Firefox stürzt stänig ab und pc sehr lahm xp rechner

kickstaa · 12.11.2014, 15:14

Hallo
Ich nutze noch windows xp
mein rechner bzw firefox stürzt ständig ab-sogar gerade eben als ich das erste mal diesen text geschrieben habe.
Oft kommt eine meldung mit plugins hinterher.
Aber meistens ist firefox einfach abgestürzt.
Selten habe ich mal einen bluescreen dabei-dann geht nichts mehr
Ausserdem ist der rechner wirklcih extrem lahm geworden-und dabei dann ziemlich laut als ob der total am arbeiten wäre.
ich hoffe mir kann jemand helfen-ich bin leider ziemlicher laie.
lg

schrauber · 12.11.2014, 15:54

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

kickstaa · 14.11.2014, 07:21

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-11-2014 01
Ran by Haking (administrator) on CHRISTIAN on 14-11-2014 07:17:06
Running from E:\
Loaded Profile: Haking (Available profiles: Haking)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 7
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\WINXP\system32\smss.exe
(Microsoft Corporation) C:\WINXP\system32\winlogon.exe
(Microsoft Corporation) C:\WINXP\system32\services.exe
(Microsoft Corporation) C:\WINXP\system32\lsass.exe
(ATI Technologies Inc.) C:\WINXP\system32\ati2evxx.exe
(Microsoft Corporation) C:\WINXP\system32\svchost.exe
(Microsoft Corporation) C:\WINXP\system32\svchost.exe
(ATI Technologies Inc.) C:\WINXP\system32\ati2evxx.exe
(Microsoft Corporation) C:\WINXP\system32\svchost.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\WINXP\explorer.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avguard.exe
(AVM Berlin) C:\Programme\avmwlanstick\WLanNetService.exe
(Oracle Corporation) C:\Programme\Java\jre7\bin\jqs.exe
(Google Inc.) C:\Programme\Google\Update\GoogleUpdate.exe
(Microsoft Corporation) C:\WINXP\system32\svchost.exe
(TuneUp Software) C:\WINXP\system32\TUProgSt.exe
(Microsoft Corporation) C:\WINXP\system32\wscntfy.exe
(AVM Berlin) C:\Programme\avmwlanstick\WLanGUI.exe
(Realtek Semiconductor Corp.) C:\WINXP\RTHDCPL.EXE
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\WINXP\system32\ctfmon.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\WINXP\system32\svchost.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AVMWlanClient] => C:\Programme\avmwlanstick\wlangui.exe [1454080 2006-12-28] (AVM Berlin)
HKLM\...\Run: [StartCCC] => C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2009-02-25] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RTHDCPL] => C:\WINXP\RTHDCPL.EXE [14720000 2005-06-29] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Adobe ARM] => C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [avgnt] => C:\Programme\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-14] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\WINXP\System32\Userinit.exe,
HKLM\...\Winlogon: [Shell] Explorer.exe [x ] ()
HKLM\...\Winlogon: [UIHost] C:\WINXP\system32\logonui.exe [515072 2008-04-14] (Microsoft Corporation)
Winlogon\Notify\AtiExtEvent: C:\WINXP\system32\Ati2evxx.dll (ATI Technologies Inc.)
Winlogon\Notify\crypt32chain: C:\WINXP\system32\crypt32.dll (Microsoft Corporation)
Winlogon\Notify\cryptnet: C:\WINXP\system32\cryptnet.dll (Microsoft Corporation)
Winlogon\Notify\cscdll: C:\WINXP\system32\cscdll.dll (Microsoft Corporation)
Winlogon\Notify\dimsntfy: C:\WINXP\System32\dimsntfy.dll (Microsoft Corporation)
Winlogon\Notify\ScCertProp: C:\WINXP\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\Schedule: C:\WINXP\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\sclgntfy: C:\WINXP\system32\sclgntfy.dll (Microsoft Corporation)
Winlogon\Notify\SensLogn: C:\WINXP\system32\WlNotify.dll (Microsoft Corporation)
Winlogon\Notify\termsrv: C:\WINXP\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\WgaLogon: C:\WINXP\system32\WgaLogon.dll (Microsoft Corporation)
Winlogon\Notify\wlballoon: C:\WINXP\system32\wlnotify.dll (Microsoft Corporation)
HKU\S-1-5-21-602162358-436374069-1606980848-1003\...\Run: [ctfmon.exe] => C:\WINXP\system32\ctfmon.exe [15360 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [CTFMON.EXE] => C:\WINXP\system32\CTFMON.EXE [15360 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINXP\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-602162358-436374069-1606980848-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {4D4B3B6E-144A-45AB-BA4E-80E68EFE0348} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=402027&p={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINXP\system32\urlmon.dll (Microsoft Corporation)
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINXP\system32\wiascr.dll (Microsoft Corporation)
Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINXP\system32\SHELL32.dll (Microsoft Corporation)
ShellExecuteHooks:  - {AEB6717E-7E19-11d0-97EE-00C04FD91972} -  No File [ ]
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Haking\Anwendungsdaten\Mozilla\Firefox\Profiles\zq274dgd.default-1396882008687
FF Plugin: @adobe.com/FlashPlayer -> C:\WINXP\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Programme\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Programme\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Programme\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Dokumente und Einstellungen\Haking\Anwendungsdaten\Mozilla\Firefox\Profiles\zq274dgd.default-1396882008687\user.js
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\ddg.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DownloadHelper - C:\Dokumente und Einstellungen\Haking\Anwendungsdaten\Mozilla\Firefox\Profiles\zq274dgd.default-1396882008687\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-08]
FF Extension: Adblock Plus - C:\Dokumente und Einstellungen\Haking\Anwendungsdaten\Mozilla\Firefox\Profiles\zq274dgd.default-1396882008687\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-10]
FF Extension: DownThemAll! - C:\Dokumente und Einstellungen\Haking\Anwendungsdaten\Mozilla\Firefox\Profiles\zq274dgd.default-1396882008687\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-05-12]

