für onlinebanking, verwendest Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist. Ich würde, wenn es mein PC ist, ihn neu machen und wir sichern ihn dann ab, anleitungen bekommst du. Entscheidung liegt bei dir.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
23.05.2013, 21:40 | #13 |
| Komischer Maleware oder Spyware fall Okey. Dann werde ich ihn wohl neu machen müssen. Jedoch habe ich die Windows XP CD nichtmehr. Nurnoch den Aktivierungschlüssel habe ich. |
23.05.2013, 21:52 | #14 |
/// Malware-holic | Komischer Maleware oder Spyware fall kannst du dir ne xp cd leien?
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
23.05.2013, 21:54 | #15 |
| Komischer Maleware oder Spyware fall hm...Müsste ich mal nachfragen..moment Nein, niemand den ich kenne benutzt noch XP. Auch dementsprechend haben die keine XP CD. |
Themen zu Komischer Maleware oder Spyware fall |
abend, avast, avast!, buttons, compu, computer, gestern, guten, klicke, komischer, langsamer, liebe, maleware, problem, seite, sekunden, spyware, troja, warnung |