|
PC langsamer / Probleme bei Aktualisierung der Antiviren-Software Hi, seit einigen Tagen habe ich das Gefühl, dass mein PC langsamer ist; außerdem scheint seit ziemlich genau einer Woche die Aktualisierung von Avira Free Antivirus fehlzuschlagen (auch manuell). Es könnte im Zusammenhang mit einer e-Mail stehen, die nicht von mir, aber einem Familienmitglied auf dem PC leider geöffnet worden ist (ich könnte den angesprochenen Link posten, falls erwünscht). Anbei die Logs; extra.txt hat mein PC leider nicht erstellt!? Vielen Dank! ---- OTL logfile created on: 18.12.2011 20:25:14 - Run 3 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Dokumente und Einstellungen\***\Eigene Dateien\Downloads Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1023,48 Mb Total Physical Memory | 369,07 Mb Available Physical Memory | 36,06% Memory free 2,40 Gb Paging File | 1,39 Gb Available in Paging File | 57,90% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 186,31 Gb Total Space | 36,17 Gb Free Space | 19,41% Space Free | Partition Type: NTFS Drive D: | 186,31 Gb Total Space | 186,12 Gb Free Space | 99,90% Space Free | Partition Type: NTFS Drive E: | 683,92 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: WOODSTOCK | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.12.18 18:59:22 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***\Eigene Dateien\Downloads\OTL(2).exe PRC - [2011.11.23 19:36:10 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox 2\firefox.exe PRC - [2011.11.23 19:35:59 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox 2\plugin-container.exe PRC - [2011.09.23 17:08:16 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2011.09.23 17:01:05 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2011.09.23 10:38:18 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2011.09.16 01:34:40 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2011.09.05 14:46:50 | 000,362,200 | ---- | M] (facemoods.com) -- C:\Programme\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe PRC - [2011.06.14 06:34:02 | 001,703,936 | ---- | M] (Ascentive LLC) -- C:\Programme\Ascentive\PC Prima\PCPrima.Exe PRC - [2011.04.28 08:59:58 | 000,220,552 | ---- | M] (Geek Software GmbH) -- C:\Programme\pdf24\pdf24.exe PRC - [2011.01.17 17:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.exe PRC - [2011.01.17 17:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.bin PRC - [2011.01.05 11:59:50 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010.10.29 14:49:28 | 000,249,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe PRC - [2010.09.21 19:37:40 | 000,932,288 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe PRC - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () -- C:\Programme\ICQ6Toolbar\ICQ Service.exe PRC - [2010.04.28 22:28:18 | 003,727,411 | ---- | M] (FreeDownloadManager.ORG) -- C:\Programme\Free Download Manager\fdm.exe PRC - [2010.03.23 13:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) -- C:\Programme\Cisco Systems\VPN Client\cvpnd.exe PRC - [2010.03.17 01:58:44 | 002,162,688 | ---- | M] () -- C:\Programme\Vidalia Bundle\Tor\tor.exe PRC - [2010.02.28 04:45:02 | 005,344,807 | ---- | M] () -- C:\Programme\Vidalia Bundle\Vidalia\vidalia.exe PRC - [2010.02.20 13:15:02 | 000,352,256 | ---- | M] (The Privoxy team - www.privoxy.org) -- C:\Programme\Privoxy\privoxy.exe PRC - [2009.04.14 10:50:26 | 000,487,992 | ---- | M] (Hewlett-Packard) -- C:\Programme\Hewlett-Packard\HP Print View Software\HP Print View Resource Center\HPPrintViewResourceCenter.exe PRC - [2009.02.26 15:12:34 | 000,053,248 | ---- | M] (HP) -- C:\Programme\Hp\ToolboxFX\bin\HPTLBXFX.exe PRC - [2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007.05.08 16:44:58 | 000,036,864 | ---- | M] () -- C:\Programme\Hp\HP UT\bin\hppusg.exe PRC - [2005.11.28 21:09:38 | 000,180,269 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe PRC - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE PRC - [1998.11.10 14:47:30 | 000,019,968 | ---- | M] (TEXTware A/S) -- C:\Programme\TEXTware\HotKey\TWALINK.EXE ========== Modules (No Company Name) ========== MOD - [2011.11.23 19:36:06 | 001,989,592 | ---- | M] () -- C:\Programme\Mozilla Firefox 2\mozjs.dll MOD - [2011.10.15 01:22:58 | 001,712,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\24331b719aa25ac2b21099e32232840c\Microsoft.VisualBasic.ni.dll MOD - [2011.10.15 01:15:13 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\36bf3d5f05a40c9e3cadca5789c8a469\System.Runtime.Remoting.ni.dll MOD - [2011.10.15 01:14:33 | 000,311,296 