Chrome: 
=======
CHR Profile: C:\Dokumente und Einstellungen\Haking\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINXP\system32\Macromed\Flash\FlashPlayerUpdateService.exe [267440 2014-11-06] (Adobe Systems Incorporated)
S4 Alerter; C:\WINXP\system32\alrsvc.dll [17408 2008-04-14] (Microsoft Corporation)
R3 ALG; C:\WINXP\System32\alg.exe [44544 2008-04-14] (Microsoft Corporation)
R2 AntiVirSchedulerService; C:\Programme\Avira\AntiVir Desktop\sched.exe [431920 2014-10-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Programme\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-14] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE [994552 2014-10-14] (Avira Operations GmbH & Co. KG)
S3 AppMgmt; C:\WINXP\System32\appmgmts.dll [175616 2008-04-14] (Microsoft Corporation)
S3 aspnet_state; C:\WINXP\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [35160 2010-03-18] (Microsoft Corporation)
R2 Ati HotKey Poller; C:\WINXP\system32\Ati2evxx.exe [602112 2009-02-25] (ATI Technologies Inc.)
S2 ATI Smart; C:\WINXP\system32\ati2sgag.exe [593920 2009-02-25] () [File not signed]
R2 AudioSrv; C:\WINXP\System32\audiosrv.dll [42496 2008-04-14] (Microsoft Corporation)
R2 AVM WLAN Connection Service; C:\Programme\avmwlanstick\WlanNetService.exe [356352 2006-12-28] (AVM Berlin) [File not signed]
R3 BITS; C:\WINXP\system32\qmgr.dll [409088 2008-04-14] (Microsoft Corporation)
S2 Browser; C:\WINXP\System32\browser.dll [77824 2008-04-14] (Microsoft Corporation)
S3 CiSvc; C:\WINXP\system32\cisvc.exe [5632 2008-04-14] (Microsoft Corporation)
S3 ClipSrv; C:\WINXP\system32\clipsrv.exe [33280 2008-04-14] (Microsoft Corporation)
S4 clr_optimization_v2.0.50727_32; C:\WINXP\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [66240 2005-09-23] (Microsoft Corporation)
S3 COMSysApp; C:\WINXP\system32\dllhost.exe [5120 2008-04-14] (Microsoft Corporation)
R2 CryptSvc; C:\WINXP\System32\cryptsvc.dll [62464 2008-04-14] (Microsoft Corporation)
R2 DcomLaunch; C:\WINXP\system32\rpcss.dll [399360 2008-04-14] (Microsoft Corporation)
R2 Dhcp; C:\WINXP\System32\dhcpcsvc.dll [127488 2008-04-14] (Microsoft Corporation)
S3 dmadmin; C:\WINXP\System32\dmadmin.exe [225280 2008-04-14] (Microsoft Corp., Veritas Software)
S3 dmserver; C:\WINXP\System32\dmserver.dll [24064 2008-04-14] (Microsoft Corp.)
R2 Dnscache; C:\WINXP\System32\dnsrslvr.dll [45568 2008-04-14] (Microsoft Corporation)
S3 Dot3svc; C:\WINXP\System32\dot3svc.dll [133120 2008-04-14] (Microsoft Corporation)
S3 EapHost; C:\WINXP\System32\eapsvc.dll [33792 2008-04-14] (Microsoft Corporation)
R2 ERSvc; C:\WINXP\System32\ersvc.dll [23040 2008-04-14] (Microsoft Corporation)
R2 Eventlog; C:\WINXP\system32\services.exe [109056 2008-04-14] (Microsoft Corporation)
R3 EventSystem; C:\WINXP\system32\es.dll [253952 2008-08-12] (Microsoft Corporation)
R3 FastUserSwitchingCompatibility; C:\WINXP\System32\shsvcs.dll [135168 2008-04-14] (Microsoft Corporation)
S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [116648 2014-02-20] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [116648 2014-02-20] (Google Inc.)
R2 helpsvc; C:\WINXP\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400 2008-04-14] (Microsoft Corporation)
S3 hkmsvc; C:\WINXP\System32\kmsvc.dll [61440 2008-04-14] (Microsoft Corporation)
S3 HTTPFilter; C:\WINXP\System32\w3ssl.dll [15872 2008-04-14] (Microsoft Corporation)
S3 ImapiService; C:\WINXP\system32\imapi.exe [150528 2008-04-14] (Microsoft Corporation)
R2 JavaQuickStarterService; C:\Programme\Java\jre7\bin\jqs.exe [182696 2014-11-06] (Oracle Corporation)
R2 LanmanServer; C:\WINXP\System32\srvsvc.dll [96768 2008-04-14] (Microsoft Corporation)
R2 lanmanworkstation; C:\WINXP\System32\wkssvc.dll [132096 2008-04-14] (Microsoft Corporation)
S2 LiveUpdateSvc; C:\Programme\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
R2 LmHosts; C:\WINXP\System32\lmhsvc.dll [13824 2008-04-14] (Microsoft Corporation)
S4 Messenger; C:\WINXP\System32\msgsvc.dll [33792 2008-04-14] (Microsoft Corporation)
S4 mnmsrvc; C:\WINXP\system32\mnmsrvc.exe [32768 2008-04-14] (Microsoft Corporation)
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [114288 2014-11-11] (Mozilla Foundation)
S3 MSDTC; C:\WINXP\system32\msdtc.exe [6144 2008-04-14] (Microsoft Corporation)
S3 MSIServer; C:\WINXP\System32\msiexec.exe [78848 2008-04-14] (Microsoft Corporation)
S3 napagent; C:\WINXP\System32\qagentrt.dll [294400 2008-04-14] (Microsoft Corporation)
S4 NetDDE; C:\WINXP\system32\netdde.exe [114176 2008-04-14] (Microsoft Corporation)
S4 NetDDEdsdm; C:\WINXP\system32\netdde.exe [114176 2008-04-14] (Microsoft Corporation)
S4 Netlogon; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
R3 Netman; C:\WINXP\System32\netman.dll [198144 2008-04-14] (Microsoft Corporation)
R3 Nla; C:\WINXP\System32\mswsock.dll [247296 2008-06-20] (Microsoft Corporation)
S3 NtLmSsp; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
S3 NtmsSvc; C:\WINXP\system32\ntmssvc.dll [438272 2008-04-14] (Microsoft Corporation)
R2 PlugPlay; C:\WINXP\system32\services.exe [109056 2008-04-14] (Microsoft Corporation)
S3 PolicyAgent; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
R2 ProtectedStorage; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
S3 RasAuto; C:\WINXP\System32\rasauto.dll [88576 2008-04-14] (Microsoft Corporation)
R3 RasMan; C:\WINXP\System32\rasmans.dll [186368 2008-04-14] (Microsoft Corporation)
S4 RDSessMgr; C:\WINXP\system32\sessmgr.exe [143360 2008-04-14] (Microsoft Corporation)
S4 RemoteAccess; C:\WINXP\System32\mprdim.dll [53248 2008-04-14] (Microsoft Corporation)
S4 RemoteRegistry; C:\WINXP\system32\regsvc.dll [59904 2008-04-14] (Microsoft Corporation)
S3 RpcLocator; C:\WINXP\system32\locator.exe [75264 2008-04-14] (Microsoft Corporation)
R2 RpcSs; C:\WINXP\System32\rpcss.dll [399360 2008-04-14] (Microsoft Corporation)
S4 RSVP; C:\WINXP\system32\rsvp.exe [132608 2008-04-14] (Microsoft Corporation)
R2 SamSs; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
S3 SCardSvr; C:\WINXP\System32\SCardSvr.exe [99840 2008-04-14] (Microsoft Corporation)
R2 Schedule; C:\WINXP\system32\schedsvc.dll [193536 2008-04-14] (Microsoft Corporation)
S3 seclogon; C:\WINXP\System32\seclogon.dll [18944 2008-04-14] (Microsoft Corporation)
R2 SENS; C:\WINXP\system32\sens.dll [39424 2008-04-14] (Microsoft Corporation)
R2 SharedAccess; C:\WINXP\System32\ipnathlp.dll [334336 2008-04-14] (Microsoft Corporation)
R2 ShellHWDetection; C:\WINXP\System32\shsvcs.dll [135168 2008-04-14] (Microsoft Corporation)
S3 Spooler; C:\WINXP\system32\spoolsv.exe [57856 2008-04-14] (Microsoft Corporation)
R2 srservice; C:\WINXP\system32\srsvc.dll [171520 2008-04-14] (Microsoft Corporation)
R3 SSDPSRV; C:\WINXP\System32\ssdpsrv.dll [71680 2008-04-14] (Microsoft Corporation)
R2 stisvc; C:\WINXP\system32\wiaservc.dll [334336 2008-04-14] (Microsoft Corporation)
S3 SwPrv; C:\WINXP\system32\dllhost.exe [5120 2008-04-14] (Microsoft Corporation)
S3 SysmonLog; C:\WINXP\system32\smlogsvc.exe [94208 2008-04-14] (Microsoft Corporation)
R3 TapiSrv; C:\WINXP\System32\tapisrv.dll [249856 2008-04-14] (Microsoft Corporation)
R2 TermService; C:\WINXP\System32\termsrv.dll [297472 2008-04-14] (Microsoft Corporation)
R2 Themes; C:\WINXP\System32\shsvcs.dll [135168 2008-04-14] (Microsoft Corporation)
S3 TlntSvr; C:\WINXP\system32\tlntsvr.exe [75264 2008-04-14] (Microsoft Corporation)
S3 TrkWks; C:\WINXP\system32\trkwks.dll [90112 2008-04-14] (Microsoft Corporation)
S3 TuneUp.Defrag; C:\WINXP\System32\TuneUpDefragService.exe [361288 2009-10-13] (TuneUp Software)
R2 TuneUp.ProgramStatisticsSvc; C:\WINXP\System32\TUProgSt.exe [604488 2009-10-13] (TuneUp Software)
S3 upnphost; C:\WINXP\System32\upnphost.dll [186880 2008-04-14] (Microsoft Corporation)
S3 UPS; C:\WINXP\System32\ups.exe [18432 2008-04-14] (Microsoft Corporation)
S3 VSS; C:\WINXP\System32\vssvc.exe [292864 2008-04-14] (Microsoft Corporation)
R2 W32Time; C:\WINXP\system32\w32time.dll [177152 2008-04-14] (Microsoft Corporation)
S4 WebClient; C:\WINXP\System32\webclnt.dll [68096 2008-04-14] (Microsoft Corporation)
R2 winmgmt; C:\WINXP\system32\wbem\WMIsvc.dll [145408 2008-04-14] (Microsoft Corporation)
S3 WmdmPmSN; C:\WINXP\system32\mspmsnsv.dll [27136 2008-07-08] (Microsoft Corporation)
S3 Wmi; C:\WINXP\System32\advapi32.dll [678400 2008-04-14] (Microsoft Corporation)
S3 WmiApSrv; C:\WINXP\system32\wbem\wmiapsrv.exe [126464 2008-04-14] (Microsoft Corporation)
S3 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-11-03] (Microsoft Corporation)
R2 wscsvc; C:\WINXP\system32\wscsvc.dll [80896 2008-04-14] (Microsoft Corporation)
R2 wuauserv; C:\WINXP\system32\wuauserv.dll [6656 2008-04-14] (Microsoft Corporation)
R2 WudfSvc; C:\WINXP\System32\WUDFSvc.dll [55808 2008-07-08] (Microsoft Corporation)
S4 WZCSVC; C:\WINXP\System32\wzcsvc.dll [483840 2008-11-12] (Microsoft Corporation)
S3 xmlprov; C:\WINXP\System32\xmlprov.dll [129024 2008-04-14] (Microsoft Corporation)
S2 clr_optimization_v4.0.30319_32; C:\WINXP\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [X]
S4 NetTcpPortSharing; C:\WINXP\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [X]
S3 WPFFontCache_v0400; C:\WINXP\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 ACPI; C:\WINXP\System32\DRIVERS\ACPI.sys [188800 2008-04-14] (Microsoft Corporation)
S4 ACPIEC; C:\WINXP\system32\Drivers\ACPIEC.sys [12160 2008-04-14] (Microsoft Corporation)
S3 aec; C:\WINXP\System32\drivers\aec.sys [142592 2008-04-13] (Microsoft Corporation)
R1 AFD; C:\WINXP\System32\drivers\afd.sys [138496 2008-08-14] (Microsoft Corporation)
S3 AIDA32Driver; C:\Programme\aida32.sys [3584 2004-02-23] () [File not signed]
R3 Arp1394; C:\WINXP\System32\DRIVERS\arp1394.sys [60800 2008-11-12] (Microsoft Corporation)
S3 AsyncMac; C:\WINXP\System32\DRIVERS\asyncmac.sys [14336 2008-04-14] (Microsoft Corporation)
R0 atapi; C:\WINXP\System32\DRIVERS\atapi.sys [96512 2008-04-14] (Microsoft Corporation)
R3 ati2mtag; C:\WINXP\System32\DRIVERS\ati2mtag.sys [3565568 2009-02-25] (ATI Technologies Inc.)
S3 Atmarpc; C:\WINXP\System32\DRIVERS\atmarpc.sys [59904 2008-04-14] (Microsoft Corporation)
R3 audstub; C:\WINXP\System32\DRIVERS\audstub.sys [3072 2001-08-17] (Microsoft Corporation)
R2 avgntflt; C:\WINXP\System32\DRIVERS\avgntflt.sys [98160 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINXP\System32\DRIVERS\avipbb.sys [136216 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINXP\System32\DRIVERS\avkmgr.sys [37352 2013-10-01] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\WINXP\System32\drivers\avmeject.sys [4352 2006-12-28] (AVM Berlin) [File not signed]
R1 Beep; C:\WINXP\system32\Drivers\Beep.sys [4224 2008-04-14] (Microsoft Corporation)
S4 cbidf2k; C:\WINXP\system32\Drivers\cbidf2k.sys [13952 2008-04-14] (Microsoft Corporation)
S1 Cdaudio; C:\WINXP\system32\Drivers\Cdaudio.sys [18688 2008-11-12] (Microsoft Corporation)
R4 Cdfs; C:\WINXP\system32\Drivers\Cdfs.sys [63744 2008-04-14] (Microsoft Corporation)
R1 Cdrom; C:\WINXP\System32\DRIVERS\cdrom.sys [62976 2008-04-14] (Microsoft Corporation)
R0 Disk; C:\WINXP\System32\DRIVERS\disk.sys [36352 2008-04-14] (Microsoft Corporation)
S4 dmboot; C:\WINXP\System32\drivers\dmboot.sys [800384 2008-04-14] (Microsoft Corp., Veritas Software)
R0 dmio; C:\WINXP\System32\drivers\dmio.sys [154112 2008-04-14] (Microsoft Corp., Veritas Software)
R0 dmload; C:\WINXP\System32\drivers\dmload.sys [5888 2008-04-14] (Microsoft Corp., Veritas Software.)
S3 DMusic; C:\WINXP\System32\drivers\DMusic.sys [52864 2008-04-13] (Microsoft Corporation)
S3 drmkaud; C:\WINXP\System32\drivers\drmkaud.sys [2944 2008-04-13] (Microsoft Corporation)
S4 Fastfat; C:\WINXP\system32\Drivers\Fastfat.sys [143744 2008-04-14] (Microsoft Corporation)
S3 Fdc; C:\WINXP\System32\DRIVERS\fdc.sys [27392 2008-04-14] (Microsoft Corporation)
R1 Fips; C:\WINXP\system32\Drivers\Fips.sys [44672 2008-04-14] (Microsoft Corporation)
S3 Flpydisk; C:\WINXP\System32\DRIVERS\flpydisk.sys [20480 2008-04-14] (Microsoft Corporation)
R0 FltMgr; C:\WINXP\System32\DRIVERS\fltMgr.sys [129792 2008-04-14] (Microsoft Corporation)
U1 Fs_Rec; C:\WINXP\system32\Drivers\Fs_Rec.sys [7936 2008-04-14] (Microsoft Corporation)
R0 Ftdisk; C:\WINXP\System32\DRIVERS\ftdisk.sys [126336 2008-04-14] (Microsoft Corporation)
R3 FWLANUSB; C:\WINXP\System32\DRIVERS\fwlanusb.sys [265088 2006-12-28] (AVM GmbH)
R3 Gpc; C:\WINXP\System32\DRIVERS\msgpc.sys [35072 2008-04-14] (Microsoft Corporation)
R3 HDAudBus; C:\WINXP\System32\DRIVERS\HDAudBus.sys [144384 2008-04-14] (Windows (R) Server 2003 DDK provider)
R3 hidusb; C:\WINXP\System32\DRIVERS\hidusb.sys [10368 2008-04-14] (Microsoft Corporation)
R3 HTTP; C:\WINXP\System32\Drivers\HTTP.sys [264832 2008-04-14] (Microsoft Corporation)
R1 i8042prt; C:\WINXP\System32\DRIVERS\i8042prt.sys [52992 2008-04-14] (Microsoft Corporation)
R1 Imapi; C:\WINXP\System32\DRIVERS\imapi.sys [42112 2008-04-14] (Microsoft Corporation)
R3 IntcAzAudAddService; C:\WINXP\System32\drivers\RtkHDAud.sys [3173888 2005-06-29] (Realtek Semiconductor Corp.)
R0 IntelIde; C:\WINXP\System32\DRIVERS\intelide.sys [5504 2008-04-14] (Microsoft Corporation)
R1 intelppm; C:\WINXP\System32\DRIVERS\intelppm.sys [40448 2008-04-14] (Microsoft Corporation)
S3 Ip6Fw; C:\WINXP\System32\DRIVERS\Ip6Fw.sys [36608 2008-04-14] (Microsoft Corporation)
S3 IpFilterDriver; C:\WINXP\System32\DRIVERS\ipfltdrv.sys [32896 2008-04-14] (Microsoft Corporation)
S3 IpInIp; C:\WINXP\System32\DRIVERS\ipinip.sys [20864 2008-04-14] (Microsoft Corporation)
R3 IpNat; C:\WINXP\System32\DRIVERS\ipnat.sys [152832 2008-04-14] (Microsoft Corporation)
R1 IPSec; C:\WINXP\System32\DRIVERS\ipsec.sys [75264 2008-04-14] (Microsoft Corporation)
S3 IRENUM; C:\WINXP\System32\DRIVERS\irenum.sys [11264 2008-04-14] (Microsoft Corporation)
R0 isapnp; C:\WINXP\System32\DRIVERS\isapnp.sys [37632 2008-04-14] (Microsoft Corporation)
R1 Kbdclass; C:\WINXP\System32\DRIVERS\kbdclass.sys [25216 2008-04-14] (Microsoft Corporation)
R3 kmixer; C:\WINXP\System32\drivers\kmixer.sys [172416 2008-04-13] (Microsoft Corporation)
R0 KSecDD; C:\WINXP\system32\Drivers\KSecDD.sys [92288 2008-04-14] (Microsoft Corporation)
S3 MBAMSwissArmy; C:\WINXP\system32\drivers\MBAMSwissArmy.sys [107736 2014-03-25] (Malwarebytes Corporation)
R1 mnmdd; C:\WINXP\system32\Drivers\mnmdd.sys [4224 2008-04-14] (Microsoft Corporation)
S3 Modem; C:\WINXP\system32\Drivers\Modem.sys [30336 2008-11-12] (Microsoft Corporation)
R1 Mouclass; C:\WINXP\System32\DRIVERS\mouclass.sys [23552 2008-11-12] (Microsoft Corporation)
R3 mouhid; C:\WINXP\System32\DRIVERS\mouhid.sys [12288 2008-11-12] (Microsoft Corporation)
R0 MountMgr; C:\WINXP\system32\Drivers\MountMgr.sys [42368 2008-04-14] (Microsoft Corporation)
S3 MRxDAV; C:\WINXP\System32\DRIVERS\mrxdav.sys [180608 2008-04-14] (Microsoft Corporation)
R1 MRxSmb; C:\WINXP\System32\DRIVERS\mrxsmb.sys [455936 2008-11-12] (Microsoft Corporation)
R1 Msfs; C:\WINXP\system32\Drivers\Msfs.sys [19072 2008-04-14] (Microsoft Corporation)
S3 MSKSSRV; C:\WINXP\System32\drivers\MSKSSRV.sys [7552 2008-04-13] (Microsoft Corporation)
S3 MSPCLOCK; C:\WINXP\System32\drivers\MSPCLOCK.sys [5376 2008-04-13] (Microsoft Corporation)
S3 MSPQM; C:\WINXP\System32\drivers\MSPQM.sys [4992 2008-04-13] (Microsoft Corporation)
R3 mssmbios; C:\WINXP\System32\DRIVERS\mssmbios.sys [15488 2008-11-12] (Microsoft Corporation)
R0 Mup; C:\WINXP\system32\Drivers\Mup.sys [105344 2008-04-14] (Microsoft Corporation)
R0 NDIS; C:\WINXP\system32\Drivers\NDIS.sys [182656 2008-04-14] (Microsoft Corporation)
R3 NdisTapi; C:\WINXP\System32\DRIVERS\ndistapi.sys [10112 2008-04-14] (Microsoft Corporation)
S3 Ndisuio; C:\WINXP\System32\DRIVERS\ndisuio.sys [14592 2008-11-12] (Microsoft Corporation)
R3 NdisWan; C:\WINXP\System32\DRIVERS\ndiswan.sys [91520 2008-04-14] (Microsoft Corporation)
R3 NDProxy; C:\WINXP\system32\Drivers\NDProxy.sys [40576 2008-04-14] (Microsoft Corporation)
R1 NetBIOS; C:\WINXP\System32\DRIVERS\netbios.sys [34688 2008-04-14] (Microsoft Corporation)
R1 NetBT; C:\WINXP\System32\DRIVERS\netbt.sys [162816 2008-04-14] (Microsoft Corporation)
R3 NIC1394; C:\WINXP\System32\DRIVERS\nic1394.sys [61824 2008-11-12] (Microsoft Corporation)
R1 Npfs; C:\WINXP\system32\Drivers\Npfs.sys [30848 2008-04-14] (Microsoft Corporation)
R4 Ntfs; C:\WINXP\system32\Drivers\Ntfs.sys [574976 2008-04-14] (Microsoft Corporation)
R1 Null; C:\WINXP\system32\Drivers\Null.sys [2944 2008-04-14] (Microsoft Corporation)
S3 NwlnkFlt; C:\WINXP\System32\DRIVERS\nwlnkflt.sys [12416 2008-04-14] (Microsoft Corporation)
S3 NwlnkFwd; C:\WINXP\System32\DRIVERS\nwlnkfwd.sys [32512 2008-04-14] (Microsoft Corporation)
R0 ohci1394; C:\WINXP\System32\DRIVERS\ohci1394.sys [61696 2008-04-14] (Microsoft Corporation)
R3 Parport; C:\WINXP\System32\DRIVERS\parport.sys [80384 2008-11-12] (Microsoft Corporation)
R0 PartMgr; C:\WINXP\system32\Drivers\PartMgr.sys [19712 2008-04-14] (Microsoft Corporation)
R2 ParVdm; C:\WINXP\system32\Drivers\ParVdm.sys [7040 2008-04-14] (Microsoft Corporation)
R0 PCI; C:\WINXP\System32\DRIVERS\pci.sys [68224 2008-04-14] (Microsoft Corporation)
R0 PCIIde; C:\WINXP\system32\Drivers\PCIIde.sys [3328 2008-04-14] (Microsoft Corporation)
S4 Pcmcia; C:\WINXP\system32\Drivers\Pcmcia.sys [120576 2008-04-14] (Microsoft Corporation)
R3 PptpMiniport; C:\WINXP\System32\DRIVERS\raspptp.sys [48384 2008-04-14] (Microsoft Corporation)
R3 PSched; C:\WINXP\System32\DRIVERS\psched.sys [69120 2008-04-14] (Microsoft Corporation)
R3 Ptilink; C:\WINXP\System32\DRIVERS\ptilink.sys [17792 2008-04-14] (Parallel Technologies, Inc.)
R1 RasAcd; C:\WINXP\System32\DRIVERS\rasacd.sys [8832 2008-04-14] (Microsoft Corporation)
R3 Rasl2tp; C:\WINXP\System32\DRIVERS\rasl2tp.sys [51328 2008-04-14] (Microsoft Corporation)
R3 RasPppoe; C:\WINXP\System32\DRIVERS\raspppoe.sys [41472 2008-04-14] (Microsoft Corporation)
R3 Raspti; C:\WINXP\System32\DRIVERS\raspti.sys [16512 2008-04-14] (Microsoft Corporation)
R1 Rdbss; C:\WINXP\System32\DRIVERS\rdbss.sys [175744 2008-04-14] (Microsoft Corporation)
R1 RDPCDD; C:\WINXP\System32\DRIVERS\RDPCDD.sys [4224 2008-04-14] (Microsoft Corporation)
R3 rdpdr; C:\WINXP\System32\DRIVERS\rdpdr.sys [196224 2008-04-13] (Microsoft Corporation)
S3 RDPWD; C:\WINXP\system32\Drivers\RDPWD.sys [139656 2008-04-14] (Microsoft Corporation)
R1 redbook; C:\WINXP\System32\DRIVERS\redbook.sys [57728 2008-04-14] (Microsoft Corporation)
R3 rtl8139; C:\WINXP\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
S3 Secdrv; C:\WINXP\System32\DRIVERS\secdrv.sys [20480 2008-04-14] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
R3 serenum; C:\WINXP\System32\DRIVERS\serenum.sys [15744 2008-04-14] (Microsoft Corporation)
R1 Serial; C:\WINXP\System32\DRIVERS\serial.sys [65536 2008-04-14] (Microsoft Corporation)
S1 Sfloppy; C:\WINXP\system32\Drivers\Sfloppy.sys [11392 2008-04-14] (Microsoft Corporation)
R1 SLEE_16_DRIVER; C:\WINXP\system32\drivers\Sleen16.sys [79104 2007-10-11] (Softwareentwicklung Remus - ArchiCrypt )
S3 splitter; C:\WINXP\System32\drivers\splitter.sys [6272 2008-04-13] (Microsoft Corporation)
R0 sptd; C:\WINXP\System32\Drivers\sptd.sys [691696 2012-07-16] () [File not signed]
R0 sr; C:\WINXP\System32\DRIVERS\sr.sys [73472 2008-04-14] (Microsoft Corporation)
R3 Srv; C:\WINXP\System32\DRIVERS\srv.sys [333824 2008-10-17] (Microsoft Corporation)
R3 swenum; C:\WINXP\System32\DRIVERS\swenum.sys [4352 2008-11-12] (Microsoft Corporation)
S3 swmidi; C:\WINXP\System32\drivers\swmidi.sys [56576 2008-04-13] (Microsoft Corporation)
R3 sysaudio; C:\WINXP\System32\drivers\sysaudio.sys [60800 2008-04-13] (Microsoft Corporation)
R1 Tcpip; C:\WINXP\System32\DRIVERS\tcpip.sys [361600 2008-07-08] (Microsoft Corporation)
S3 TDPIPE; C:\WINXP\system32\Drivers\TDPIPE.sys [12040 2008-04-14] (Microsoft Corporation)
S3 TDTCP; C:\WINXP\system32\Drivers\TDTCP.sys [21896 2008-04-14] (Microsoft Corporation)
R1 TermDD; C:\WINXP\System32\DRIVERS\termdd.sys [40840 2008-04-14] (Microsoft Corporation)
R1 truecrypt; C:\WINXP\System32\drivers\truecrypt.sys [231760 2014-11-10] (TrueCrypt Foundation)
S4 Udfs; C:\WINXP\system32\Drivers\Udfs.sys [66048 2008-04-14] (Microsoft Corporation)
R3 Update; C:\WINXP\System32\DRIVERS\update.sys [384768 2008-04-14] (Microsoft Corporation)
R3 usbehci; C:\WINXP\System32\DRIVERS\usbehci.sys [30208 2008-04-14] (Microsoft Corporation)
R3 usbhub; C:\WINXP\System32\DRIVERS\usbhub.sys [59520 2008-04-14] (Microsoft Corporation)
S3 usbscan; C:\WINXP\System32\DRIVERS\usbscan.sys [15104 2008-04-13] (Microsoft Corporation)
R3 usbstor; C:\WINXP\System32\DRIVERS\USBSTOR.SYS [26368 2008-04-14] (Microsoft Corporation)
R3 usbuhci; C:\WINXP\System32\DRIVERS\usbuhci.sys [20608 2008-04-14] (Microsoft Corporation)
R1 VgaSave; C:\WINXP\System32\drivers\vga.sys [20992 2008-04-14] (Microsoft Corporation)
R0 VolSnap; C:\WINXP\system32\Drivers\VolSnap.sys [53760 2008-04-14] (Microsoft Corporation)
R3 Wanarp; C:\WINXP\System32\DRIVERS\wanarp.sys [34560 2008-04-14] (Microsoft Corporation)
R3 wdmaud; C:\WINXP\System32\drivers\wdmaud.sys [83072 2008-04-13] (Microsoft Corporation)
S3 WpdUsb; C:\WINXP\System32\DRIVERS\wpdusb.sys [38528 2008-07-08] (Microsoft Corporation)
R1 WS2IFSL; C:\WINXP\System32\drivers\ws2ifsl.sys [12032 2008-04-14] (Microsoft Corporation)
R0 WudfPf; C:\WINXP\System32\DRIVERS\WudfPf.sys [77568 2008-07-08] (Microsoft Corporation)
S3 WudfRd; C:\WINXP\System32\DRIVERS\wudfrd.sys [82944 2008-07-08] (Microsoft Corporation)
S3 catchme; \??\C:\DOKUME~1\Haking\LOKALE~1\Temp\catchme.sys [X]
S3 SANDRA; \??\C:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\Sandra.sys [X]
S2 StarOpen; No ImagePath

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-14 07:17 - 2014-11-14 07:17 - 00000000 ____D () C:\FRST
2014-11-12 14:33 - 2014-11-12 14:33 - 00102400 _____ () C:\WINXP\Minidump\Mini111214-01.dmp
2014-11-11 16:18 - 2014-11-11 16:18 - 00102400 _____ () C:\WINXP\Minidump\Mini111114-01.dmp
2014-11-10 16:10 - 2014-11-11 15:31 - 00000000 ____D () C:\Programme\Mozilla Firefox
2014-11-10 15:13 - 2014-11-10 15:13 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TrueCrypt
2014-11-06 09:04 - 2014-11-06 09:04 - 00102400 _____ () C:\WINXP\Minidump\Mini110614-01.dmp
2014-11-06 08:45 - 2014-11-06 08:45 - 00000000 ____D () C:\Programme\Gemeinsame Dateien\Java
2014-11-06 08:45 - 2014-11-06 08:45 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Java
2014-11-06 08:45 - 2014-11-06 08:44 - 00272808 _____ (Oracle Corporation) C:\WINXP\system32\javaws.exe
2014-11-06 08:45 - 2014-11-06 08:44 - 00175528 _____ (Oracle Corporation) C:\WINXP\system32\javaw.exe
2014-11-06 08:45 - 2014-11-06 08:44 - 00175528 _____ (Oracle Corporation) C:\WINXP\system32\java.exe
2014-11-06 08:45 - 2014-11-06 08:44 - 00145408 _____ (Oracle Corporation) C:\WINXP\system32\javacpl.cpl
2014-11-06 08:45 - 2014-11-06 08:44 - 00096680 _____ (Oracle Corporation) C:\WINXP\system32\WindowsAccessBridge.dll
2014-11-05 08:35 - 2014-11-05 08:35 - 00102400 _____ () C:\WINXP\Minidump\Mini110514-01.dmp
2014-10-29 12:40 - 2014-10-29 12:40 - 00000000 ____D () C:\Dokumente und Einstellungen\Haking\Eigene Dateien\VA-Black_Charts_Top_20_vom_27-10-2014
2014-10-29 12:40 - 2014-10-29 12:40 - 00000000 ____D () C:\Dokumente und Einstellungen\Haking\Eigene Dateien\Neueinsteiger vom 03.11.2014
2014-10-16 12:35 - 2014-10-16 12:35 - 00102400 _____ () C:\WINXP\Minidump\Mini101614-01.dmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-14 07:18 - 2014-02-24 08:26 - 00000000 ____D () C:\Dokumente und Einstellungen\Haking\Lokale Einstellungen\temp
2014-11-14 07:17 - 2014-02-24 08:26 - 00000000 ____D () C:\WINXP\temp
2014-11-14 07:15 - 2008-04-14 12:00 - 00002206 _____ () C:\WINXP\system32\wpa.dbl
2014-11-14 07:10 - 2009-07-10 14:54 - 00323757 _____ () C:\WINXP\WindowsUpdate.log
2014-11-14 07:04 - 2014-05-26 11:21 - 00000159 _____ () C:\WINXP\wiadebug.log
2014-11-14 07:04 - 2014-05-26 11:21 - 00000050 _____ () C:\WINXP\wiaservc.log
2014-11-14 07:04 - 2014-02-20 09:22 - 00001086 _____ () C:\WINXP\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-14 07:04 - 2012-11-30 18:11 - 00000520 _____ () C:\WINXP\Tasks\Automatische Wartung.job
2014-11-14 07:04 - 2009-07-20 07:30 - 00000000 ____D () C:\WINXP\system32\Lang
2014-11-14 07:04 - 2009-07-10 15:01 - 00000006 ____H () C:\WINXP\Tasks\SA.DAT
2014-11-12 15:15 - 2009-07-10 15:03 - 00000190 ___SH () C:\Dokumente und Einstellungen\Haking\ntuser.ini
2014-11-12 15:15 - 2009-07-10 15:01 - 00031920 _____ () C:\WINXP\SchedLgU.Txt
2014-11-12 15:14 - 2009-07-10 15:03 - 00000000 ____D () C:\Dokumente und Einstellungen\Haking
2014-11-12 14:47 - 2010-10-11 07:07 - 00007680 ___SH () C:\WINXP\Thumbs.db
2014-11-12 14:43 - 2013-03-04 09:19 - 00000880 _____ () C:\WINXP\Tasks\Adobe Flash Player Updater.job
2014-11-12 14:40 - 2009-07-13 11:39 - 00035328 _____ () C:\Dokumente und Einstellungen\Haking\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-12 14:33 - 2013-01-21 14:49 - 00000000 ____D () C:\WINXP\Minidump
2014-11-12 14:33 - 2009-07-10 16:28 - 00000000 ____D () C:\WINXP
2014-11-11 16:50 - 2009-07-30 11:39 - 00000000 ____D () C:\Dokumente und Einstellungen\Haking\Anwendungsdaten\vlc
2014-11-11 16:33 - 2014-02-20 09:23 - 00001090 _____ () C:\WINXP\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-11 16:27 - 2011-02-25 09:49 - 00000000 ____D () C:\Programme\JDownloader
2014-11-11 16:23 - 2009-07-10 15:35 - 01101552 _____ () C:\WINXP\system32\PerfStringBackup.INI
2014-11-11 15:35 - 2010-10-11 07:07 - 00012800 ___SH () C:\Programme\Thumbs.db
2014-11-11 15:31 - 2014-04-07 13:36 - 00000000 ____D () C:\Programme\Mozilla Maintenance Service
2014-11-11 10:35 - 2009-07-10 15:35 - 00000000 ___RD () C:\Programme
2014-11-10 15:13 - 2011-02-24 15:46 - 00231760 _____ (TrueCrypt Foundation) C:\WINXP\system32\Drivers\truecrypt.sys
2014-11-10 15:13 - 2009-07-10 15:34 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme
2014-11-06 08:43 - 2009-07-13 09:34 - 00000000 ____D () C:\Programme\Java
2014-11-06 08:37 - 2014-07-10 12:12 - 00000000 ____D () C:\Dokumente und Einstellungen\Haking\Lokale Einstellungen\Anwendungsdaten\Adobe
2014-11-06 08:37 - 2012-04-04 07:46 - 00701104 _____ (Adobe Systems Incorporated) C:\WINXP\system32\FlashPlayerApp.exe
2014-11-06 08:37 - 2011-05-26 09:55 - 00071344 _____ (Adobe Systems Incorporated) C:\WINXP\system32\FlashPlayerCPLApp.cpl
2014-11-05 10:36 - 2010-11-09 08:33 - 00000000 ____D () C:\WINXP\system32\NtmsData
2014-11-05 08:59 - 2009-07-10 14:52 - 00000000 ____D () C:\WINXP\Registration

Some content of TEMP:
====================
C:\Dokumente und Einstellungen\Haking\Lokale Einstellungen\temp\avgnt.exe
C:\Dokumente und Einstellungen\Haking\Lokale Einstellungen\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyx_ycc.dll
C:\Dokumente und Einstellungen\Haking\Lokale Einstellungen\temp\install_flashplayer14x32au_mssd_awc_aih.exe
C:\Dokumente und Einstellungen\Haking\Lokale Einstellungen\temp\jre-7u65-windows-i586-iftw.exe
C:\Dokumente und Einstellungen\Haking\Lokale Einstellungen\temp\jre-7u67-windows-i586-iftw.exe
C:\Dokumente und Einstellungen\Haking\Lokale Einstellungen\temp\jre-7u71-windows-i586-iftw.exe
C:\Dokumente und Einstellungen\Haking\Lokale Einstellungen\temp\loygame-pro.exe
C:\Dokumente und Einstellungen\Haking\Lokale Einstellungen\temp\updatepackasc.exe
C:\Dokumente und Einstellungen\Haking\Lokale Einstellungen\temp\vlc-2.1.5-win32.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINXP\explorer.exe => File is digitally signed
C:\WINXP\system32\winlogon.exe => File is digitally signed
C:\WINXP\system32\svchost.exe => File is digitally signed
C:\WINXP\system32\services.exe => File is digitally signed
C:\WINXP\system32\User32.dll => File is digitally signed
C:\WINXP\system32\userinit.exe => File is digitally signed
C:\WINXP\system32\rpcss.dll => File is digitally signed
C:\WINXP\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

--- --- ---

--- --- ---

FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-11-2014 01
Ran by Haking at 2014-11-14 07:19:34
Running from E:\
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Disabled - Up to date) {AD166499-45F9-482A-A743-FDD3350758C7}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.2.202.235 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
ATI - Software Uninstall Utility (HKLM\...\All ATI Software) (Version: 6.14.10.1022 - )
ATI Catalyst Control Center (HKLM\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.009.0225.1545 - )
ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.591-090225a-076825C-ATI - )
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira)
AVM FRITZ!WLAN (HKLM\...\AVMWLANCLI) (Version:  - AVM Berlin)
ccc-core-preinstall (Version: 2009.0225.1546.28221 - ATI) Hidden
ccc-core-static (Version: 2009.0225.1546.28221 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.26 - Piriform)
Dir-It! (HKLM\...\{602A58C3-BDF2-4B8A-B9D3-B6D9BACA386A}) (Version: 4.00.0000 - Wirth New Media Sarl)
DriverEasy 4.6.6 (HKLM\...\DriverEasy_is1) (Version: 4.6.6.0 - Easeware)
Google Update Helper (Version: 1.3.25.5 - Google Inc.) Hidden
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
JDownloader (HKLM\...\JDownloader) (Version:  - AppWork UG (haftungsbeschränkt))
K-Lite Codec Pack 5.6.0 (Standard) (HKLM\...\KLiteCodecPack_is1) (Version: 5.6.0 - )
Media Player Classic - Home Cinema v1.5.2.3456 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.5.2.3456 - MPC-HC Team)
Microsoft .NET Framework 2.0 (HKLM\...\Microsoft .NET Framework 2.0) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 33.1 (x86 de) (HKLM\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Sicherheitsupdate für Windows Internet Explorer 7 (KB938127-v2) (HKLM\...\KB938127-v2-IE7) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB950759) (HKLM\...\KB950759-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB953838) (HKLM\...\KB953838-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB956390) (HKLM\...\KB956390-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player 11 (KB954154) (HKLM\...\KB954154_WM11) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB923789) (HKLM\...\KB923789) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB941569) (HKLM\...\KB941569) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB946648) (HKLM\...\KB946648) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950760) (HKLM\...\KB950760) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950762) (HKLM\...\KB950762) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951376-v2) (HKLM\...\KB951376-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951698) (HKLM\...\KB951698) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951748) (HKLM\...\KB951748) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB953839) (HKLM\...\KB953839) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956391) (HKLM\...\KB956391) (Version: 1 - Microsoft Corporation)
Skins (Version: 2009.0225.1546.28221 - ATI) Hidden
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
TrueCrypt (HKLM\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
TuneUp Utilities 2009 (HKLM\...\{55A29068-F2CE-456C-9148-C869879E2357}) (Version: 8.0.3300.1 - TuneUp Software)
Update für Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB943729) (HKLM\...\KB943729) (Version:  - Microsoft Corporation)
Update für Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.8.0031.9 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-602162358-436374069-1606980848-1003_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Dokumente und Einstellungen\Haking\Anwendungsdaten\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-602162358-436374069-1606980848-1003_Classes\CLSID\{E69341A3-E6D2-4175-B60C-C9D3D6FA40F6}\localserver32 -> C:\Dokumente und Einstellungen\Haking\Anwendungsdaten\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-602162358-436374069-1606980848-1003_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Dokumente und Einstellungen\Haking\Anwendungsdaten\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-602162358-436374069-1606980848-1003_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Dokumente und Einstellungen\Haking\Anwendungsdaten\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-602162358-436374069-1606980848-1003_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Dokumente und Einstellungen\Haking\Anwendungsdaten\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-602162358-436374069-1606980848-1003_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Dokumente und Einstellungen\Haking\Anwendungsdaten\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-602162358-436374069-1606980848-1003_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Dokumente und Einstellungen\Haking\Anwendungsdaten\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-602162358-436374069-1606980848-1003_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Dokumente und Einstellungen\Haking\Anwendungsdaten\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-602162358-436374069-1606980848-1003_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Dokumente und Einstellungen\Haking\Anwendungsdaten\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-602162358-436374069-1606980848-1003_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Dokumente und Einstellungen\Haking\Anwendungsdaten\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

10-10-2014 07:25:12 Systemprüfpunkt
13-10-2014 07:40:08 Systemprüfpunkt
14-10-2014 10:27:26 Systemprüfpunkt
16-10-2014 07:51:51 Systemprüfpunkt
17-10-2014 07:53:23 Systemprüfpunkt
29-10-2014 08:18:30 Systemprüfpunkt
05-11-2014 08:18:49 Systemprüfpunkt
06-11-2014 07:40:40 Java 7 Update 67 wird entfernt
06-11-2014 07:43:14 Java 7 Update 71 wird installiert
10-11-2014 14:13:02 TrueCrypt installation

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2008-04-14 12:00 - 2014-02-24 08:24 - 00000027 ____A C:\WINXP\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINXP\Tasks\Adobe Flash Player Updater.job => C:\WINXP\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINXP\Tasks\Automatische Wartung.job => C:\Programme\TuneUp Utilities 2009\OneClickStarter.exe
Task: C:\WINXP\Tasks\DriverEasy Scheduled Scan.job => C:\Programme\Easeware\DriverEasy\DriverEasy.exe
Task: C:\WINXP\Tasks\GoogleUpdateTaskMachineCore.job => C:\Programme\Google\Update\GoogleUpdate.exe
Task: C:\WINXP\Tasks\GoogleUpdateTaskMachineUA.job => C:\Programme\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-05-19 10:50 - 2008-09-16 19:18 - 00132608 _____ () C:\Programme\WinRAR\rarext.dll
2014-11-10 16:10 - 2014-11-11 10:36 - 03649648 _____ () C:\Programme\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:AD022376

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-602162358-436374069-1606980848-500 - Administrator - Enabled)
ASPNET (S-1-5-21-602162358-436374069-1606980848-1004 - Limited - Enabled)
Gast (S-1-5-21-602162358-436374069-1606980848-501 - Limited - Disabled)
Haking (S-1-5-21-602162358-436374069-1606980848-1003 - Administrator - Enabled) => %SystemDrive%\Dokumente und Einstellungen\Haking
Hilfeassistent (S-1-5-21-602162358-436374069-1606980848-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-602162358-436374069-1606980848-1002 - Limited - Disabled)

==================== Faulty Device Manager Devices =============

Could not list Devices. Check "winmgmt" service or repair WMI.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/12/2014 02:58:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlgeschlagene Anwendung plugin-container.exe, Version 33.1.0.5423, fehlgeschlagenes Modul mozalloc.dll, Version 33.1.0.5423, Fehleradresse 0x00001425.
Das medienspezifische Ereignis für [plugin-container.exe!ws!] wird verarbeitet.

Error: (11/12/2014 02:57:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlgeschlagene Anwendung plugin-container.exe, Version 33.1.0.5423, fehlgeschlagenes Modul mozalloc.dll, Version 33.1.0.5423, Fehleradresse 0x00001425.
Das medienspezifische Ereignis für [plugin-container.exe!ws!] wird verarbeitet.

Error: (11/12/2014 02:54:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlgeschlagene Anwendung plugin-container.exe, Version 33.1.0.5423, fehlgeschlagenes Modul mozalloc.dll, Version 33.1.0.5423, Fehleradresse 0x00001425.
Das medienspezifische Ereignis für [plugin-container.exe!ws!] wird verarbeitet.

Error: (11/12/2014 02:54:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlgeschlagene Anwendung plugin-container.exe, Version 33.1.0.5423, fehlgeschlagenes Modul mozalloc.dll, Version 33.1.0.5423, Fehleradresse 0x00001425.
Das medienspezifische Ereignis für [plugin-container.exe!ws!] wird verarbeitet.

Error: (11/12/2014 02:51:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlgeschlagene Anwendung plugin-container.exe, Version 33.1.0.5423, fehlgeschlagenes Modul mozalloc.dll, Version 33.1.0.5423, Fehleradresse 0x00001425.
Das medienspezifische Ereignis für [plugin-container.exe!ws!] wird verarbeitet.

Error: (11/12/2014 02:46:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlgeschlagene Anwendung plugin-container.exe, Version 33.1.0.5423, fehlgeschlagenes Modul mozalloc.dll, Version 33.1.0.5423, Fehleradresse 0x00001425.
Das medienspezifische Ereignis für [plugin-container.exe!ws!] wird verarbeitet.

Error: (11/11/2014 04:51:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlgeschlagene Anwendung explorer.exe, Version 6.0.2900.5512, fehlgeschlagenes Modul , Version 0.0.0.0, Fehleradresse 0x00000000.
Das medienspezifische Ereignis für [explorer.exe!ws!] wird verarbeitet.

Error: (11/11/2014 04:37:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlgeschlagene Anwendung plugin-container.exe, Version 33.1.0.5423, fehlgeschlagenes Modul mozalloc.dll, Version 33.1.0.5423, Fehleradresse 0x00001425.
Das medienspezifische Ereignis für [plugin-container.exe!ws!] wird verarbeitet.

Error: (11/11/2014 10:40:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlgeschlagene Anwendung plugin-container.exe, Version 33.1.0.5423, fehlgeschlagenes Modul mozalloc.dll, Version 33.1.0.5423, Fehleradresse 0x00001425.
Das medienspezifische Ereignis für [plugin-container.exe!ws!] wird verarbeitet.

Error: (11/11/2014 09:27:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlgeschlagene Anwendung plugin-container.exe, Version 33.0.3.5422, fehlgeschlagenes Modul mozalloc.dll, Version 33.0.3.5422, Fehleradresse 0x00001425.
Das medienspezifische Ereignis für [plugin-container.exe!ws!] wird verarbeitet.


System errors:
=============
Error: (11/14/2014 07:05:42 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LiveUpdate" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/14/2014 07:04:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "StarOpen" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/12/2014 02:35:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LiveUpdate" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/12/2014 02:34:13 PM) (Source: System Error) (EventID: 1003) (User: )
Description: Fehlercode 1000000a, 1. Parameter 34f566ae, 2. Parameter 00000002, 3. Parameter 00000000, 4. Parameter 8050f127.

Error: (11/12/2014 02:34:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "StarOpen" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/12/2014 02:16:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LiveUpdate" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/12/2014 02:15:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "StarOpen" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/11/2014 04:19:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LiveUpdate" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/11/2014 04:19:00 PM) (Source: System Error) (EventID: 1003) (User: )
Description: Fehlercode 00000024, 1. Parameter 001902fe, 2. Parameter ba08e628, 3. Parameter ba08e324, 4. Parameter 8054b168.

Error: (11/11/2014 04:18:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "StarOpen" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (11/12/2014 02:58:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe33.1.0.5423mozalloc.dll33.1.0.542300001425

Error: (11/12/2014 02:57:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe33.1.0.5423mozalloc.dll33.1.0.542300001425

Error: (11/12/2014 02:54:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe33.1.0.5423mozalloc.dll33.1.0.542300001425

Error: (11/12/2014 02:54:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe33.1.0.5423mozalloc.dll33.1.0.542300001425

Error: (11/12/2014 02:51:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe33.1.0.5423mozalloc.dll33.1.0.542300001425

Error: (11/12/2014 02:46:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe33.1.0.5423mozalloc.dll33.1.0.542300001425

Error: (11/11/2014 04:51:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.0.2900.55120.0.0.000000000

Error: (11/11/2014 04:37:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe33.1.0.5423mozalloc.dll33.1.0.542300001425

Error: (11/11/2014 10:40:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe33.1.0.5423mozalloc.dll33.1.0.542300001425

Error: (11/11/2014 09:27:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe33.0.3.5422mozalloc.dll33.0.3.542200001425


==================== Memory info =========================== 

Processor:  Intel(R) Pentium(R) 4 CPU 3.06GHz
Percentage of memory in use: 79%
Total physical RAM: 1023.61 MB
Available physical RAM: 213.59 MB
Total Pagefile: 2970.25 MB
Available Pagefile: 2058.89 MB
Total Virtual: 2047.88 MB
Available Virtual: 1927.46 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:29.99 GB) (Free:8.03 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (Spiele) (Fixed) (Total:58.59 GB) (Free:0.38 GB) NTFS
Drive e: (Bilder) (Fixed) (Total:58.59 GB) (Free:42.35 GB) NTFS
Drive j: (Programme) (Fixed) (Total:81.8 GB) (Free:3.16 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: ACE22E9E)
Partition 1: (Not Active) - (Size=3.9 GB) - (Type=17)
Partition 2: (Active) - (Size=30 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=81.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=117.2 GB) - (Type=OF Extended)