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\81096bfe85eb0da5f05e8a127ffa43b2\System.Runtime.Serialization.Formatters.Soap.ni.d ll MOD - [2011.10.15 01:14:30 | 001,801,216 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\cc5ac99e8af2738e85cda5525fdd944f\System.Deployment.ni.dll MOD - [2011.10.15 01:14:04 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll MOD - [2011.10.12 21:38:04 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll MOD - [2011.10.12 21:37:37 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll MOD - [2011.10.12 21:36:32 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll MOD - [2011.10.12 21:32:59 | 014,328,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\054488924fcc579cce9fa0209dafe28b\PresentationFramework.ni.dll MOD - [2011.10.12 21:29:59 | 012,215,808 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\b2f0318713eca304eaa9d86fc17edb96\PresentationCore.ni.dll MOD - [2011.10.12 21:29:12 | 003,325,440 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\1adc4ae51a5ac63e896a1402749ca495\WindowsBase.ni.dll MOD - [2011.10.12 21:29:01 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll MOD - [2011.10.12 21:28:33 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll MOD - [2011.09.16 01:05:58 | 000,398,288 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll MOD - [2011.08.28 22:19:12 | 000,093,696 | ---- | M] () -- C:\Programme\FileZilla FTP Client\fzshellext.dll MOD - [2011.07.21 10:09:24 | 000,985,088 | ---- | M] () -- C:\Programme\OpenOffice.org 3\program\libxml2.dll MOD - [2011.05.20 08:08:06 | 000,450,560 | ---- | M] () -- C:\WINDOWS\system32\AscSQLite.dll MOD - [2011.02.02 21:39:56 | 000,008,192 | ---- | M] () -- C:\Programme\Java\jre6\bin\jp2native.dll MOD - [2010.11.21 22:20:28 | 000,010,752 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Interop.hpqusg\3.0.0.0__a53cf5803f4c3827\Interop.hpqusg.dll MOD - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () -- C:\Programme\ICQ6Toolbar\ICQ Service.exe MOD - [2010.06.22 20:32:55 | 005,612,496 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll MOD - [2010.03.23 13:26:48 | 000,201,512 | ---- | M] () -- C:\WINDOWS\system32\vpnapi.dll MOD - [2010.03.17 01:58:44 | 002,162,688 | ---- | M] () -- C:\Programme\Vidalia Bundle\Tor\tor.exe MOD - [2010.03.15 15:57:20 | 000,067,872 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll MOD - [2010.02.28 04:45:02 | 005,344,807 | ---- | M] () -- C:\Programme\Vidalia Bundle\Vidalia\vidalia.exe MOD - [2010.02.22 04:27:20 | 002,740,224 | ---- | M] () -- C:\Programme\Vidalia Bundle\Vidalia\QtCore4.dll MOD - [2010.02.20 13:15:00 | 000,086,528 | ---- | M] () -- C:\Programme\Privoxy\mgwz.dll MOD - [2009.12.21 22:17:34 | 001,060,864 | ---- | M] () -- C:\Programme\Adobe\Reader 9.0\Reader\plug_ins\PPKLITE.DEU MOD - [2009.11.28 08:12:30 | 000,019,763 | ---- | M] () -- C:\Programme\Vidalia Bundle\Vidalia\mingwm10.dll MOD - [2009.10.03 00:48:16 | 000,106,496 | ---- | M] () -- C:\Programme\Adobe\Reader 9.0\Reader\plug_ins\Escript.deu MOD - [2009.10.03 00:45:02 | 000,012,288 | ---- | M] () -- C:\Programme\Adobe\Reader 9.0\Reader\plug_ins\updater.DEU MOD - [2009.09.29 12:55:52 | 011,265,024 | ---- | M] () -- C:\Programme\Vidalia Bundle\Vidalia\QtGui4.dll MOD - [2009.09.29 12:38:26 | 001,395,200 | ---- | M] () -- C:\Programme\Vidalia Bundle\Vidalia\QtNetwork4.dll MOD - [2009.09.29 12:36:12 | 000,510,464 | ---- | M] () -- C:\Programme\Vidalia Bundle\Vidalia\QtXml4.dll MOD - [2009.08.22 00:59:22 | 000,139,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.classic.dll MOD - [2009.02.27 15:42:30 | 000,049,152 | ---- | M] () -- C:\Programme\Adobe\Reader 9.0\Reader\plug_ins\Weblink.DEU MOD - [2009.02.27 15:41:54 | 000,023,552 | ---- | M] () -- C:\Programme\Adobe\Reader 9.0\Reader\plug_ins\SaveAsRTF.DEU MOD - [2009.02.27 15:41:26 | 000,311,296 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\pdfshell.DEU MOD - [2009.02.27 15:40:12 | 001,712,128 | ---- | M] () -- C:\Programme\Adobe\Reader 9.0\Reader\plug_ins\Annots.DEU MOD - [2009.02.27 15:40:10 | 000,274,432 | ---- | M] () -- C:\Programme\Adobe\Reader 9.0\Reader\plug_ins\DigSig.DEU MOD - [2009.02.27 15:39:46 | 000,999,424 | ---- | M] () -- C:\Programme\Adobe\Reader 9.0\Reader\plug_ins\Acroform.DEU MOD - [2009.02.26 15:12:18 | 000,552,960 | ---- | M] () -- C:\Programme\Hp\ToolboxFX\bin\Alerts.dll MOD - [2009.02.26 15:12:18 | 000,102,400 | ---- | M] () -- C:\Programme\Hp\ToolboxFX\bin\HPFaxUtilities.dll MOD - [2009.02.26 15:11:48 | 000,593,920 | ---- | M] () -- C:\Programme\Hp\ToolboxFX\bin\HPAppTools.dll MOD - [2009.02.26 15:11:42 | 000,069,632 | ---- | M] () -- C:\Programme\Hp\ToolboxFX\bin\AppConstants.dll MOD - [2009.02.26 15:11:40 | 000,040,960 | ---- | M] () -- C:\Programme\Hp\ToolboxFX\bin\Enumeration.dll MOD - [2009.02.26 15:11:36 | 000,126,976 | ---- | M] () -- C:\Programme\Hp\ToolboxFX\bin\HPToolkit.dll MOD - [2009.02.26 15:11:32 | 000,069,632 | ---- | M] () -- C:\Programme\Hp\ToolboxFX\bin\HPTools.dll MOD - [2009.02.26 15:10:54 | 000,086,016 | ---- | M] () -- C:\Programme\Hp\ToolboxFX\bin\NativeUtils.dll MOD - [2008.12.30 01:03:26 | 000,098,304 | ---- | M] () -- C:\Programme\Free Download Manager\iefdm2.dll MOD - [2008.04.14 03:22:16 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2007.12.06 04:50:44 | 000,401,408 | ---- | M] () -- C:\Programme\Free Download Manager\FUM\fumcore.dll MOD - [2007.05.08 16:44:58 | 000,114,688 | ---- | M] () -- C:\Programme\Hp\HP UT\bin\HPToolkit.dll MOD - [2007.05.08 16:44:58 | 000,057,344 | ---- | M] () -- C:\Programme\Hp\HP UT\bin\HPUsageTracking.dll MOD - [2007.05.08 16:44:58 | 000,036,864 | ---- | M] () -- C:\Programme\Hp\HP UT\bin\hppusg.exe MOD - [2007.05.08 16:44:58 | 000,036,864 | ---- | M] () -- C:\Programme\Hp\HP UT\bin\Enumeration.dll MOD - [2007.05.08 16:44:44 | 000,065,536 | ---- | M] () -- C:\Programme\Hp\HP UT\bin\HPTools.dll MOD - [2006.10.01 20:02:49 | 000,311,296 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2006.10.01 20:02:44 | 000,385,024 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Deployment.resources.dll MOD - [2000.05.09 10:16:34 | 000,065,536 | ---- | M] () -- C:\WINDOWS\system32\TwaHky32.dll ========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt) SRV - [2011.09.23 17:08:16 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011.09.23 17:01:05 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.01.05 11:59:50 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () [Auto | Running] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service) SRV - [2010.03.23 13:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Programme\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND) SRV - [2006.10.26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2006.07.29 21:33:19 | 000,072,704 | ---- | M] (Adobe Systems) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service) SRV - [2005.11.01 12:23:50 | 000,114,784 | ---- | M] () [Disabled | Stopped] -- C:\Programme\CyberLink\PowerCinema\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS) SRV - [2005.11.01 12:23:48 | 000,266,338 | ---- | M] () [Disabled | Stopped] -- C:\Programme\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS) SRV - [2005.11.01 12:23:24 | 001,081,344 | ---- | M] (Cyberlink) [Disabled | Stopped] -- C:\Programme\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe -- (CyberLink Media Library Service) SRV - [2005.04.04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM) ========== Driver Services (SafeList) ========== DRV - [2011.09.18 07:39:27 | 000,134,344 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2011.09.15 22:55:04 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr) DRV - [2011.09.15 22:55:03 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2010.06.17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010.03.23 13:15:36 | 000,308,859 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA) DRV - [2010.02.11 08:38:10 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2010.01.28 15:12:02 | 000,095,232 | R--- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2008.11.16 18:39:44 | 000,131,984 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE) DRV - [2008.04.13 19:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2008.04.13 19:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE) DRV - [2007.11.14 19:05:16 | 000,394,952 | ---- | M] (Zone Labs, LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant) DRV - [2007.07.16 22:29:33 | 000,017,432 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hpfxbulk.sys -- (HPFXBULK) DRV - [2007.06.24 14:07:30 | 000,611,064 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2007.01.18 20:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA) DRV - [2007.01.09 16:59:50 | 000,507,136 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SPC220NC.SYS -- (SPC220NC) DRV - [2005.11.03 15:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x) DRV - [2005.10.19 16:53:32 | 000,787,840 | R--- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PhilCap.sys -- (PhilCap) DRV - [2005.09.30 14:14:08 | 000,078,336 | R--- | M] (DVB-TV Provide) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\878BDA.sys -- (878BDA) DRV - [2005.09.23 17:56:28 | 003,966,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2005.08.10 13:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x) DRV - [2005.06.20 08:12:00 | 000,215,040 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sis163u.sys -- (SIS163u) DRV - [2005.05.16 14:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x) DRV - [2005.01.07 17:07:16 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService) DRV - [2004.08.04 13:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2004.08.04 13:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) DRV - [2004.08.04 02:08:36 | 000,013,824 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinmdxx.sys -- (MVDCODEC) DRV - [2004.08.04 02:08:30 | 000,105,984 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinrvxx.sys -- (atinrvxx) DRV - [2003.02.19 14:04:38 | 000,041,344 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie IE - HKLM\..\URLSearchHook: - No CLSID value found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = hxxp://google.icq.com/search/search_frame.php IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = hxxp://google.icq.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKCU\..\URLSearchHook: - No CLSID value found IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:58364 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2240: C:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2298: C:\Programme\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1348: C:\Programme\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll () FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Programme\Mozilla Firefox 2\components [2011.11.23 19:36:13 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox 2\plugins [2011.05.14 16:09:15 | 000,000,000 | ---D | M] [2008.10.15 23:13:30 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions [2011.10.04 21:26:40 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\ajdqdk7h.default\extensions [2010.11.30 18:00:38 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\ajdqdk7h.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2005.11.23 19:52:17 | 000,000,000 | ---D | M] (Firefox (default)) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\ajdqdk7h.default\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2011.10.04 21:26:40 | 000,000,000 | ---D | M] (Facemoods) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\ajdqdk7h.default\extensions\ffxtlbr@Facemoods.com [2011.11.29 16:35:43 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\ocmzychx.Standard-Benutzer\extensions [2010.07.13 08:56:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\ocmzychx.Standard-Benutzer\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.11.20 13:18:01 | 000,000,000 | ---D | M] (EPUBReader) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\ocmzychx.Standard-Benutzer\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2011.11.29 16:35:43 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\ocmzychx.Standard-Benutzer\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2011.11.11 08:12:45 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\ocmzychx.Standard-Benutzer\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010.10.02 15:40:44 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\ocmzychx.Standard-Benutzer\extensions\vshare@toolbar [2009.06.22 16:08:56 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2008.07.01 17:51:41 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2011.10.04 21:26:46 | 000,002,048 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\fcmdSrch.xml ========== Chrome ========== CHR - default_search_provider: () CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = O1 HOSTS File: ([2011.02.12 12:54:22 | 000,000,542 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 27.195.49.225 perspeak.avira-update.com O1 - Hosts: 137.100.165.192 personal.nl.avira-update.com O1 - Hosts: 212.225.142.151 profpeak.avira-update.com O1 - Hosts: 189.53.10.239 professional.nl.avira-update.com O1 - Hosts: 11.44.241.74 prempeak.avira-update.com O1 - Hosts: 202.166.51.225 premium.nl.avira-update.com O1 - Hosts: 229.218.186.62 personal.avira-update.com O1 - Hosts: 185.11.69.119 professional.avira-update.com O1 - Hosts: 167.47.212.153 premium.avira-update.com O1 - Hosts: 47.214.46.4 perspeak.avira-update.com O1 - Hosts: 155.194.238.70 profpeak.avira-update.com O1 - Hosts: 186.148.192.64 prempeak.avira-update.com O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - No CLSID value found. O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Programme\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll (facemoods.com BHO) O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll (Google Inc.) O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Programme\Free Download Manager\iefdm2.dll () O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Programme\FlashGet\getflash.dll (www.flashget.com) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Programme\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll (facemoods.com) O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [facemoods] C:\Programme\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe (facemoods.com) O4 - HKLM..