==================== End Of Log ============================

--- --- ---

schrauber · 14.11.2014, 18:38

hi,

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

kickstaa · 24.11.2014, 06:51

06:36:49.0484 0x0f10 TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
06:36:51.0640 0x0f10 ============================================================
06:36:51.0640 0x0f10 Current date / time: 2014/11/24 06:36:51.0640
06:36:51.0640 0x0f10 SystemInfo:
06:36:51.0640 0x0f10
06:36:51.0640 0x0f10 OS Version: 5.1.2600 ServicePack: 3.0
06:36:51.0640 0x0f10 Product type: Workstation
06:36:51.0640 0x0f10 ComputerName: CHRISTIAN
06:36:51.0640 0x0f10 UserName: Haking
06:36:51.0640 0x0f10 Windows directory: C:\WINXP
06:36:51.0640 0x0f10 System windows directory: C:\WINXP
06:36:51.0640 0x0f10 Processor architecture: Intel x86
06:36:51.0640 0x0f10 Number of processors: 2
06:36:51.0640 0x0f10 Page size: 0x1000
06:36:51.0640 0x0f10 Boot type: Normal boot
06:36:51.0640 0x0f10 ============================================================
06:36:52.0062 0x0f10 System UUID: {E1C6E20E-A971-7AEA-CA6E-0CCD5C0AF8B5}
06:36:53.0609 0x0f10 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
06:36:53.0765 0x0f10 ============================================================
06:36:53.0765 0x0f10 \Device\Harddisk0\DR0:
06:36:53.0765 0x0f10 MBR partitions:
06:36:53.0765 0x0f10 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x7D047E, BlocksNum 0x3BFB18B
06:36:53.0765 0x0f10 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x43CB609, BlocksNum 0xA398636
06:36:53.0781 0x0f10 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xE763C7E, BlocksNum 0x7530462
06:36:53.0796 0x0f10 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x15C9411F, BlocksNum 0x7530462
06:36:53.0796 0x0f10 ============================================================
06:36:53.0859 0x0f10 D: <-> \Device\Harddisk0\DR0\Partition3
06:36:53.0921 0x0f10 E: <-> \Device\Harddisk0\DR0\Partition4
06:36:53.0953 0x0f10 J: <-> \Device\Harddisk0\DR0\Partition2
06:36:54.0000 0x0f10 C: <-> \Device\Harddisk0\DR0\Partition1
06:36:54.0046 0x0f10 ============================================================
06:36:54.0046 0x0f10 Initialize success
06:36:54.0046 0x0f10 ============================================================
06:36:58.0937 0x05a8 ============================================================
06:36:58.0937 0x05a8 Scan started
06:36:58.0937 0x05a8 Mode: Manual; SigCheck; TDLFS;
06:36:58.0937 0x05a8 ============================================================
06:36:58.0937 0x05a8 KSN ping started
06:37:01.0500 0x05a8 KSN ping finished: true
06:37:04.0687 0x05a8 ================ Scan system memory ========================
06:37:04.0703 0x05a8 System memory - ok
06:37:04.0703 0x05a8 ================ Scan services =============================
06:37:04.0843 0x05a8 [ 4B2C07980CBD463DEE9F5CB0ADCDE862, A0D20F91EE6A13CA255033752B79CD90C89F3E95DB82D96EC6117E6B734775EF ] 71346083 C:\WINXP\system32\drivers\56202367.sys
06:37:04.0859 0x05a8 Abiosdsk - ok
06:37:04.0875 0x05a8 abp480n5 - ok
06:37:04.0906 0x05a8 [ AC407F1A62C3A300B4F2B5A9F1D55B2C, 31F5FC61B37E22100B3A52A590295A7E827FFC581FA9960C64B9032452AAECED ] ACPI C:\WINXP\system32\DRIVERS\ACPI.sys
06:37:05.0640 0x05a8 ACPI - ok
06:37:05.0671 0x05a8 [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC C:\WINXP\system32\drivers\ACPIEC.sys
06:37:05.0828 0x05a8 ACPIEC - ok
06:37:05.0906 0x05a8 [ 2637233632CCD1837A1A57A43CAF00A4, 848026C6C9B38FD9F70BC7B2306BF4F5DD395726D4FDD6A18B29354921191DC5 ] AdobeFlashPlayerUpdateSvc C:\WINXP\system32\Macromed\Flash\FlashPlayerUpdateService.exe
06:37:05.0921 0x05a8 AdobeFlashPlayerUpdateSvc - ok
06:37:05.0937 0x05a8 adpu160m - ok
06:37:05.0968 0x05a8 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINXP\system32\drivers\aec.sys
06:37:06.0125 0x05a8 aec - ok
06:37:06.0171 0x05a8 [ 4D43E74F2A1239D53929B82600F1971C, E1B03036DA856F0E75A87BD3FDDB973D591E8145E881B2D836F2A2E0B9998C5B ] AFD C:\WINXP\System32\drivers\afd.sys
06:37:06.0218 0x05a8 AFD - ok
06:37:06.0234 0x05a8 Aha154x - ok
06:37:06.0234 0x05a8 aic78u2 - ok
06:37:06.0250 0x05a8 aic78xx - ok
06:37:06.0375 0x05a8 [ 92DC46FB76D96879BFEBE0A334645B5B, CBA1798969D0D42ECD4A6437BAE9FDCEF2CCE4405BC61D248FA67380ED115591 ] AIDA32Driver C:\Programme\aida32.sys
06:37:06.0484 0x05a8 AIDA32Driver - detected UnsignedFile.Multi.Generic ( 1 )
06:37:09.0078 0x05a8 Detect skipped due to KSN trusted
06:37:09.0078 0x05a8 AIDA32Driver - ok
06:37:09.0109 0x05a8 [ 738D80CC01D7BC7584BE917B7F544394, DCC17AAEF5CDDF52FAAC3CC6904EF421CD595F66318A2370BEE261D5C3A8E340 ] Alerter C:\WINXP\system32\alrsvc.dll
06:37:09.0312 0x05a8 Alerter - ok
06:37:09.0359 0x05a8 [ 190CD73D4984F94D823F9444980513E5, 93A32C2495CCA094F768BA707C74DA5C00B8A88A9236DD1A297439A7C2E6C6FA ] ALG C:\WINXP\System32\alg.exe
06:37:09.0421 0x05a8 ALG - ok
06:37:09.0421 0x05a8 AliIde - ok
06:37:09.0437 0x05a8 amsint - ok
06:37:09.0531 0x05a8 [ FCFCD84A3F84375CF2EADA10650C3289, A5AC6E167C60451B2EC9561FA83C9DA5ADDF4152E1AD01A38C80D00B3118EE9A ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
06:37:09.0562 0x05a8 AntiVirSchedulerService - ok
06:37:09.0640 0x05a8 [ FCFCD84A3F84375CF2EADA10650C3289, A5AC6E167C60451B2EC9561FA83C9DA5ADDF4152E1AD01A38C80D00B3118EE9A ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
06:37:09.0671 0x05a8 AntiVirService - ok
06:37:09.0765 0x05a8 [ D62CB48F2FA06D7A243928F2D09470D7, 650618F397C2C20C4C00B3BC2A3A1DABBFB20818B365CEDBA7D04353F97FE001 ] AntiVirWebService C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE
06:37:09.0828 0x05a8 AntiVirWebService - ok
06:37:09.0890 0x05a8 [ D45960BE52C3C610D361977057F98C54, 9186589B502F46B47672CFB8EBD558D51B0F3CBFE4E0DDBA625A4265236518CE ] AppMgmt C:\WINXP\System32\appmgmts.dll
06:37:10.0000 0x05a8 AppMgmt - ok
06:37:10.0015 0x05a8 [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394 C:\WINXP\system32\DRIVERS\arp1394.sys
06:37:10.0187 0x05a8 Arp1394 - ok
06:37:10.0187 0x05a8 asc - ok
06:37:10.0187 0x05a8 asc3350p - ok
06:37:10.0203 0x05a8 asc3550 - ok
06:37:10.0296 0x05a8 [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state C:\WINXP\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
06:37:10.0343 0x05a8 aspnet_state - ok
06:37:10.0484 0x05a8 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINXP\system32\DRIVERS\asyncmac.sys
06:37:10.0625 0x05a8 AsyncMac - ok
06:37:10.0656 0x05a8 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINXP\system32\DRIVERS\atapi.sys
06:37:10.0890 0x05a8 atapi - ok
06:37:10.0890 0x05a8 Atdisk - ok
06:37:10.0984 0x05a8 [ 2A27A3A8634FB9E29F539D6D3ED3646A, 08C5E28BB1A3DC856C6B7956F6F47EE0AEFEB82E7E9474848DDFAFD8A627A281 ] Ati HotKey Poller C:\WINXP\system32\Ati2evxx.exe
06:37:11.0218 0x05a8 Ati HotKey Poller - ok
06:37:11.0281 0x05a8 [ 72810C6A63076A480ABCE0E0BA0BC981, 8551F6394A64C1270A573C75BC6EF326300FBC3F8E0BCD6F8BDA58874D65C036 ] ATI Smart C:\WINXP\system32\ati2sgag.exe
06:37:11.0359 0x05a8 ATI Smart - detected UnsignedFile.Multi.Generic ( 1 )
06:37:14.0000 0x05a8 Detect skipped due to KSN trusted
06:37:14.0000 0x05a8 ATI Smart - ok
06:37:14.0390 0x05a8 [ 8763EDE3E0CD40F5C3450571AC57F205, 8564071956609F679C511B87C0328578824A7C1ED08DE22CFC74DF589E6EEEF2 ] ati2mtag C:\WINXP\system32\DRIVERS\ati2mtag.sys
06:37:14.0968 0x05a8 ati2mtag - ok
06:37:15.0015 0x05a8 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINXP\system32\DRIVERS\atmarpc.sys
06:37:15.0343 0x05a8 Atmarpc - ok
06:37:15.0390 0x05a8 [ 58ED0D5452DF7BE732193E7999C6B9A4, 254E2ECF592DDA2E3E6CA9F6F3E77926E2265586A7937BA95199ED47BCDE69A3 ] AudioSrv C:\WINXP\System32\audiosrv.dll
06:37:15.0687 0x05a8 AudioSrv - ok
06:37:15.0765 0x05a8 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINXP\system32\DRIVERS\audstub.sys
06:37:16.0125 0x05a8 audstub - ok
06:37:16.0171 0x05a8 [ F581D2F3E30C1CA7206D660FB7689F98, 53647E017AE58788922F72285DD63E8CD2F9E922B31F7C6711E547BC6B360154 ] avgntflt C:\WINXP\system32\DRIVERS\avgntflt.sys
06:37:17.0125 0x05a8 avgntflt - ok
06:37:17.0218 0x05a8 [ A2EE407D6D3757A2FFD5095DD16AE1F2, BBFCC5DC116D6A3AF85591955541528DB0CB1FE81D353F717BE7CAD3F7F446F4 ] avipbb C:\WINXP\system32\DRIVERS\avipbb.sys
06:37:17.0296 0x05a8 avipbb - ok
06:37:17.0359 0x05a8 [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr C:\WINXP\system32\DRIVERS\avkmgr.sys
06:37:17.0390 0x05a8 avkmgr - ok
06:37:17.0500 0x05a8 [ 9BD46C1D2F33A890B7226EDF543F18AA, 9AD05E61F501D2D89554AA5A6BFF1F272FE6B0DED4E43FC8F621F0AF30C859B1 ] AVM WLAN Connection Service C:\Programme\avmwlanstick\WlanNetService.exe
06:37:17.0703 0x05a8 AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic ( 1 )
06:37:20.0234 0x05a8 Detect skipped due to KSN trusted
06:37:20.0234 0x05a8 AVM WLAN Connection Service - ok
06:37:20.0343 0x05a8 [ 263CF9D248FD5E020A1333ED4F7EAA88, 04F944C2B284172A7917389A83C525FA9A3ACB026F370EB886B48759FE81A5E1 ] avmeject C:\WINXP\system32\drivers\avmeject.sys
06:37:20.0484 0x05a8 avmeject - detected UnsignedFile.Multi.Generic ( 1 )
06:37:23.0125 0x05a8 Detect skipped due to KSN trusted
06:37:23.0125 0x05a8 avmeject - ok
06:37:23.0171 0x05a8 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINXP\system32\drivers\Beep.sys
06:37:23.0546 0x05a8 Beep - ok
06:37:23.0656 0x05a8 [ D6F603772A789BB3228F310D650B8BD1, A539025C70FD998A9B8703DE05CAE5E99BC721D8852EA561EBC2DD20CB371D2E ] BITS C:\WINXP\system32\qmgr.dll
06:37:24.0218 0x05a8 BITS - ok
06:37:24.0250 0x05a8 [ B42057F06BBB98B31876C0B3F2B54E33, 779AF28378E8D37E784BEDBEE23DCFFC6C9C9068180F2A9058C91047E33ED078 ] Browser C:\WINXP\System32\browser.dll
06:37:24.0765 0x05a8 Browser - ok
06:37:25.0125 0x05a8 catchme - ok
06:37:25.0156 0x05a8 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINXP\system32\drivers\cbidf2k.sys
06:37:25.0343 0x05a8 cbidf2k - ok
06:37:25.0359 0x05a8 cd20xrnt - ok
06:37:25.0375 0x05a8 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINXP\system32\drivers\Cdaudio.sys
06:37:25.0609 0x05a8 Cdaudio - ok
06:37:25.0921 0x05a8 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINXP\system32\drivers\Cdfs.sys
06:37:26.0218 0x05a8 Cdfs - ok
06:37:26.0265 0x05a8 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINXP\system32\DRIVERS\cdrom.sys
06:37:26.0546 0x05a8 Cdrom - ok
06:37:26.0562 0x05a8 Changer - ok
06:37:26.0687 0x05a8 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E, ACB458E8A11AA2143734A5A0281973D95158E6402A6453F98F9832D1E19B01F9 ] CiSvc C:\WINXP\system32\cisvc.exe
06:37:27.0140 0x05a8 CiSvc - ok
06:37:27.0218 0x05a8 [ 778A30ED3C134EB7E406AFC407E9997D, 3E6AD115AB2596EB001BC21AEADDBC75F27C42DB90C986B7AD17743CE631234E ] ClipSrv C:\WINXP\system32\clipsrv.exe
06:37:27.0562 0x05a8 ClipSrv - ok
06:37:27.0843 0x05a8 [ 3C4D595E7F9B747325AEF28B4ADCAAE5, 4A283F3E2E659DA996EC16BC8181E9F521BDFDFCF246D0E432D65D2672AC9629 ] clr_optimization_v2.0.50727_32 C:\WINXP\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
06:37:28.0171 0x05a8 clr_optimization_v2.0.50727_32 - ok
06:37:28.0234 0x05a8 clr_optimization_v4.0.30319_32 - ok
06:37:28.0250 0x05a8 CmdIde - ok
06:37:28.0265 0x05a8 COMSysApp - ok
06:37:28.0281 0x05a8 Cpqarray - ok
06:37:28.0328 0x05a8 [ 611F824E5C703A5A899F84C5F1699E4D, 9EFA5612FE58E9974E4CC13D39D91D7B5DEA3ED66BEFBED3AAE6D2800FD8162A ] CryptSvc C:\WINXP\System32\cryptsvc.dll
06:37:28.0625 0x05a8 CryptSvc - ok
06:37:28.0640 0x05a8 dac2w2k - ok
06:37:28.0640 0x05a8 dac960nt - ok
06:37:28.0750 0x05a8 [ E970C2296916BF4A2F958680016FE312, ED7FA2854D12D82A0E58536702C7DCD89E274677B113B6974AED4B276FAA4DF4 ] DcomLaunch C:\WINXP\system32\rpcss.dll
06:37:29.0281 0x05a8 DcomLaunch - ok
06:37:29.0359 0x05a8 [ C29A1C9B75BA38FA37F8C44405DEC360, 7476D8BC4380CDE56764B2034AF3741DA4ED00F315E41C9A02B5EAD04374F241 ] Dhcp C:\WINXP\System32\dhcpcsvc.dll
06:37:29.0812 0x05a8 Dhcp - ok
06:37:29.0875 0x05a8 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINXP\system32\DRIVERS\disk.sys
06:37:30.0453 0x05a8 Disk - ok
06:37:30.0468 0x05a8 dmadmin - ok
06:37:30.0703 0x05a8 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA, 89B0AEE5BE01B9FE4FF2989FF16DB6121721ACDFCE6D9655C0ACD321D8C308BE ] dmboot C:\WINXP\system32\drivers\dmboot.sys
06:37:32.0171 0x05a8 dmboot - ok
06:37:32.0218 0x05a8 [ 53720AB12B48719D00E327DA470A619A, 800264866A6267C9000A85D00095D57908D059D737E5F28C9C4049B884C46228 ] dmio C:\WINXP\system32\drivers\dmio.sys
06:37:33.0187 0x05a8 dmio - ok
06:37:33.0546 0x05a8 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINXP\system32\drivers\dmload.sys
06:37:34.0390 0x05a8 dmload - ok
06:37:34.0421 0x05a8 [ 25C83FFBBA13B554EB6D59A9B2E2EE78, 9FBD655ED3E9163AE11EC207F283E387EFBA5A23108EC790BAE4846B35E66F16 ] dmserver C:\WINXP\System32\dmserver.dll
06:37:35.0203 0x05a8 dmserver - ok
06:37:36.0937 0x05a8 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINXP\system32\drivers\DMusic.sys
06:37:37.0890 0x05a8 DMusic - ok
06:37:37.0953 0x05a8 [ 8C9ED3B2834AAE63081AB2DA831C6FE9, 87D2931A5CD3658A28072BEC3F28384B91CC3B19D072CE9C69F119B80671C163 ] Dnscache C:\WINXP\System32\dnsrslvr.dll
06:37:38.0453 0x05a8 Dnscache - ok
06:37:39.0140 0x05a8 [ 676E36C4FF5BCEA1900F44182B9723E6, 740CF18BD40E00FEA26CF0E6340C5D18F7D0B4390055FAEEC258B3AA790C4AE9 ] Dot3svc C:\WINXP\System32\dot3svc.dll
06:37:39.0515 0x05a8 Dot3svc - ok
06:37:39.0531 0x05a8 dpti2o - ok
06:37:42.0187 0x05a8 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINXP\system32\drivers\drmkaud.sys
06:37:42.0718 0x05a8 drmkaud - ok
06:37:43.0406 0x05a8 [ 4E4F2FDDAB0A0736D7671134DCCE91FB, 8E2C57D1A006856C47CBDD5765A9DD317DB205B26DA8BFC70555A506257A1CD9 ] EapHost C:\WINXP\System32\eapsvc.dll
06:37:44.0812 0x05a8 EapHost - ok
06:37:46.0453 0x05a8 [ 877C18558D70587AA7823A1A308AC96B, 6B336A62112988D855513F45153F73F8470C41A448E9B7438B4A8EC1813AABF1 ] ERSvc C:\WINXP\System32\ersvc.dll
06:37:46.0875 0x05a8 ERSvc - ok
06:37:47.0140 0x05a8 [ 4BB6A83640F1D1792AD21CE767B621C6, 7B88A06D5220DE5C378B8C017354E9C8C89D625251A6EB607059A663E2BACD0A ] Eventlog C:\WINXP\system32\services.exe
06:37:47.0437 0x05a8 Eventlog - ok
06:37:47.0656 0x05a8 [ ADA7241C16F3F42C7F210539FAD5F3AA, 70CF3FD831AD049D7C11AF0636E12FFC76A198BA05FC745CEB9A48516B9FA99E ] EventSystem C:\WINXP\system32\es.dll
06:37:47.0984 0x05a8 EventSystem - ok
06:37:48.0171 0x05a8 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINXP\system32\drivers\Fastfat.sys
06:37:48.0750 0x05a8 Fastfat - ok
06:37:49.0156 0x05a8 [ 40602EBFBE06AA075C8E4560743F6883, 808AF03F31CA4168888D0E3802AE4A0DE7F7324F4CD2F8FE491211895C9C6901 ] FastUserSwitchingCompatibility C:\WINXP\System32\shsvcs.dll
06:37:50.0156 0x05a8 FastUserSwitchingCompatibility - ok
06:37:50.0265 0x05a8 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINXP\system32\DRIVERS\fdc.sys
06:37:50.0468 0x05a8 Fdc - ok
06:37:53.0250 0x05a8 [ B0678A548587C5F1967B0D70BACAD6C1, 7E49910212ED87313F926E4800EA8D34809C287A686CA69B82B79C1A6451F88C ] Fips C:\WINXP\system32\drivers\Fips.sys
06:37:53.0578 0x05a8 Fips - ok
06:37:54.0390 0x05a8 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINXP\system32\DRIVERS\flpydisk.sys
06:37:54.0640 0x05a8 Flpydisk - ok
06:37:55.0218 0x05a8 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINXP\system32\DRIVERS\fltMgr.sys
06:37:55.0593 0x05a8 FltMgr - ok
06:37:58.0500 0x05a8 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINXP\system32\drivers\Fs_Rec.sys
06:37:58.0750 0x05a8 Fs_Rec - ok
06:37:59.0453 0x05a8 [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk C:\WINXP\system32\DRIVERS\ftdisk.sys
06:37:59.0734 0x05a8 Ftdisk - ok
06:38:00.0250 0x05a8 [ FF12FA487265DA2AC7DE4BE53F72FF1A, 9B9F29CC36D0C7681676F708270038D38CEA21AD82F4937DBDAE45F0D667786E ] FWLANUSB C:\WINXP\system32\DRIVERS\fwlanusb.sys
06:38:00.0390 0x05a8 FWLANUSB - ok
06:38:00.0468 0x05a8 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINXP\system32\DRIVERS\msgpc.sys
06:38:00.0703 0x05a8 Gpc - ok
06:38:14.0265 0x05a8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
06:38:14.0296 0x05a8 gupdate - ok
06:38:14.0296 0x05a8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
06:38:14.0312 0x05a8 gupdatem - ok
06:38:14.0359 0x05a8 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINXP\system32\DRIVERS\HDAudBus.sys
06:38:14.0531 0x05a8 HDAudBus - ok
06:38:15.0421 0x05a8 [ CB66BF85BF599BEFD6C6A57C2E20357F, 55D3A0F9279FF316766F42548FCB61C452942B08A37590C4892DF110BE4E53C6 ] helpsvc C:\WINXP\PCHealth\HelpCtr\Binaries\pchsvc.dll
06:38:15.0625 0x05a8 helpsvc - ok
06:38:15.0640 0x05a8 HidServ - ok
06:38:15.0718 0x05a8 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb C:\WINXP\system32\DRIVERS\hidusb.sys
06:38:15.0875 0x05a8 hidusb - ok
06:38:16.0031 0x05a8 [ ED29F14101523A6E0E808107405D452C, B8FA987637787BEECC2EB06D36293DAC355523392B49A8C5A9491EEE961917E9 ] hkmsvc C:\WINXP\System32\kmsvc.dll
06:38:16.0171 0x05a8 hkmsvc - ok
06:38:16.0187 0x05a8 hpn - ok
06:38:16.0859 0x05a8 [ F6AACF5BCE2893E0C1754AFEB672E5C9, 62A7A70515B5570A649DC30A3A122B1302F6839A63927C8B29EBE04ABA654892 ] HTTP C:\WINXP\system32\Drivers\HTTP.sys
06:38:17.0125 0x05a8 HTTP - ok
06:38:17.0156 0x05a8 [ 9E4ADB854CEBCFB81A4B36718FEECD16, 677AB64460775686F8366D6BF35D420A2486C3F07338A00A7C2788A5142B9F08 ] HTTPFilter C:\WINXP\System32\w3ssl.dll
06:38:17.0359 0x05a8 HTTPFilter - ok
06:38:17.0359 0x05a8 i2omgmt - ok
06:38:17.0406 0x05a8 i2omp - ok
06:38:17.0921 0x05a8 [ E283B97CFBEB86C1D86BAED5F7846A92, 7664F791D08C80DF1E52B34BE69F073AA645610C4BD975F498254807602374AB ] i8042prt C:\WINXP\system32\DRIVERS\i8042prt.sys
06:38:18.0265 0x05a8 i8042prt - ok
06:38:22.0812 0x05a8 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINXP\system32\DRIVERS\imapi.sys
06:38:23.0468 0x05a8 Imapi - ok
06:38:25.0593 0x05a8 [ D4B413AA210C21E46AEDD2BA5B68D38E, 2309622867AA8FC832A729FA78F48742D4BD6CA0DAFBFB9DDB0772D671E1ED75 ] ImapiService C:\WINXP\system32\imapi.exe
06:38:26.0250 0x05a8 ImapiService - ok
06:38:26.0281 0x05a8 ini910u - ok
06:38:32.0203 0x05a8 [ 5F2657F8781376892035976CF8122A2D, F226ECE9610A48063EF87161E80D303A928DFAA5B807D0F95C5035BD9442E913 ] IntcAzAudAddService C:\WINXP\system32\drivers\RtkHDAud.sys
06:38:35.0968 0x05a8 IntcAzAudAddService - ok
06:38:36.0187 0x05a8 [ 69C4E3C9E67A1F103B94E14FDD5F3213, 894ABDDBF95E3FFE59A4621AF94AFA7E6F6D780420845078622C76624C0326D2 ] IntelIde C:\WINXP\system32\DRIVERS\intelide.sys
06:38:37.0718 0x05a8 IntelIde - ok
06:38:37.0765 0x05a8 [ 4C7D2750158ED6E7AD642D97BFFAE351, C05E4799752F090DCB632F07F62ADE38D31534621064D269AD535CA0BDFED448 ] intelppm C:\WINXP\system32\DRIVERS\intelppm.sys
06:38:38.0203 0x05a8 intelppm - ok
06:38:38.0234 0x05a8 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINXP\system32\DRIVERS\Ip6Fw.sys
06:38:39.0078 0x05a8 Ip6Fw - ok
06:38:39.0281 0x05a8 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINXP\system32\DRIVERS\ipfltdrv.sys
06:38:40.0390 0x05a8 IpFilterDriver - ok
06:38:40.0453 0x05a8 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINXP\system32\DRIVERS\ipinip.sys
06:38:41.0640 0x05a8 IpInIp - ok
06:38:41.0703 0x05a8 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINXP\system32\DRIVERS\ipnat.sys
06:38:42.0343 0x05a8 IpNat - ok
06:38:42.0421 0x05a8 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINXP\system32\DRIVERS\ipsec.sys
06:38:42.0968 0x05a8 IPSec - ok
06:38:43.0031 0x05a8 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINXP\system32\DRIVERS\irenum.sys
06:38:43.0375 0x05a8 IRENUM - ok
06:38:43.0890 0x05a8 [ 6DFB88F64135C525433E87648BDA30DE, 8233EEFBEF36AAA152F2C55D23D7118F0DE40C9C22EB5D9793405A4770889540 ] isapnp C:\WINXP\system32\DRIVERS\isapnp.sys
06:38:44.0734 0x05a8 isapnp - ok
06:38:45.0078 0x05a8 [ DBDB1A25291B2D18C614F5CA963156A8, C8EA730A6A5BCBE7952AAA22F212C244014F206D2F4A274E29384C09F1F10A66 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
06:38:45.0328 0x05a8 JavaQuickStarterService - ok
06:38:45.0421 0x05a8 [ 1704D8C4C8807B889E43C649B478A452, E854C90CD301F42BE2520CEDAD35E49DF2D43606CF4EEED861B74882118D04D1 ] Kbdclass C:\WINXP\system32\DRIVERS\kbdclass.sys
06:38:46.0500 0x05a8 Kbdclass - ok
06:38:46.0578 0x05a8 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINXP\system32\drivers\kmixer.sys
06:38:47.0343 0x05a8 kmixer - ok
06:38:47.0390 0x05a8 [ 1705745D900DABF2D89F90EBADDC7517, FE90589415BDB3BA482D3EBE1A87A7BF1429791E8F18BCB66BF8874631CC8B2C ] KSecDD C:\WINXP\system32\drivers\KSecDD.sys
06:38:47.0718 0x05a8 KSecDD - ok
06:38:48.0125 0x05a8 [ D6EB4916B203CBE525F8EFF5FD5AB16C, 93C0F25E7D018B85FE8725EF39F25AED80698D39356FA8FC9CA534F68C430EE8 ] LanmanServer C:\WINXP\System32\srvsvc.dll
06:38:49.0234 0x05a8 LanmanServer - ok
06:38:49.0281 0x05a8 [ C0DB1E9367681ECD7ECCA9615C1D0F9B, 0CB18C35032E39163645C1761A9488639D2EF0643D856FDAA013BFF8A69DC744 ] lanmanworkstation C:\WINXP\System32\wkssvc.dll
06:38:50.0468 0x05a8 lanmanworkstation - ok
06:38:50.0468 0x05a8 lbrtfdc - ok
06:38:51.0875 0x05a8 [ 935E2093CEED8198C820B7F60BB63167, 7C8A7A0501BA31624143C576B0D8C6C74AF7869A9734E4AB142715B766F2B59D ] LiveUpdateSvc C:\Programme\IObit\LiveUpdate\LiveUpdate.exe
06:38:53.0312 0x05a8 LiveUpdateSvc - ok
06:38:53.0750 0x05a8 [ 636714B7D43C8D0C80449123FD266920, F06F6C7DC49B26EFCAC3570C67BA9BD934F62C6F382DA4DD2AB302C7B970F414 ] LmHosts C:\WINXP\System32\lmhsvc.dll
06:38:53.0968 0x05a8 LmHosts - ok
06:38:54.0125 0x05a8 [ 661B911FA04E73FB073FF9B1C9BD2E05, C5FD4F528A59141418DA279291E88E51D406D01FAD36435569D97E95FBA66164 ] MBAMSwissArmy C:\WINXP\system32\drivers\MBAMSwissArmy.sys
06:38:54.0156 0x05a8 MBAMSwissArmy - ok
06:38:54.0171 0x05a8 [ B7550A7107281D170CE85524B1488C98, A3854B16A65436BEF6BEDE918B43B3BE8F00D303660DB5831DD376271DC43239 ] Messenger C:\WINXP\System32\msgsvc.dll
06:38:54.0390 0x05a8 Messenger - ok
06:38:54.0437 0x05a8 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINXP\system32\drivers\mnmdd.sys
06:38:54.0734 0x05a8 mnmdd - ok
06:38:54.0765 0x05a8 [ C2F1D365FD96791B037EE504868065D3, 87BD87E08FD00D115524B049F1A3A719AB86557D68968E7090CD0F271F985CAF ] mnmsrvc C:\WINXP\system32\mnmsrvc.exe
06:38:55.0203 0x05a8 mnmsrvc - ok
06:38:55.0265 0x05a8 [ 6FB74EBD4EC57A6F1781DE3852CC3362, 0454509D9A31E0202C08AE17294E2682F227D177A3C73B303E4C8332757AFCA1 ] Modem C:\WINXP\system32\drivers\Modem.sys
06:38:55.0671 0x05a8 Modem - ok
06:38:55.0687 0x05a8 [ B24CE8005DEAB254C0251E15CB71D802, 6804A8ABDAD5EC846E7F8077D1EE9BA45D6226ACFF42C70BE3DE7C8980EF9EC4 ] Mouclass C:\WINXP\system32\DRIVERS\mouclass.sys
06:38:55.0890 0x05a8 Mouclass - ok
06:38:55.0937 0x05a8 [ 66A6F73C74E1791464160A7065CE711A, 3C570FA1E8EF976B83759220FE95BAC9D7D48D607F91B113EDE4790D34ACBD46 ] mouhid C:\WINXP\system32\DRIVERS\mouhid.sys
06:38:56.0125 0x05a8 mouhid - ok
06:38:56.0203 0x05a8 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINXP\system32\drivers\MountMgr.sys
06:38:56.0515 0x05a8 MountMgr - ok
06:38:56.0562 0x05a8 [ DEA022193DF8C88F6E2B3E33D148A5DB, 97DFC47DB83E04A975A1969AA120385463FCAF4E1A9984FD3220442D7026B45A ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
06:38:56.0609 0x05a8 MozillaMaintenance - ok
06:38:56.0625 0x05a8 mraid35x - ok
06:38:56.0656 0x05a8 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINXP\system32\DRIVERS\mrxdav.sys
06:38:56.0875 0x05a8 MRxDAV - ok
06:38:57.0000 0x05a8 [ 7170AB42B51954DEF2781A4D1CCE65F4, 6E85E082E80A6343F5D4A559EFC9DAEFA0D1AAA811262C3AFEDD18416B6DCB96 ] MRxSmb C:\WINXP\system32\DRIVERS\mrxsmb.sys
06:38:57.0500 0x05a8 MRxSmb - ok
06:38:57.0546 0x05a8 [ 35A031AF38C55F92D28AA03EE9F12CC9, 97245D204C886EE8DCCC2DEAC80A0E358A7E0C1982F77389DA50DCF091FC9DDC ] MSDTC C:\WINXP\system32\msdtc.exe
06:38:57.0781 0x05a8 MSDTC - ok
06:38:57.0812 0x05a8 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINXP\system32\drivers\Msfs.sys
06:38:58.0093 0x05a8 Msfs - ok
06:38:58.0109 0x05a8 MSIServer - ok
06:38:58.0140 0x05a8 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINXP\system32\drivers\MSKSSRV.sys
06:38:58.0343 0x05a8 MSKSSRV - ok
06:38:58.0359 0x05a8 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINXP\system32\drivers\MSPCLOCK.sys
06:38:58.0750 0x05a8 MSPCLOCK - ok
06:38:58.0765 0x05a8 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINXP\system32\drivers\MSPQM.sys
06:38:59.0015 0x05a8 MSPQM - ok
06:38:59.0046 0x05a8 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINXP\system32\DRIVERS\mssmbios.sys
06:38:59.0296 0x05a8 mssmbios - ok
06:38:59.0343 0x05a8 [ 2F625D11385B1A94360BFC70AAEFDEE1, 23E4974120233CF1A7BEE48977706A0A55418699379D1450502ABEB24191AC80 ] Mup C:\WINXP\system32\drivers\Mup.sys
06:38:59.0546 0x05a8 Mup - ok
06:38:59.0671 0x05a8 [ 46BB15AE2AC7D025D6D2567B876817BD, 102A101B96D1078C98FA0F871C801A9A8538E20E5686AB0C7680B2F6C92B3165 ] napagent C:\WINXP\System32\qagentrt.dll
06:38:59.0937 0x05a8 napagent - ok
06:38:59.0968 0x05a8 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINXP\system32\drivers\NDIS.sys
06:39:00.0203 0x05a8 NDIS - ok
06:39:00.0218 0x05a8 [ 1AB3D00C991AB086E69DB84B6C0ED78F, 1F881FCCF5557C44C078D99CA2DD38D635413D6212DBEDC06A428EDAC7F8B04E ] NdisTapi C:\WINXP\system32\DRIVERS\ndistapi.sys
06:39:00.0453 0x05a8 NdisTapi - ok
06:39:00.0500 0x05a8 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINXP\system32\DRIVERS\ndisuio.sys
06:39:00.0765 0x05a8 Ndisuio - ok
06:39:00.0781 0x05a8 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINXP\system32\DRIVERS\ndiswan.sys
06:39:01.0078 0x05a8 NdisWan - ok
06:39:01.0093 0x05a8 [ 6215023940CFD3702B46ABC304E1D45A, C767F3A349B365F6E7566C0738E2F62D8FFF8CB4457347E3614BD403BC6CADCB ] NDProxy C:\WINXP\system32\drivers\NDProxy.sys
06:39:01.0406 0x05a8 NDProxy - ok
06:39:01.0437 0x05a8 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINXP\system32\DRIVERS\netbios.sys
06:39:01.0656 0x05a8 NetBIOS - ok
06:39:01.0687 0x05a8 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINXP\system32\DRIVERS\netbt.sys
06:39:01.0921 0x05a8 NetBT - ok
06:39:02.0015 0x05a8 [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDE C:\WINXP\system32\netdde.exe
06:39:02.0421 0x05a8 NetDDE - ok
06:39:02.0453 0x05a8 [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDEdsdm C:\WINXP\system32\netdde.exe
06:39:02.0765 0x05a8 NetDDEdsdm - ok
06:39:02.0828 0x05a8 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] Netlogon C:\WINXP\system32\lsass.exe
06:39:03.0171 0x05a8 Netlogon - ok
06:39:03.0265 0x05a8 [ E6D88F1F6745BF00B57E7855A2AB696C, 12A5EDD853600FF5EBF91E127077745AE1E61E66DBC1D4D4306570F171AF4A39 ] Netman C:\WINXP\System32\netman.dll
06:39:03.0609 0x05a8 Netman - ok
06:39:03.0734 0x05a8 NetTcpPortSharing - ok
06:39:03.0781 0x05a8 [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394 C:\WINXP\system32\DRIVERS\nic1394.sys
06:39:04.0062 0x05a8 NIC1394 - ok
06:39:04.0093 0x05a8 [ ACD8BD448A74F344D46FCAF21BAB92AF, F97A7E70E5F87ABF8706092014AEDF8232622857B747C535B8F7DB257D6489A0 ] Nla C:\WINXP\System32\mswsock.dll
06:39:04.0171 0x05a8 Nla - ok
06:39:04.0187 0x05a8 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINXP\system32\drivers\Npfs.sys
06:39:04.0453 0x05a8 Npfs - ok
06:39:04.0500 0x05a8 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINXP\system32\drivers\Ntfs.sys
06:39:04.0890 0x05a8 Ntfs - ok
06:39:04.0921 0x05a8 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] NtLmSsp C:\WINXP\system32\lsass.exe
06:39:05.0234 0x05a8 NtLmSsp - ok
06:39:05.0328 0x05a8 [ 56AF4064996FA5BAC9C449B1514B4770, 154602EFEC22728503D4ABA025DF711B0F2CFC983F5E3BF25F2A4BCD1AE250EC ] NtmsSvc C:\WINXP\system32\ntmssvc.dll
06:39:05.0906 0x05a8 NtmsSvc - ok
06:39:05.0968 0x05a8 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINXP\system32\drivers\Null.sys
06:39:06.0265 0x05a8 Null - ok
06:39:06.0328 0x05a8 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINXP\system32\DRIVERS\nwlnkflt.sys
06:39:06.0734 0x05a8 NwlnkFlt - ok
06:39:06.0781 0x05a8 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINXP\system32\DRIVERS\nwlnkfwd.sys
06:39:07.0031 0x05a8 NwlnkFwd - ok
06:39:07.0046 0x05a8 [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394 C:\WINXP\system32\DRIVERS\ohci1394.sys
06:39:07.0312 0x05a8 ohci1394 - ok
06:39:07.0343 0x05a8 [ F84785660305B9B903FB3BCA8BA29837, BDBDE61076800415D98759077E9E039C80B55DBE68E31F8BF44A909C6C3D3276 ] Parport C:\WINXP\system32\DRIVERS\parport.sys
06:39:07.0578 0x05a8 Parport - ok
06:39:07.0593 0x05a8 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINXP\system32\drivers\PartMgr.sys
06:39:07.0875 0x05a8 PartMgr - ok
06:39:07.0890 0x05a8 [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm C:\WINXP\system32\drivers\ParVdm.sys
06:39:08.0109 0x05a8 ParVdm - ok
06:39:08.0125 0x05a8 [ 387E8DEDC343AA2D1EFBC30580273ACD, 5F3E642BDB759777E570ED5B22AC7E93CDCD362708F281657AD7BAB44EDEC802 ] PCI C:\WINXP\system32\DRIVERS\pci.sys
06:39:08.0406 0x05a8 PCI - ok
06:39:08.0421 0x05a8 PCIDump - ok
06:39:08.0453 0x05a8 [ 59BA86D9A61CBCF4DF8E598C331F5B82, 822D11C5CE77BFD7B2F25350CCBF92B0B9388EEA6D86ED220B768C720976D839 ] PCIIde C:\WINXP\system32\drivers\PCIIde.sys
06:39:08.0765 0x05a8 PCIIde - ok
06:39:08.0812 0x05a8 [ A2A966B77D61847D61A3051DF87C8C97, 6CED7CA26DC62B0AAFC83A2E07336DAD25954491201BB8E06103971F3F0B8B51 ] Pcmcia C:\WINXP\system32\drivers\Pcmcia.sys
06:39:09.0171 0x05a8 Pcmcia - ok
06:39:09.0218 0x05a8 PDCOMP - ok
06:39:09.0218 0x05a8 PDFRAME - ok
06:39:09.0234 0x05a8 PDRELI - ok
06:39:09.0265 0x05a8 PDRFRAME - ok
06:39:09.0265 0x05a8 perc2 - ok
06:39:09.0281 0x05a8 perc2hib - ok
06:39:09.0343 0x05a8 [ 4BB6A83640F1D1792AD21CE767B621C6, 7B88A06D5220DE5C378B8C017354E9C8C89D625251A6EB607059A663E2BACD0A ] PlugPlay C:\WINXP\system32\services.exe
06:39:09.0593 0x05a8 PlugPlay - ok
06:39:09.0609 0x05a8 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] PolicyAgent C:\WINXP\system32\lsass.exe
06:39:09.0843 0x05a8 PolicyAgent - ok
06:39:09.0875 0x05a8 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINXP\system32\DRIVERS\raspptp.sys
06:39:10.0078 0x05a8 PptpMiniport - ok
06:39:10.0093 0x05a8 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] ProtectedStorage C:\WINXP\system32\lsass.exe
06:39:10.0453 0x05a8 ProtectedStorage - ok
06:39:10.0468 0x05a8 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINXP\system32\DRIVERS\psched.sys
06:39:10.0812 0x05a8 PSched - ok
06:39:10.0843 0x05a8 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINXP\system32\DRIVERS\ptilink.sys
06:39:11.0062 0x05a8 Ptilink - ok
06:39:11.0062 0x05a8 ql1080 - ok
06:39:11.0078 0x05a8 Ql10wnt - ok
06:39:11.0093 0x05a8 ql12160 - ok
06:39:11.0093 0x05a8 ql1240 - ok
06:39:11.0109 0x05a8 ql1280 - ok
06:39:11.0125 0x05a8 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINXP\system32\DRIVERS\rasacd.sys
06:39:11.0390 0x05a8 RasAcd - ok
06:39:11.0437 0x05a8 [ F5BA6CACCDB66C8F048E867563203246, AFEAD8FC02313F7EBC8F9F39E7ED2868852B480BE3902FA7BD0AFD81492AB243 ] RasAuto C:\WINXP\System32\rasauto.dll
06:39:11.0750 0x05a8 RasAuto - ok
06:39:11.0765 0x05a8 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINXP\system32\DRIVERS\rasl2tp.sys
06:39:12.0015 0x05a8 Rasl2tp - ok
06:39:12.0046 0x05a8 [ F9A7B66EA345726EDB5862A46B1ECCD5, 5D35429D394D36A1692A7E219BA1A85CD8096FEAE0F90BFE036A63118FEDBF57 ] RasMan C:\WINXP\System32\rasmans.dll
06:39:12.0281 0x05a8 RasMan - ok
06:39:12.0296 0x05a8 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINXP\system32\DRIVERS\raspppoe.sys
06:39:12.0687 0x05a8 RasPppoe - ok
06:39:12.0734 0x05a8 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINXP\system32\DRIVERS\raspti.sys
06:39:13.0218 0x05a8 Raspti - ok
06:39:13.0703 0x05a8 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINXP\system32\DRIVERS\rdbss.sys
06:39:13.0937 0x05a8 Rdbss - ok
06:39:13.0984 0x05a8 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINXP\system32\DRIVERS\RDPCDD.sys
06:39:14.0140 0x05a8 RDPCDD - ok
06:39:14.0359 0x05a8 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINXP\system32\DRIVERS\rdpdr.sys
06:39:14.0562 0x05a8 rdpdr - ok
06:39:14.0750 0x05a8 [ 6728E45B66F93C08F11DE2E316FC70DD, EA63ECD4F84CAE08BD2BF843C48AF505B1B9D7B61349A63536C9C6FEBEF23452 ] RDPWD C:\WINXP\system32\drivers\RDPWD.sys
06:39:15.0031 0x05a8 RDPWD - ok
06:39:15.0093 0x05a8 [ 263AF18AF0F3DB99F574C95F284CCEC9, 2BFA9952E97EFEB386FC56EC2C125080CD12DAC078DBE43C395CB4D9F22165D3 ] RDSessMgr C:\WINXP\system32\sessmgr.exe
06:39:15.0312 0x05a8 RDSessMgr - ok
06:39:15.0359 0x05a8 [ ED761D453856F795A7FE056E42C36365, EF026585B33415D8FCE94A9F27D7A4396C7C35C88E06A4CF0FEA702401E8597A ] redbook C:\WINXP\system32\DRIVERS\redbook.sys
06:39:15.0593 0x05a8 redbook - ok
06:39:15.0640 0x05a8 [ 0E97EC96D6942CEEC2D188CC2EB69A01, D4253B4420BEF19451A55AB91E4834482181A31A31134F6E2AFE05C8E20C81A5 ] RemoteAccess C:\WINXP\System32\mprdim.dll
06:39:15.0875 0x05a8 RemoteAccess - ok
06:39:16.0046 0x05a8 [ E4CD1F3D84E1C2CA0B8CF7501E201593, 649CC0B04F94D407EB6B4C7FDE2C6E4D2B1531307BC67C5775E44D66EF2E4F8A ] RemoteRegistry C:\WINXP\system32\regsvc.dll
06:39:16.0312 0x05a8 RemoteRegistry - ok
06:39:16.0343 0x05a8 [ 2A02E21867497DF20B8FC95631395169, D89E2D17ED4E1C727847C0E92D2DF68AEB70BF0B956BD2FE024ED70A961759D2 ] RpcLocator C:\WINXP\system32\locator.exe
06:39:16.0546 0x05a8 RpcLocator - ok
06:39:16.0593 0x05a8 [ E970C2296916BF4A2F958680016FE312, ED7FA2854D12D82A0E58536702C7DCD89E274677B113B6974AED4B276FAA4DF4 ] RpcSs C:\WINXP\System32\rpcss.dll
06:39:16.0812 0x05a8 RpcSs - ok
06:39:17.0015 0x05a8 [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP C:\WINXP\system32\rsvp.exe
06:39:17.0234 0x05a8 RSVP - ok
06:39:17.0437 0x05a8 [ D507C1400284176573224903819FFDA3, DD0BDB2AB39A8A0A300B6D60FB6A7F5BA08C4DB8F59E0A784FB763EA8AD72AB2 ] rtl8139 C:\WINXP\system32\DRIVERS\RTL8139.SYS