\Run: [HPPQVideo] "C:\Programme\HP\ScheduledLaunch\HP Color LaserJet CP1510 Series\bin\hppschlnch.exe" -r SOFTWARE\Hewlett-Packard\ScheduledLaunch\CLJ_CP1510_Series -f PQOptimizerVideo.xml -o remindLater File not found O4 - HKLM..\Run: [HPUsageTracking] C:\Programme\HP\HP UT\bin\hppusg.exe () O4 - HKLM..\Run: [PDFPrint] C:\Programme\pdf24\pdf24.exe (Geek Software GmbH) O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [ToolBoxFX] C:\Programme\HP\ToolBoxFX\bin\HPTLBXFX.exe (HP) O4 - HKLM..\Run: [Verknüpfung mit der High Definition Audio-Eigenschaftenseite] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider) O4 - HKCU..\Run: [Free Download Manager] C:\Programme\Free Download Manager\fdm.exe (FreeDownloadManager.ORG) O4 - HKCU..\Run: [PC Prima] C:\Programme\Ascentive\PC Prima\PCPrima.exe (Ascentive LLC) O4 - HKCU..\Run: [Vidalia] C:\Programme\Vidalia Bundle\Vidalia\vidalia.exe () O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HotKey.lnk = C:\Programme\TEXTware\HotKey\TWALINK.EXE (TEXTware A/S) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Privoxy.lnk = C:\Programme\Privoxy\privoxy.exe (The Privoxy team - www.privoxy.org) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\VPN Client.lnk = C:\WINDOWS\Installer\{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}\Icon3E5562ED7.ico () O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\HP Print View Resource Center.lnk = C:\Programme\Hewlett-Packard\HP Print View Software\HP Print View Resource Center\HPPrintViewResourceCenter.exe (Hewlett-Packard) O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: &Alles mit FlashGet laden - C:\Programme\FlashGet\JC_ALL.HTM () O8 - Extra context menu item: &Download by Arles Download Manager - C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Ariel Download Manager\DownloadManager.htm () O8 - Extra context menu item: &Mit FlashGet laden - C:\Programme\FlashGet\JC_LINK.HTM () O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Programme\Free Download Manager\dlall.htm () O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Programme\Free Download Manager\dlselected.htm () O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Programme\Free Download Manager\dllink.htm () O8 - Extra context menu item: Google Sidewiki... - res://C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Programme\Free Download Manager\dlfvideo.htm () O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9B85D86F-3946-4B98-A2C1-7FE9DA3300CC}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ABA4E0B8-793B-42ED-9D4C-44D03FEA91AA}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2005.11.07 17:51:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009.12.20 12:36:08 | 000,000,000 | ---D | M] - C:\Autoruns -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML) ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.2 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906) ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offlinebrowsingpaket ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer-Hilfe ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7 ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - Windows Messenger 5.1 ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsererweiterungen ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - Zugang zu MSN Site ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML-Datenbindung ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider ActiveX: {A6E6B552-B569-6152-BB06-FC71C667CA7B} - DirectX ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer-Hauptschriftarten ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML-Hilfe ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {EFCE7BE0-510E-4932-9475-F44CD90DE16A} - Microsoft .NET Framework 1.1 Security Update (KB2572067) ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - Services: "CLSched" MsConfig - Services: "CyberLink Media Library