06:39:17.0609 0x05a8 rtl8139 - ok
06:39:17.0640 0x05a8 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] SamSs C:\WINXP\system32\lsass.exe
06:39:17.0781 0x05a8 SamSs - ok
06:39:17.0796 0x05a8 SANDRA - ok
06:39:17.0843 0x05a8 [ DCEC079FAD95D36C8DD5CB6D779DFE32, F8546552D939A225853A0CE4913701A93738DF02C999D16E141E9A828814BBC6 ] SCardSvr C:\WINXP\System32\SCardSvr.exe
06:39:18.0062 0x05a8 SCardSvr - ok
06:39:18.0140 0x05a8 [ A050194A44D7FA8D7186ED2F4E8367AE, BCDF56D5A2F9E202DC67E7FE4BCC617BCC0BDFF2D221A621020068B17B2855BB ] Schedule C:\WINXP\system32\schedsvc.dll
06:39:18.0453 0x05a8 Schedule - ok
06:39:18.0500 0x05a8 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINXP\system32\DRIVERS\secdrv.sys
06:39:18.0750 0x05a8 Secdrv - ok
06:39:18.0796 0x05a8 [ BEE4CFD1D48C23B44CF4B974B0B79B2B, DF3B02D713F8A4602BE75F004074D5DF79AFF2D58FF37110B2A6AC29F680758B ] seclogon C:\WINXP\System32\seclogon.dll
06:39:19.0046 0x05a8 seclogon - ok
06:39:19.0093 0x05a8 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3, 95D83F054A6610328D56E56CD948A6618C590231853E56FC20E7557DB61384A4 ] SENS C:\WINXP\system32\sens.dll
06:39:19.0312 0x05a8 SENS - ok
06:39:19.0343 0x05a8 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINXP\system32\DRIVERS\serenum.sys
06:39:19.0546 0x05a8 serenum - ok
06:39:19.0562 0x05a8 [ CF24EB4F0412C82BCD1F4F35A025E31D, B74CB094126F5C23F601C34D53B2DF5BE3E5918230AC9DCFCFFA8E66B3A0FA25 ] Serial C:\WINXP\system32\DRIVERS\serial.sys
06:39:19.0781 0x05a8 Serial - ok
06:39:19.0828 0x05a8 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINXP\system32\drivers\Sfloppy.sys
06:39:20.0046 0x05a8 Sfloppy - ok
06:39:20.0093 0x05a8 [ CAD058D5F8B889A87CA3EB3CF624DCEF, A7CDCF44261D1F4D820927253EA8EBB63714B7BAFF8B08DE073507D9A7EEA5BB ] SharedAccess C:\WINXP\System32\ipnathlp.dll
06:39:20.0453 0x05a8 SharedAccess - ok
06:39:20.0500 0x05a8 [ 40602EBFBE06AA075C8E4560743F6883, 808AF03F31CA4168888D0E3802AE4A0DE7F7324F4CD2F8FE491211895C9C6901 ] ShellHWDetection C:\WINXP\System32\shsvcs.dll
06:39:20.0781 0x05a8 ShellHWDetection - ok
06:39:20.0796 0x05a8 Simbad - ok
06:39:20.0843 0x05a8 [ 4723512C035A3A880DB4657705466240, 1FD6712B43C12FC4EF2E1D52EE87885C9AFBD66EF9CB306B69D39D23AA2C736C ] SLEE_16_DRIVER C:\WINXP\system32\drivers\Sleen16.sys
06:39:20.0953 0x05a8 SLEE_16_DRIVER - ok
06:39:20.0984 0x05a8 Sparrow - ok
06:39:21.0046 0x05a8 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINXP\system32\drivers\splitter.sys
06:39:21.0281 0x05a8 splitter - ok
06:39:21.0343 0x05a8 [ 39356A9CDB6753A6D13A4072A9F5A4BB, 7E41478460B0FFE7606F245B74AD60244816F4523FD4355C26BADF724BCE6575 ] Spooler C:\WINXP\system32\spoolsv.exe
06:39:21.0500 0x05a8 Spooler - ok
06:39:21.0734 0x05a8 [ CDDDEC541BC3C96F91ECB48759673505, B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB ] sptd C:\WINXP\system32\Drivers\sptd.sys
06:39:21.0734 0x05a8 Suspicious file ( NoAccess ): C:\WINXP\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505, sha256: B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB
06:39:21.0750 0x05a8 sptd - detected LockedFile.Multi.Generic ( 1 )
06:39:24.0234 0x05a8 Detect skipped due to KSN trusted
06:39:24.0234 0x05a8 sptd - ok
06:39:24.0265 0x05a8 [ 50FA898F8C032796D3B1B9951BB5A90F, 1C86273EC19EB96D6DB9CE6670C00683B77C99C42CC2F7E75BC50872B93446B1 ] sr C:\WINXP\system32\DRIVERS\sr.sys
06:39:24.0437 0x05a8 sr - ok
06:39:24.0453 0x05a8 [ FE77A85495065F3AD59C5C65B6C54182, EB4BAF992F961B2FD5D24BFCB6BCB2142BC32933139A818835FEAB190E4283BB ] srservice C:\WINXP\system32\srsvc.dll
06:39:24.0687 0x05a8 srservice - ok
06:39:24.0765 0x05a8 [ AE4D13B572399B206B43D65DA4D9983D, B3085FB57F4534E00990F24213F9E44EED73D3DC01AAC985D34F626F2F6927A5 ] Srv C:\WINXP\system32\DRIVERS\srv.sys
06:39:24.0859 0x05a8 Srv - ok
06:39:24.0906 0x05a8 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500, 2971D7D45D6942D310D47DBD19B9680D2D29527E79B86133C72217FD29259465 ] SSDPSRV C:\WINXP\System32\ssdpsrv.dll
06:39:25.0015 0x05a8 SSDPSRV - ok
06:39:25.0046 0x05a8 StarOpen - ok
06:39:25.0125 0x05a8 [ BC2C5985611C5356B24AEB370953DED9, 15CBAB8166827DC098E2B16AB6F49A1441A4CB52AF3588F0AD964CAB596DFE10 ] stisvc C:\WINXP\system32\wiaservc.dll
06:39:25.0390 0x05a8 stisvc - ok
06:39:25.0421 0x05a8 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINXP\system32\DRIVERS\swenum.sys
06:39:25.0640 0x05a8 swenum - ok
06:39:25.0687 0x05a8 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINXP\system32\drivers\swmidi.sys
06:39:25.0937 0x05a8 swmidi - ok
06:39:25.0968 0x05a8 SwPrv - ok
06:39:25.0968 0x05a8 symc810 - ok
06:39:25.0984 0x05a8 symc8xx - ok
06:39:26.0000 0x05a8 sym_hi - ok
06:39:26.0000 0x05a8 sym_u3 - ok
06:39:26.0031 0x05a8 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINXP\system32\drivers\sysaudio.sys
06:39:26.0250 0x05a8 sysaudio - ok
06:39:26.0296 0x05a8 [ 2903FFFA2523926D6219428040DCE6B9, 4F13181931B0499F6C3F08138054DBCD1F84CB9806999A9172B80DE79D446F62 ] SysmonLog C:\WINXP\system32\smlogsvc.exe
06:39:26.0546 0x05a8 SysmonLog - ok
06:39:26.0593 0x05a8 [ 05903CAC4B98908D55EA5774775B382E, AC3666CBD894D737874A5998DC7F46A0A51A7B23B1835FC735B9AD503A2191CC ] TapiSrv C:\WINXP\System32\tapisrv.dll
06:39:27.0000 0x05a8 TapiSrv - ok
06:39:27.0062 0x05a8 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINXP\system32\DRIVERS\tcpip.sys
06:39:27.0187 0x05a8 Tcpip - ok
06:39:27.0203 0x05a8 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINXP\system32\drivers\TDPIPE.sys
06:39:27.0437 0x05a8 TDPIPE - ok
06:39:27.0453 0x05a8 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINXP\system32\drivers\TDTCP.sys
06:39:27.0656 0x05a8 TDTCP - ok
06:39:27.0671 0x05a8 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINXP\system32\DRIVERS\termdd.sys
06:39:27.0890 0x05a8 TermDD - ok
06:39:27.0937 0x05a8 [ B7DE02C863D8F5A005A7BF375375A6A4, 6DE05A7B28CA5A78D58536347FC47F15883EEDBEF487CEA0117CC280FC582DCC ] TermService C:\WINXP\System32\termsrv.dll
06:39:28.0171 0x05a8 TermService - ok
06:39:28.0203 0x05a8 [ 40602EBFBE06AA075C8E4560743F6883, 808AF03F31CA4168888D0E3802AE4A0DE7F7324F4CD2F8FE491211895C9C6901 ] Themes C:\WINXP\System32\shsvcs.dll
06:39:28.0453 0x05a8 Themes - ok
06:39:28.0468 0x05a8 [ 03681A1CE77F51586903869A5AB1DEAB, E2EC0A481412166B654682C2F3D953E96E757466135CBD2D813B967EDB13C721 ] TlntSvr C:\WINXP\system32\tlntsvr.exe
06:39:28.0656 0x05a8 TlntSvr - ok
06:39:28.0671 0x05a8 TosIde - ok
06:39:28.0734 0x05a8 [ 626504572B175867F30F3215C04B3E2F, 47E87CE9BC666D5CB5953C5D497DC00A7CC28F8EC0A064B3E47700279C5C4B91 ] TrkWks C:\WINXP\system32\trkwks.dll
06:39:29.0000 0x05a8 TrkWks - ok
06:39:29.0078 0x05a8 [ ED5E4CE36C54F55E7698642E94D32EC7, 07BD324083D1784F8F716C528D530003369E6D87EFC7B79BCAA1767F80DA4FDC ] truecrypt C:\WINXP\system32\drivers\truecrypt.sys
06:39:29.0171 0x05a8 truecrypt - ok
06:39:29.0234 0x05a8 [ EB65C63590BE344E36C06D66338FE9E0, 4EAF1F667D8447916018CAF1445F4857C009584E9C6A2931D0C509F0A0A13239 ] TuneUp.Defrag C:\WINXP\System32\TuneUpDefragService.exe
06:39:29.0328 0x05a8 TuneUp.Defrag - ok
06:39:29.0421 0x05a8 [ 35B8C5D1958700A4E70C9B94AAE8CFAF, 9EBE700CD5CAD6F2E2B556C3BBB6A5706F8DC163A5D4BDFF733371F2F07D43AC ] TuneUp.ProgramStatisticsSvc C:\WINXP\System32\TUProgSt.exe
06:39:29.0593 0x05a8 TuneUp.ProgramStatisticsSvc - ok
06:39:29.0640 0x05a8 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINXP\system32\drivers\Udfs.sys
06:39:29.0828 0x05a8 Udfs - ok
06:39:29.0843 0x05a8 ultra - ok
06:39:29.0890 0x05a8 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINXP\system32\DRIVERS\update.sys
06:39:30.0140 0x05a8 Update - ok
06:39:30.0187 0x05a8 [ 1DFD8975D8C89214B98D9387C1125B49, 0B6B268487C8E45E9B86BF4A0A9DB669E0E45D600DE3C82B63F9986CA9E01082 ] upnphost C:\WINXP\System32\upnphost.dll
06:39:30.0343 0x05a8 upnphost - ok
06:39:30.0359 0x05a8 [ 9B11E6118958E63E1FEF129466E2BDA7, 97168BCE3F4A9BB9E6500F05E34851FB957B219C598944FADC28AC0011C0503B ] UPS C:\WINXP\System32\ups.exe
06:39:30.0578 0x05a8 UPS - ok
06:39:30.0593 0x05a8 [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci C:\WINXP\system32\DRIVERS\usbehci.sys
06:39:30.0781 0x05a8 usbehci - ok
06:39:30.0828 0x05a8 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINXP\system32\DRIVERS\usbhub.sys
06:39:31.0046 0x05a8 usbhub - ok
06:39:31.0109 0x05a8 [ A0B8CF9DEB1184FBDD20784A58FA75D4, D8AFD45BD9CF7B02F2554AA6085194DE82893AF794EDF479BC9B9E9C1758DC75 ] usbscan C:\WINXP\system32\DRIVERS\usbscan.sys
06:39:31.0328 0x05a8 usbscan - ok
06:39:31.0359 0x05a8 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] usbstor C:\WINXP\system32\DRIVERS\USBSTOR.SYS
06:39:31.0593 0x05a8 usbstor - ok
06:39:31.0640 0x05a8 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINXP\system32\DRIVERS\usbuhci.sys
06:39:31.0859 0x05a8 usbuhci - ok
06:39:31.0906 0x05a8 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINXP\System32\drivers\vga.sys
06:39:32.0078 0x05a8 VgaSave - ok
06:39:32.0078 0x05a8 ViaIde - ok
06:39:32.0109 0x05a8 [ A5A712F4E880874A477AF790B5186E1D, FE885ED04C3EAFC379787F836738A2769E43D07CF52DD917D90C38E001957A5E ] VolSnap C:\WINXP\system32\drivers\VolSnap.sys
06:39:32.0296 0x05a8 VolSnap - ok
06:39:32.0328 0x05a8 [ 68F106273BE29E7B7EF8266977268E78, 1488AB7A654EBC94C73E1D494067189ACB95BC233980110CAC4C0297CDC4115A ] VSS C:\WINXP\System32\vssvc.exe
06:39:32.0453 0x05a8 VSS - ok
06:39:32.0500 0x05a8 [ 7B353059E665F8B7AD2BBEAEF597CF45, 84A4311F18A4B8DCB364741DEA7D18E2363F19564B2EF25214965DC729527068 ] W32Time C:\WINXP\system32\w32time.dll
06:39:32.0703 0x05a8 W32Time - ok
06:39:32.0734 0x05a8 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINXP\system32\DRIVERS\wanarp.sys
06:39:32.0968 0x05a8 Wanarp - ok
06:39:32.0984 0x05a8 WDICA - ok
06:39:33.0015 0x05a8 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINXP\system32\drivers\wdmaud.sys
06:39:33.0234 0x05a8 wdmaud - ok
06:39:33.0281 0x05a8 [ 81727C9873E3905A2FFC1EBD07265002, 6AC2383A1DCBB7FA3DB90FBB874C8E1819F5B7492717FF41E303EFC7BF72F93E ] WebClient C:\WINXP\System32\webclnt.dll
06:39:33.0515 0x05a8 WebClient - ok
06:39:33.0640 0x05a8 [ 6F3F3973D97714CC5F906A19FE883729, 7817118BE94D0F6FAE0F9CE48AD70FFE0AEF886CCE09C666768FAB61047F992F ] winmgmt C:\WINXP\system32\wbem\WMIsvc.dll
06:39:33.0859 0x05a8 winmgmt - ok
06:39:33.0890 0x05a8 [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINXP\system32\mspmsnsv.dll
06:39:33.0968 0x05a8 WmdmPmSN - ok
06:39:34.0062 0x05a8 [ 53E1CCF332A2F40B5E08476921CD8B44, BBD472701811695EB8BD06CB3DFAF07D2632E1D271B387395455FE9B274CB470 ] Wmi C:\WINXP\System32\advapi32.dll
06:39:34.0468 0x05a8 Wmi - ok
06:39:34.0531 0x05a8 [ 93908111BA57A6E60EC2FA2DE202105C, F395F25F18D15C6B9FEDB45FD31E10295FFE5517E2BC86ACAC11904EA0664BE2 ] WmiApSrv C:\WINXP\system32\wbem\wmiapsrv.exe
06:39:34.0765 0x05a8 WmiApSrv - ok
06:39:35.0015 0x05a8 [ BF05650BB7DF5E9EBDD25974E22403BB, AF173D89B768CFC7AB03DFADD4F049CAC40AC59A0C9208AF5AB92CB368983077 ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
06:39:35.0171 0x05a8 WMPNetworkSvc - ok
06:39:35.0218 0x05a8 [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb C:\WINXP\system32\DRIVERS\wpdusb.sys
06:39:35.0250 0x05a8 WpdUsb - ok
06:39:35.0375 0x05a8 WPFFontCache_v0400 - ok
06:39:35.0421 0x05a8 [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINXP\System32\drivers\ws2ifsl.sys
06:39:35.0640 0x05a8 WS2IFSL - ok
06:39:35.0687 0x05a8 [ 300B3E84FAF1A5C1F791C159BA28035D, 0194856BDF94C1F274AF70AD558290ACDACDDEA331BD66FEB8E167ABD1E36786 ] wscsvc C:\WINXP\system32\wscsvc.dll
06:39:35.0890 0x05a8 wscsvc - ok
06:39:35.0921 0x05a8 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085, A1DB8909FA73337DB613D01824945485186654364A4DF129B8CB913CF87D1D2E ] wuauserv C:\WINXP\system32\wuauserv.dll
06:39:36.0125 0x05a8 wuauserv - ok
06:39:36.0156 0x05a8 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINXP\system32\DRIVERS\WudfPf.sys
06:39:36.0218 0x05a8 WudfPf - ok
06:39:36.0234 0x05a8 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINXP\system32\DRIVERS\wudfrd.sys
06:39:36.0281 0x05a8 WudfRd - ok
06:39:36.0296 0x05a8 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINXP\System32\WUDFSvc.dll
06:39:36.0343 0x05a8 WudfSvc - ok
06:39:36.0406 0x05a8 [ C4F109C005F6725162D2D12CA751E4A7, AC996B44338328BDD4442FE48406F286A64526F0EC77BE00A19FA7FDB0407CFE ] WZCSVC C:\WINXP\System32\wzcsvc.dll
06:39:36.0687 0x05a8 WZCSVC - ok
06:39:36.0718 0x05a8 [ 0ADA34871A2E1CD2CAAFED1237A47750, 45BEF8649078BD74C1A347B5F2D3A1958E5A7DCD6C6BA8A2E0CAD277A929C64E ] xmlprov C:\WINXP\System32\xmlprov.dll
06:39:37.0000 0x05a8 xmlprov - ok
06:39:37.0031 0x05a8 ================ Scan global ===============================
06:39:37.0078 0x05a8 [ 2C60091CA5F67C3032EAB3B30390C27F, 9E205C8E67F4B61FCFA2A82AA1968D522C3B6410D7075BE813F7F1564D61632E ] C:\WINXP\system32\basesrv.dll
06:39:37.0156 0x05a8 [ 4CD408F799D4A72B0DE1F1116A77A48E, 7EF6B36B63DD010C30AC7B4825E6980C70B18DA4327AB6BC69FBA977E1952992 ] C:\WINXP\system32\winsrv.dll
06:39:37.0203 0x05a8 [ 4CD408F799D4A72B0DE1F1116A77A48E, 7EF6B36B63DD010C30AC7B4825E6980C70B18DA4327AB6BC69FBA977E1952992 ] C:\WINXP\system32\winsrv.dll
06:39:37.0250 0x05a8 [ 4BB6A83640F1D1792AD21CE767B621C6, 7B88A06D5220DE5C378B8C017354E9C8C89D625251A6EB607059A663E2BACD0A ] C:\WINXP\system32\services.exe
06:39:37.0265 0x05a8 [ Global ] - ok
06:39:37.0265 0x05a8 ================ Scan MBR ==================================
06:39:37.0281 0x05a8 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
06:39:37.0921 0x05a8 \Device\Harddisk0\DR0 - ok
06:39:37.0921 0x05a8 ================ Scan VBR ==================================
06:39:37.0937 0x05a8 [ A846173843AB92B064881F986312FEB4 ] \Device\Harddisk0\DR0\Partition1
06:39:37.0953 0x05a8 \Device\Harddisk0\DR0\Partition1 - ok
06:39:37.0968 0x05a8 [ AEDE5C0AD9D6B01674BC71A5B52606A3 ] \Device\Harddisk0\DR0\Partition2
06:39:38.0000 0x05a8 \Device\Harddisk0\DR0\Partition2 - ok
06:39:38.0031 0x05a8 [ FF559AD7CA07C242FF9A42B0BF2DF252 ] \Device\Harddisk0\DR0\Partition3
06:39:38.0078 0x05a8 \Device\Harddisk0\DR0\Partition3 - ok
06:39:38.0125 0x05a8 [ 44EDD11487B869E5B16D2470AD318857 ] \Device\Harddisk0\DR0\Partition4
06:39:38.0156 0x05a8 \Device\Harddisk0\DR0\Partition4 - ok
06:39:38.0156 0x05a8 ================ Scan generic autorun ======================
06:39:38.0343 0x05a8 [ AAA66F4D2B2A0382926F306C5A99440A, 004A99B215D14E7E2F165EE9E70BF1C1D34AA26231B3501FC0287A304582B2F8 ] C:\Programme\avmwlanstick\wlangui.exe
06:39:38.0875 0x05a8 AVMWlanClient - detected UnsignedFile.Multi.Generic ( 1 )
06:39:41.0406 0x05a8 Detect skipped due to KSN trusted
06:39:41.0406 0x05a8 AVMWlanClient - ok
06:39:41.0718 0x05a8 [ A00F240E6B250E91536CE18BFE0A350C, 338DD25039D4BA97DF669493F6ED59D8E3448BE1F9E954E98B46B188B6359D45 ] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
06:39:41.0734 0x05a8 StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
06:39:44.0359 0x05a8 Detect skipped due to KSN trusted
06:39:44.0359 0x05a8 StartCCC - ok
06:39:45.0953 0x05a8 [ 4B9C4018690BF6BE6346199FE3FEC2AC, F7799FAA57509EB02166C5DFBE2B547D7B5B015F1F54D3A9D904DA654EF45C99 ] C:\WINXP\RTHDCPL.EXE
06:39:50.0406 0x05a8 RTHDCPL - ok
06:39:50.0937 0x05a8 [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
06:39:51.0140 0x05a8 Adobe ARM - ok
06:39:51.0390 0x05a8 [ DAA21DC0AA2E688370D356757892816D, 97EBF3B8A4B8544B6C1379A391AA4079F38EB4D507931249BC1427D961F58F8C ] C:\Programme\Avira\AntiVir Desktop\avgnt.exe
06:39:52.0093 0x05a8 avgnt - ok
06:39:52.0187 0x05a8 [ 14D6542607ACD4B2D1DDB1A36E0D8813, 3A270600549E8E7988D5AF3486C0F504269B9573393D87BF87BDB2287BF007B2 ] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
06:39:52.0250 0x05a8 SunJavaUpdateSched - ok
06:39:52.0250 0x05a8 {F21CF013-09A7-4FA3-820E-16853B89EF5A} - ok
06:39:52.0296 0x05a8 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINXP\system32\CTFMON.EXE
06:39:53.0125 0x05a8 CTFMON.EXE - ok
06:39:53.0125 0x05a8 borobororb.exe - ok
06:39:53.0140 0x05a8 nltide_2 - ok
06:39:53.0156 0x05a8 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINXP\system32\ctfmon.exe
06:39:53.0406 0x05a8 ctfmon.exe - ok
06:39:53.0421 0x05a8 Waiting for KSN requests completion. In queue: 6
06:39:54.0421 0x05a8 Waiting for KSN requests completion. In queue: 6
06:39:55.0421 0x05a8 Waiting for KSN requests completion. In queue: 6
06:39:56.0859 0x05a8 AV detected via SS1: Avira Desktop, 14.0.7.220, enabled, outofdate
06:39:56.0906 0x05a8 Win FW state via NFM: enabled
06:39:59.0359 0x05a8 ============================================================
06:39:59.0359 0x05a8 Scan finished
06:39:59.0359 0x05a8 ============================================================
06:39:59.0421 0x08e0 Detected object count: 0
06:39:59.0421 0x08e0 Actual detected object count: 0

schrauber · 24.11.2014, 20:24

Lade Dir bitte Bluescreenview und installiere es:
BlueScreenView - Download - Filepony

Öffnen und den aktuellsten Dump analysieren lassen (macht das Tool automatisch).
Output hier posten.

kickstaa · 25.11.2014, 13:58

==================================================
Dump File : Mini111214-01.dmp
Crash Time : 12.11.2014 14:32:47
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x34f566ae
Parameter 2 : 0x00000002
Parameter 3 : 0x00000000
Parameter 4 : 0x8050f127
Caused By Driver : Ntfs.sys
Caused By Address : Ntfs.sys+20c7e
File Description : NT File System Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Crash Address : ntoskrnl.exe+38127
Stack Address 1 : ntoskrnl.exe+38a77
Stack Address 2 : ntoskrnl.exe+d554
Stack Address 3 : ntoskrnl.exe+d8c5
Computer Name :
Full Path : C:\WINXP\Minidump\Mini111214-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 102.400
Dump File Time : 12.11.2014 14:33:41
==================================================

==================================================
Dump File : Mini111114-01.dmp
Crash Time : 11.11.2014 16:17:28
Bug Check String : NTFS_FILE_SYSTEM
Bug Check Code : 0x00000024
Parameter 1 : 0x001902fe
Parameter 2 : 0xba08e628
Parameter 3 : 0xba08e324
Parameter 4 : 0x8054b168
Caused By Driver : Ntfs.sys
Caused By Address : Ntfs.sys+dff0
File Description : NT File System Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Crash Address : ntoskrnl.exe+22f43
Stack Address 1 : Ntfs.sys+dff0
Stack Address 2 : Ntfs.sys+31033
Stack Address 3 : ntoskrnl.exe+1819f
Computer Name :
Full Path : C:\WINXP\Minidump\Mini111114-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 102.400
Dump File Time : 11.11.2014 16:18:30
==================================================

==================================================
Dump File : Mini110614-01.dmp
Crash Time : 06.11.2014 09:03:42
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0x7a0298e7
Parameter 2 : 0x00000002
Parameter 3 : 0x00000000
Parameter 4 : 0xee4976e4
Caused By Driver : fwlanusb.sys
Caused By Address : fwlanusb.sys+a6e4
File Description : fwlanusb.sys
Product Name : AVM FRITZ!WLAN USB Stick
Company : AVM GmbH
File Version : 2.0.6.1647
Processor : 32-bit
Crash Address : fwlanusb.sys+a6e4
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\WINXP\Minidump\Mini110614-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 102.400
Dump File Time : 06.11.2014 09:04:31
==================================================

==================================================
Dump File : Mini110514-01.dmp
Crash Time : 05.11.2014 08:34:57
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x805bba19
Parameter 3 : 0xeb742b98
Parameter 4 : 0x00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+e4a19
File Description : NT-Kernel und -System
Product Name : Betriebssystem Microsoft® Windows®
Company : Microsoft Corporation
File Version : 5.1.2600.5657 (xpsp_sp3_qfe.080814-1300)
Processor : 32-bit
Crash Address : ntoskrnl.exe+e4a19
Stack Address 1 : ntoskrnl.exe+9f000
Stack Address 2 : ntoskrnl.exe+9f9aa
Stack Address 3 : ntoskrnl.exe+a31a9
Computer Name :
Full Path : C:\WINXP\Minidump\Mini110514-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 102.400
Dump File Time : 05.11.2014 08:35:44
==================================================

==================================================
Dump File : Mini101614-01.dmp
Crash Time : 16.10.2014 11:41:42
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x8054bfd2
Parameter 3 : 0xba133bb8
Parameter 4 : 0x00000000
Caused By Driver : avipbb.sys
Caused By Address : avipbb.sys+16219
File Description : Avira Driver for Security Enhancement
Product Name : Avira Product Family
Company : Avira Operations GmbH & Co. KG
File Version : 14.0.7.186
Processor : 32-bit
Crash Address : ntoskrnl.exe+74fd2
Stack Address 1 : avipbb.sys+16219
Stack Address 2 : avipbb.sys+9503
Stack Address 3 : avipbb.sys+9884
Computer Name :
Full Path : C:\WINXP\Minidump\Mini101614-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 102.400
Dump File Time : 16.10.2014 12:35:43
==================================================

==================================================
Dump File : Mini100914-01.dmp
Crash Time : 09.10.2014 13:10:04
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x00000000
Parameter 2 : 0x0000001c
Parameter 3 : 0x00000001
Parameter 4 : 0x804fb03c
Caused By Driver : win32k.sys
Caused By Address : win32k.sys+f105
File Description : Mehrbenutzer-Win32-Treiber
Product Name : Betriebssystem Microsoft® Windows®
Company : Microsoft Corporation
File Version : 5.1.2600.5676 (xpsp_sp3_qfe.080915-1456)
Processor : 32-bit
Crash Address : ntoskrnl.exe+2403c
Stack Address 1 : ntoskrnl.exe+5ecb7
Stack Address 2 : ntoskrnl.exe+5f1b4
Stack Address 3 : win32k.sys+1930
Computer Name :
Full Path : C:\WINXP\Minidump\Mini100914-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 102.400
Dump File Time : 09.10.2014 13:10:53
==================================================

==================================================
Dump File : Mini091014-01.dmp
Crash Time : 09.09.2014 12:27:32
Bug Check String : UNEXPECTED_KERNEL_MODE_TRAP
Bug Check Code : 0x1000007f
Parameter 1 : 0x0000000d
Parameter 2 : 0x00000000
Parameter 3 : 0x00000000
Parameter 4 : 0x00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+e24f9
File Description : NT-Kernel und -System
Product Name : Betriebssystem Microsoft® Windows®
Company : Microsoft Corporation
File Version : 5.1.2600.5657 (xpsp_sp3_qfe.080814-1300)
Processor : 32-bit
Crash Address : ntoskrnl.exe+e24f9
Stack Address 1 : ntoskrnl.exe+49e61
Stack Address 2 : ntoskrnl.exe+d2965
Stack Address 3 : ntoskrnl.exe+6a62c
Computer Name :
Full Path : C:\WINXP\Minidump\Mini091014-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 102.400
Dump File Time : 10.09.2014 11:07:27
==================================================

==================================================
Dump File : Mini082514-01.dmp
Crash Time : 25.08.2014 15:34:15
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0x00000080
Parameter 2 : 0x804fc8f5
Parameter 3 : 0xf76f9684
Parameter 4 : 0x00000000
Caused By Driver : kmixer.sys
Caused By Address : kmixer.sys+1739
File Description : Kernel Mode Audio Mixer
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Processor : 32-bit
Crash Address : ntoskrnl.exe+258f5
Stack Address 1 : ntoskrnl.exe+2597c
Stack Address 2 : kmixer.sys+1739
Stack Address 3 : kmixer.sys+1236b
Computer Name :
Full Path : C:\WINXP\Minidump\Mini082514-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 102.400
Dump File Time : 25.08.2014 15:35:01
==================================================

==================================================
Dump File : Mini082114-01.dmp
Crash Time : 21.08.2014 13:14:55
Bug Check String : MEMORY_MANAGEMENT
Bug Check Code : 0x0000001a
Parameter 1 : 0x00041284
Parameter 2 : 0x05d65001
Parameter 3 : 0x00000000
Parameter 4 : 0xc0883000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+22f43
File Description : NT-Kernel und -System
Product Name : Betriebssystem Microsoft® Windows®
Company : Microsoft Corporation
File Version : 5.1.2600.5657 (xpsp_sp3_qfe.080814-1300)
Processor : 32-bit
Crash Address : ntoskrnl.exe+22f43
Stack Address 1 : ntoskrnl.exe+4c319
Stack Address 2 : ntoskrnl.exe+4cb9f
Stack Address 3 : ntoskrnl.exe+4cfb8
Computer Name :
Full Path : C:\WINXP\Minidump\Mini082114-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 102.400
Dump File Time : 21.08.2014 14:21:53
==================================================

==================================================
Dump File : Mini082014-01.dmp
Crash Time : 20.08.2014 06:37:15
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0xc5128d7c
Parameter 2 : 0x00000000
Parameter 3 : 0x80505f17
Parameter 4 : 0x00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+2ef17
File Description : NT-Kernel und -System
Product Name : Betriebssystem Microsoft® Windows®
Company : Microsoft Corporation
File Version : 5.1.2600.5657 (xpsp_sp3_qfe.080814-1300)
Processor : 32-bit
Crash Address : ntoskrnl.exe+2ef17
Stack Address 1 : ntoskrnl.exe+49981
Stack Address 2 : ntoskrnl.exe+6d588
Stack Address 3 :
Computer Name :
Full Path : C:\WINXP\Minidump\Mini082014-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 102.400
Dump File Time : 20.08.2014 06:38:01
==================================================

==================================================
Dump File : Mini072414-01.dmp
Crash Time : 23.07.2014 10:52:09
Bug Check String : PFN_LIST_CORRUPT
Bug Check Code : 0x0000004e
Parameter 1 : 0x00000099
Parameter 2 : 0x00000000
Parameter 3 : 0x00000001
Parameter 4 : 0x00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+22f43
File Description : NT-Kernel und -System
Product Name : Betriebssystem Microsoft® Windows®
Company : Microsoft Corporation
File Version : 5.1.2600.5657 (xpsp_sp3_qfe.080814-1300)
Processor : 32-bit
Crash Address : ntoskrnl.exe+22f43
Stack Address 1 : ntoskrnl.exe+4bddc
Stack Address 2 : ntoskrnl.exe+3aa55
Stack Address 3 : ntoskrnl.exe+d927f
Computer Name :
Full Path : C:\WINXP\Minidump\Mini072414-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 102.400
Dump File Time : 24.07.2014 06:36:55
==================================================

==================================================
Dump File : Mini071014-01.dmp
Crash Time : 10.07.2014 09:59:01
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x9d0a600d
Parameter 2 : 0x00000002
Parameter 3 : 0x00000000
Parameter 4 : 0x8051ad20
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+43d20
File Description : NT-Kernel und -System
Product Name : Betriebssystem Microsoft® Windows®
Company : Microsoft Corporation
File Version : 5.1.2600.5657 (xpsp_sp3_qfe.080814-1300)
Processor : 32-bit
Crash Address : ntoskrnl.exe+43d20
Stack Address 1 : ntoskrnl.exe+aad9
Stack Address 2 : ntoskrnl.exe+100fc
Stack Address 3 : ntoskrnl.exe+6177d
Computer Name :
Full Path : C:\WINXP\Minidump\Mini071014-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 102.400
Dump File Time : 10.07.2014 11:33:51
==================================================

==================================================
Dump File : Mini062714-01.dmp
Crash Time : 27.06.2014 10:48:26
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0xe4396b08
Parameter 2 : 0x00000001
Parameter 3 : 0xf729c86b
Parameter 4 : 0x00000001
Caused By Driver : Ntfs.sys
Caused By Address : Ntfs.sys+4186b
File Description : NT File System Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Crash Address : Ntfs.sys+4186b
Stack Address 1 : Ntfs.sys+417f1
Stack Address 2 : Ntfs.sys+2d2a9
Stack Address 3 : Ntfs.sys+4162e
Computer Name :
Full Path : C:\WINXP\Minidump\Mini062714-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 102.400
Dump File Time : 27.06.2014 10:49:17
==================================================

==================================================
Dump File : Mini062314-01.dmp
Crash Time : 23.06.2014 09:42:14
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0xebe10eba
Parameter 3 : 0xeb34aeb4
Parameter 4 : 0x00000000
Caused By Driver : avgntflt.sys
Caused By Address : avgntflt.sys+13eba
File Description : Avira Minifilter Driver
Product Name : Avira Product Family
Company : Avira Operations GmbH & Co. KG
File Version : 14.0.6.524
Processor : 32-bit
Crash Address : avgntflt.sys+13eba
Stack Address 1 : fltMgr.sys+ef3
Stack Address 2 : fltMgr.sys+3338
Stack Address 3 : fltMgr.sys+3867
Computer Name :
Full Path : C:\WINXP\Minidump\Mini062314-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 102.400
Dump File Time : 23.06.2014 09:42:56
==================================================

==================================================
Dump File : Mini062014-02.dmp
Crash Time : 20.06.2014 07:32:59
Bug Check String : MEMORY_MANAGEMENT
Bug Check Code : 0x0000001a
Parameter 1 : 0x00041284
Parameter 2 : 0x051e4001
Parameter 3 : 0x00003f43
Parameter 4 : 0xc0883000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+22f43
File Description : NT-Kernel und -System
Product Name : Betriebssystem Microsoft® Windows®
Company : Microsoft Corporation
File Version : 5.1.2600.5657 (xpsp_sp3_qfe.080814-1300)
Processor : 32-bit
Crash Address : ntoskrnl.exe+22f43
Stack Address 1 : ntoskrnl.exe+4c319
Stack Address 2 : ntoskrnl.exe+4cb9f
Stack Address 3 : ntoskrnl.exe+4cfb8
Computer Name :
Full Path : C:\WINXP\Minidump\Mini062014-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 102.400
Dump File Time : 20.06.2014 07:33:42
==================================================

==================================================
Dump File : Mini062014-01.dmp
Crash Time : 20.06.2014 06:51:24
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0xffffffff
Parameter 2 : 0x00000001
Parameter 3 : 0xe1a19520
Parameter 4 : 0x00000000
Caused By Driver : ati2dvag.dll
Caused By Address : ati2dvag.dll+1cdd5
File Description : ATI Radeon WindowsNT Display Driver
Product Name : ATI Radeon WindowsNT Display Driver
Company : ATI Technologies Inc.
File Version : 6.14.10.6925
Processor : 32-bit
Crash Address :
Stack Address 1 : ati2dvag.dll+1d4f2
Stack Address 2 : ati2dvag.dll+63e7
Stack Address 3 : ati2dvag.dll+4a093
Computer Name :
Full Path : C:\WINXP\Minidump\Mini062014-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 102.400
Dump File Time : 20.06.2014 06:52:14
==================================================

==================================================
Dump File : Mini061114-01.dmp
Crash Time : 11.06.2014 09:45:04
Bug Check String : MEMORY_MANAGEMENT
Bug Check Code : 0x0000001a
Parameter 1 : 0x00041284
Parameter 2 : 0x182c3001
Parameter 3 : 0x00000000
Parameter 4 : 0xc0883000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+22f43
File Description : NT-Kernel und -System
Product Name : Betriebssystem Microsoft® Windows®
Company : Microsoft Corporation
File Version : 5.1.2600.5657 (xpsp_sp3_qfe.080814-1300)
Processor : 32-bit
Crash Address : ntoskrnl.exe+22f43
Stack Address 1 : ntoskrnl.exe+4c319
Stack Address 2 : ntoskrnl.exe+4cb9f
Stack Address 3 : ntoskrnl.exe+4cfb8
Computer Name :
Full Path : C:\WINXP\Minidump\Mini061114-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 102.400
Dump File Time : 11.06.2014 09:45:54
==================================================

==================================================
Dump File : Mini060514-02.dmp
Crash Time : 05.06.2014 15:10:32
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x00000000
Parameter 2 : 0x0000001c
Parameter 3 : 0x00000001
Parameter 4 : 0x804fb03c
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+2403c
File Description : NT-Kernel und -System
Product Name : Betriebssystem Microsoft® Windows®
Company : Microsoft Corporation
File Version : 5.1.2600.5657 (xpsp_sp3_qfe.080814-1300)
Processor : 32-bit
Crash Address : ntoskrnl.exe+2403c
Stack Address 1 : ntoskrnl.exe+e9788
Stack Address 2 : ntoskrnl.exe+6a62c
Stack Address 3 :
Computer Name :
Full Path : C:\WINXP\Minidump\Mini060514-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 102.400
Dump File Time : 05.06.2014 15:11:25
==================================================

==================================================
Dump File : Mini060514-01.dmp
Crash Time : 05.06.2014 08:49:03
Bug Check String : SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000007e
Parameter 1 : 0xc0000005
Parameter 2 : 0xbf1f3819
Parameter 3 : 0xeb3f2b08
Parameter 4 : 0xeb3f2804
Caused By Driver : ati3duag.dll
Caused By Address : ati3duag.dll+26819
File Description : ati3duag.dll
Product Name : ATI Technologies Inc. Radeon DirectX Universal Driver
Company : ATI Technologies Inc.
File Version : 6.14.10.0647
Processor : 32-bit
Crash Address : ati3duag.dll+26819
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\WINXP\Minidump\Mini060514-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 102.400
Dump File Time : 05.06.2014 08:49:50
==================================================

==================================================
Dump File : Mini060214-01.dmp
Crash Time : 02.06.2014 10:51:30
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x8057d31c
Parameter 3 : 0xba6d5c40
Parameter 4 : 0x00000000
Caused By Driver : USBPORT.SYS
Caused By Address : USBPORT.SYS+1aeae
File Description : USB 1.1 & 2.0 Port Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Processor : 32-bit
Crash Address : ntoskrnl.exe+a631c
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\WINXP\Minidump\Mini060214-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 102.400
Dump File Time : 02.06.2014 10:52:23
==================================================

==================================================
Dump File : Mini052714-01.dmp
Crash Time : 26.05.2014 15:11:23
Bug Check String : MEMORY_MANAGEMENT
Bug Check Code : 0x0000001a
Parameter 1 : 0x00041284
Parameter 2 : 0x068c7001
Parameter 3 : 0x00000fef
Parameter 4 : 0xc0883000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+22f43
File Description : NT-Kernel und -System
Product Name : Betriebssystem Microsoft® Windows®
Company : Microsoft Corporation
File Version : 5.1.2600.5657 (xpsp_sp3_qfe.080814-1300)
Processor : 32-bit
Crash Address : ntoskrnl.exe+22f43
Stack Address 1 : ntoskrnl.exe+4c319
Stack Address 2 : ntoskrnl.exe+4cb9f
Stack Address 3 : ntoskrnl.exe+4cfb8
Computer Name :
Full Path : C:\WINXP\Minidump\Mini052714-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 102.400
Dump File Time : 27.05.2014 07:56:11
==================================================

==================================================
Dump File : Mini051614-01.dmp
Crash Time : 16.05.2014 11:50:30
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0xab0a600d
Parameter 2 : 0x00000002
Parameter 3 : 0x00000000
Parameter 4 : 0x8051bd7e
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+44d7e
File Description : NT-Kernel und -System
Product Name : Betriebssystem Microsoft® Windows®
Company : Microsoft Corporation
File Version : 5.1.2600.5657 (xpsp_sp3_qfe.080814-1300)
Processor : 32-bit
Crash Address : ntoskrnl.exe+44d7e
Stack Address 1 : ntoskrnl.exe+c9f9
Stack Address 2 : ntoskrnl.exe+a5b0
Stack Address 3 : Ntfs.sys+4f83
Computer Name :
Full Path : C:\WINXP\Minidump\Mini051614-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 102.400
Dump File Time : 16.05.2014 11:51:15
==================================================

==================================================
Dump File : Mini050814-04.dmp
Crash Time : 08.05.2014 14:13:27
Bug Check String : BAD_POOL_CALLER
Bug Check Code : 0x000000c2
Parameter 1 : 0x00000040
Parameter 2 : 0x00000000
Parameter 3 : 0x80000000
Parameter 4 : 0x00000000
Caused By Driver : win32k.sys
Caused By Address : win32k.sys+acb00
File Description : Mehrbenutzer-Win32-Treiber
Product Name : Betriebssystem Microsoft® Windows®
Company : Microsoft Corporation
File Version : 5.1.2600.5676 (xpsp_sp3_qfe.080915-1456)
Processor : 32-bit
Crash Address : ntoskrnl.exe+22f43
Stack Address 1 : ntoskrnl.exe+71c2d
Stack Address 2 : ntoskrnl.exe+7449a
Stack Address 3 : win32k.sys+29fd
Computer Name :
Full Path : C:\WINXP\Minidump\Mini050814-04.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 102.400
Dump File Time : 08.05.2014 14:39:45
==================================================

==================================================
Dump File : Mini050814-02.dmp
Crash Time : 08.05.2014 14:11:17
Bug Check String : SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000007e
Parameter 1 : 0xc0000005
Parameter 2 : 0x8051b1bc
Parameter 3 : 0xba50ba9c
Parameter 4 : 0xba50b798
Caused By Driver : hal.dll
Caused By Address : hal.dll+2aa8
File Description : Hardware Abstraction Layer DLL
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Crash Address : ntoskrnl.exe+441bc
Stack Address 1 : ntoskrnl.exe+939cc
Stack Address 2 : ntoskrnl.exe+11239
Stack Address 3 : ntoskrnl.exe+1144e
Computer Name :
Full Path : C:\WINXP\Minidump\Mini050814-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 102.400
Dump File Time : 08.05.2014 14:12:06
==================================================

==================================================
Dump File : Mini050814-01.dmp
Crash Time : 08.05.2014 14:07:48
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0xbf025e3f
Parameter 3 : 0xba217984
Parameter 4 : 0x00000000
Caused By Driver : ati2dvag.dll
Caused By Address : ati2dvag.dll+13e3f
File Description : ATI Radeon WindowsNT Display Driver
Product Name : ATI Radeon WindowsNT Display Driver
Company : ATI Technologies Inc.
File Version : 6.14.10.6925
Processor : 32-bit
Crash Address : ati2dvag.dll+13e3f
Stack Address 1 : ati2dvag.dll+26fbd
Stack Address 2 : win32k.sys+ab282
Stack Address 3 : win32k.sys+a36bf
Computer Name :
Full Path : C:\WINXP\Minidump\Mini050814-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 102.400
Dump File Time : 08.05.2014 14:10:18
==================================================

==================================================
Dump File : Mini050614-03.dmp
Crash Time : 06.05.2014 10:35:15
Bug Check String : BAD_POOL_HEADER
Bug Check Code : 0x00000019
Parameter 1 : 0x00000020
Parameter 2 : 0xe30d0560
Parameter 3 : 0xe30d05a8
Parameter 4 : 0x0c090601
Caused By Driver : win32k.sys
Caused By Address : win32k.sys+29fd
File Description : Mehrbenutzer-Win32-Treiber
Product Name : Betriebssystem Microsoft® Windows®
Company : Microsoft Corporation
File Version : 5.1.2600.5676 (xpsp_sp3_qfe.080915-1456)
Processor : 32-bit
Crash Address : ntoskrnl.exe+22f43
Stack Address 1 : ntoskrnl.exe+74583
Stack Address 2 : win32k.sys+29fd
Stack Address 3 : win32k.sys+49e9
Computer Name :
Full Path : C:\WINXP\Minidump\Mini050614-03.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 102.400
Dump File Time : 06.05.2014 10:36:10
==================================================

==================================================
Dump File : Mini050614-02.dmp
Crash Time : 06.05.2014 10:22:00
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x804ef100
Parameter 3 : 0xba087ba0
Parameter 4 : 0x00000000
Caused By Driver : fltMgr.sys
Caused By Address : fltMgr.sys+3ef4
File Description : Microsoft Filesystem Filter Manager
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Crash Address : ntoskrnl.exe+18100
Stack Address 1 : fltMgr.sys+406b
Stack Address 2 :
Stack Address 3 : fltMgr.sys+406b
Computer Name :
Full Path : C:\WINXP\Minidump\Mini050614-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 102.400
Dump File Time : 06.05.2014 10:22:58
==================================================

==================================================
Dump File : Mini050614-01.dmp
Crash Time : 06.05.2014 06:47:35
Bug Check String : NTFS_FILE_SYSTEM
Bug Check Code : 0x00000024
Parameter 1 : 0x001902fe
Parameter 2 : 0xeba7ce98
Parameter 3 : 0xeba7cb94
Parameter 4 : 0xf7285459
Caused By Driver : Ntfs.sys
Caused By Address : Ntfs.sys+2a459
File Description : NT File System Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Crash Address : ntoskrnl.exe+22f43
Stack Address 1 : Ntfs.sys+dff0
Stack Address 2 : Ntfs.sys+31033
Stack Address 3 : ntoskrnl.exe+1819f
Computer Name :
Full Path : C:\WINXP\Minidump\Mini050614-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 102.400
Dump File Time : 06.05.2014 06:48:42
==================================================

==================================================
Dump File : Mini042914-01.dmp
Crash Time : 29.04.2014 14:23:02
Bug Check String : SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000007e
Parameter 1 : 0xc0000005
Parameter 2 : 0x8054b10d
Parameter 3 : 0xf7acd870
Parameter 4 : 0xf7acd56c
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+7410d
File Description : NT-Kernel und -System
Product Name : Betriebssystem Microsoft® Windows®
Company : Microsoft Corporation
File Version : 5.1.2600.5657 (xpsp_sp3_qfe.080814-1300)
Processor : 32-bit
Crash Address : ntoskrnl.exe+7410d
Stack Address 1 : ntoskrnl.exe+7475f
Stack Address 2 : ntoskrnl.exe+10e6c8
Stack Address 3 : ntoskrnl.exe+10ea89
Computer Name :
Full Path : C:\WINXP\Minidump\Mini042914-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 102.400
Dump File Time : 29.04.2014 14:23:55
==================================================

==================================================
Dump File : Mini041614-01.dmp
Crash Time : 16.04.2014 13:47:31
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0xe16d6553
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x806e7a2a
Caused By Driver : hal.dll
Caused By Address : hal.dll+2a2a
File Description : Hardware Abstraction Layer DLL
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Crash Address : hal.dll+2a2a
Stack Address 1 : win32k.sys+1930
Stack Address 2 : win32k.sys+1176a
Stack Address 3 : win32k.sys+12f8e
Computer Name :
Full Path : C:\WINXP\Minidump\Mini041614-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 102.400
Dump File Time : 16.04.2014 13:48:53
==================================================

==================================================
Dump File : Mini041114-02.dmp
Crash Time : 11.04.2014 11:02:03
Bug Check String : PFN_LIST_CORRUPT
Bug Check Code : 0x0000004e
Parameter 1 : 0x00000099
Parameter 2 : 0x00000000
Parameter 3 : 0x00000001
Parameter 4 : 0x00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+22f43
File Description : NT-Kernel und -System
Product Name : Betriebssystem Microsoft® Windows®
Company : Microsoft Corporation
File Version : 5.1.2600.5657 (xpsp_sp3_qfe.080814-1300)
Processor : 32-bit
Crash Address : ntoskrnl.exe+22f43
Stack Address 1 : ntoskrnl.exe+4bddc
Stack Address 2 : ntoskrnl.exe+3aa55
Stack Address 3 : ntoskrnl.exe+d927f
Computer Name :
Full Path : C:\WINXP\Minidump\Mini041114-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 102.400
Dump File Time : 11.04.2014 11:02:56
==================================================

==================================================
Dump File : Mini041114-01.dmp
Crash Time : 11.04.2014 07:55:24
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x80546ad1
Parameter 3 : 0xba4deb7c
Parameter 4 : 0x00000000
Caused By Driver : win32k.sys
Caused By Address : win32k.sys+77be
File Description : Mehrbenutzer-Win32-Treiber
Product Name : Betriebssystem Microsoft® Windows®
Company : Microsoft Corporation
File Version : 5.1.2600.5676 (xpsp_sp3_qfe.080915-1456)
Processor : 32-bit
Crash Address : ntoskrnl.exe+6fad1
Stack Address 1 : win32k.sys+701f
Stack Address 2 : win32k.sys+5159
Stack Address 3 : win32k.sys+c6cc
Computer Name :
Full Path : C:\WINXP\Minidump\Mini041114-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 102.400
Dump File Time : 11.04.2014 07:56:26
==================================================

==================================================
Dump File : Mini032614-01.dmp
Crash Time : 26.03.2014 14:45:33
Bug Check String : NTFS_FILE_SYSTEM
Bug Check Code : 0x00000024
Parameter 1 : 0x001902fe
Parameter 2 : 0xba4531dc
Parameter 3 : 0xba452ed8
Parameter 4 : 0x8054bfd2
Caused By Driver : Ntfs.sys
Caused By Address : Ntfs.sys+dff0
File Description : NT File System Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Crash Address : ntoskrnl.exe+22f43
Stack Address 1 : Ntfs.sys+dff0
Stack Address 2 : Ntfs.sys+31033
Stack Address 3 : ntoskrnl.exe+1819f
Computer Name :
Full Path : C:\WINXP\Minidump\Mini032614-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 102.400
Dump File Time : 26.03.2014 15:42:45
==================================================

==================================================
Dump File : Mini031714-01.dmp
Crash Time : 17.03.2014 08:31:53
Bug Check String : MEMORY_MANAGEMENT
Bug Check Code : 0x0000001a
Parameter 1 : 0x00041785
Parameter 2 : 0xc0883000
Parameter 3 : 0x00338420
Parameter 4 : 0x00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+22f43
File Description : NT-Kernel und -System
Product Name : Betriebssystem Microsoft® Windows®
Company : Microsoft Corporation
File Version : 5.1.2600.5657 (xpsp_sp3_qfe.080814-1300)
Processor : 32-bit
Crash Address : ntoskrnl.exe+22f43
Stack Address 1 : ntoskrnl.exe+4c342
Stack Address 2 : ntoskrnl.exe+dc532
Stack Address 3 : ntoskrnl.exe+6a62c
Computer Name :
Full Path : C:\WINXP\Minidump\Mini031714-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 102.400
Dump File Time : 17.03.2014 08:32:59
==================================================

==================================================
Dump File : Mini031414-01.dmp
Crash Time : 14.03.2014 07:52:49
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0xe3d08000
Parameter 2 : 0x00000000
Parameter 3 : 0xbf8236b5
Parameter 4 : 0x00000001
Caused By Driver : win32k.sys
Caused By Address : win32k.sys+236b5
File Description : Mehrbenutzer-Win32-Treiber
Product Name : Betriebssystem Microsoft® Windows®
Company : Microsoft Corporation
File Version : 5.1.2600.5676 (xpsp_sp3_qfe.080915-1456)
Processor : 32-bit
Crash Address : win32k.sys+236b5
Stack Address 1 : win32k.sys+13530
Stack Address 2 : win32k.sys+5cb5
Stack Address 3 : win32k.sys+4699
Computer Name :
Full Path : C:\WINXP\Minidump\Mini031414-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 102.400
Dump File Time : 14.03.2014 07:53:51
==================================================

==================================================
Dump File : Mini031114-01.dmp
Crash Time : 11.03.2014 11:33:06
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0xbf0217fc
Parameter 3 : 0xeb3c8058
Parameter 4 : 0x00000000
Caused By Driver : ati2dvag.dll
Caused By Address : ati2dvag.dll+f7fc
File Description : ATI Radeon WindowsNT Display Driver
Product Name : ATI Radeon WindowsNT Display Driver
Company : ATI Technologies Inc.
File Version : 6.14.10.6925
Processor : 32-bit
Crash Address : ati2dvag.dll+f7fc
Stack Address 1 : ati2dvag.dll+ce64
Stack Address 2 : ati2dvag.dll+498b3
Stack Address 3 : win32k.sys+5b06
Computer Name :
Full Path : C:\WINXP\Minidump\Mini031114-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 102.400
Dump File Time : 11.03.2014 11:33:55
==================================================

==================================================
Dump File : Mini031014-01.dmp
Crash Time : 10.03.2014 11:07:51
Bug Check String : BAD_POOL_HEADER
Bug Check Code : 0x00000019
Parameter 1 : 0x00000020
Parameter 2 : 0xe2e989e0
Parameter 3 : 0xe2e98a20
Parameter 4 : 0x0c080201
Caused By Driver : Ntfs.sys
Caused By Address : Ntfs.sys+186c8
File Description : NT File System Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Crash Address : ntoskrnl.exe+22f43
Stack Address 1 : ntoskrnl.exe+74583
Stack Address 2 : Ntfs.sys+2478e
Stack Address 3 : Ntfs.sys+25042
Computer Name :
Full Path : C:\WINXP\Minidump\Mini031014-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 102.400
Dump File Time : 10.03.2014 11:08:56
==================================================

schrauber · 26.11.2014, 08:45

Downloade Dir bitte WVCheck von Artellos.com

Speichere die Datei auf dem Desktop. ( solltest Du dir die .zip Datei herunter geladen haben musst Du diese zuerst entpacken )
Starte die .exe mit Doppelklick
Vista und Win7 User: mit Rechtsklick "als Admin ausführen" starten
Wie beschrieben, kann das Tool eine Weile brauchen.
Wenn es erledigt ist, kopiere den Inhalt des Textdokumentes hier in deinen Thread

kickstaa · 27.11.2014, 07:58

Windows Validation Check
Version: 1.9.12.5
Log Created On: 0758_27-11-2014
-----------------------

Windows Information
-----------------------
Windows Version: Windows XP Service Pack 3
Windows Mode: Normal
Systemroot Path: C:\WINXP

WVCheck's Auto Update Check
-----------------------
Auto-Update Option: Do not download or install updates automatically.
-----------------------
Last success time for Automatic Updates for 'Detect', 'Download' and 'Install' could not be found.

WVCheck's Registry Check Check
-----------------------
Antiwpa: Not Found
-----------------------
Chew7Hale: Not Found
-----------------------

WVCheck's File Dump
-----------------------
WVCheck found no known bad files.

WVCheck's Dir Dump
-----------------------
WVCheck found no known bad directories.

WVCheck's Missing File Check
-----------------------
WVCheck found no missing Windows files.

WVCheck's HOSTS File Check
-----------------------
WVCheck found no bad lines in the hosts file.

WVCheck's MD5 Check
EXPERIMENTAL!!
-----------------------
user32.dll - b0050cc5340e3a0760dd8b417ff7aebd

-------- End of File, program close at 0758_27-11-2014 --------

schrauber · 27.11.2014, 19:50

is das XP legal erworben?

kickstaa · 28.11.2014, 06:22

Nein ist es nicht

schrauber · 28.11.2014, 18:34

Dacht ich mir. Aber dann endet auch der Support hier.

24.11.2014, 20:24	#6
schrauber /// the machine /// TB-Ausbilder	Firefox stürzt stänig ab und pc sehr lahm xp rechner Lade Dir bitte Bluescreenview und installiere es: BlueScreenView - Download - Filepony Öffnen und den aktuellsten Dump analysieren lassen (macht das Tool automatisch). Output hier posten. __________________ --> Firefox stürzt stänig ab und pc sehr lahm xp rechner

27.11.2014, 19:50	#10
schrauber /// the machine /// TB-Ausbilder	Firefox stürzt stänig ab und pc sehr lahm xp rechner is das XP legal erworben? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

28.11.2014, 18:34	#12
schrauber /// the machine /// TB-Ausbilder	Firefox stürzt stänig ab und pc sehr lahm xp rechner Dacht ich mir. Aber dann endet auch der Support hier. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Firefox stürzt stänig ab und pc sehr lahm xp rechner

Plagegeister aller Art und deren Bekämpfung: Firefox stürzt stänig ab und pc sehr lahm xp rechner