Service" MsConfig - Services: "CLCapSvc" MsConfig - Services: "iPodService" MsConfig - Services: "ISSVC" MsConfig - Services: "RichVideo" MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Reader - Schnellstart.lnk - - File not found MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Office-Bibliothek-Direktsuche.lnk - C:\Programme\Office-Bibliothek\PCLib.exe - () MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^TrayMin220.lnk - C:\Programme\Philips\Philips SPC220NC Webcam\TrayMin220.exe - () MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^***^Startmenü^Programme^Autostart^Adobe Gamma.lnk - C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe - (Adobe Systems, Inc.) MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^***^Startmenü^Programme^Autostart^Dropbox.lnk - C:\Dokumente und Einstellungen\***\Anwendungsdaten\Dropbox\bin\Dropbox.exe - () MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^***^Startmenü^Programme^Autostart^Microsoft.exe - - File not found MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^***^Startmenü^Programme^Autostart^PowerReg Scheduler.exe - - File not found MsConfig - StartUpReg: AIM - hkey= - key= - File not found MsConfig - StartUpReg: Babylon Client - hkey= - key= - C:\Programme\Babylon\Babylon-Pro\Babylon.exe (Babylon Ltd.) MsConfig - StartUpReg: CTFMON.EXE - hkey= - key= - File not found MsConfig - StartUpReg: E07DXLRD_14546890 - hkey= - key= - C:\Programme\Microsoft Encarta\Encarta 2007 - Enzyklopaedie DVD\EDICT.EXE (Microsoft Corporation) MsConfig - StartUpReg: E07DXLRD_663703 - hkey= - key= - C:\Programme\Microsoft Encarta\Encarta 2007 - Enzyklopaedie DVD\EDICT.EXE (Microsoft Corporation) MsConfig - StartUpReg: Flashget - hkey= - key= - C:\Programme\FlashGet\FlashGet.exe (FlashGet.com) MsConfig - StartUpReg: ISTray - hkey= - key= - File not found MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Programme\iTunes\iTunesHelper.exe (Apple Inc.) MsConfig - StartUpReg: Monitor - hkey= - key= - C:\WINDOWS\Philips\SPC220NC\Monitor.exe (PixArt Imaging Incorporation) MsConfig - StartUpReg: MSMSGS - hkey= - key= - C:\Programme\Messenger\msmsgs.exe (Microsoft Corporation) MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - File not found MsConfig - StartUpReg: PCMService - hkey= - key= - C:\Programme\CyberLink\PowerCinema\PCMService.exe (CyberLink Corp.) MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Programme\QuickTime\qttask.exe (Apple Inc.) MsConfig - StartUpReg: RemoteControl - hkey= - key= - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.) MsConfig - StartUpReg: Shareaza - hkey= - key= - C:\Programme\Shareaza\Shareaza.exe (Shareaza Development Team) MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - File not found MsConfig - StartUpReg: swg - hkey= - key= - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) MsConfig - StartUpReg: TkBellExe - hkey= - key= - C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.) MsConfig - StartUpReg: updateMgr - hkey= - key= - File not found MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 2 MsConfig - State: "startup" - 2 CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011.12.02 23:56:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Desktop\Finanzkrise 1930 [2011.11.21 22:51:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Desktop\Tutorium [2011.11.21 21:47:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Desktop\Bewerbungsunterlagen [2011.11.20 14:34:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Startmenü\Programme\PDF Blender [2011.11.20 14:34:54 | 000,000,000 | ---D | C] -- C:\Programme\PDF Blender [6 C:\Dokumente und Einstellungen\***\Desktop\*.tmp files -> C:\Dokumente und Einstellungen\***\Desktop\*.tmp -> ] [5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [133 C:\Dokumente und Einstellungen\***\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\***\Eigene Dateien\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.12.18 20:29:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011.12.18 15:37:20 | 000,000,134 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Dissertation.pdf (applicationpdf-Objekt).URL [2011.12.18 02:29:01 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011.12.18 01:53:48 | 000,001,345 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\HP Print View Resource Center.lnk [2011.12.18 01:52:24 | 000,002,423 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\VPN Client.lnk [2011.12.18 01:50:37 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011.12.17 20:27:01 | 000,000,257 | ---- | M] () -- C:\WINDOWS\TEXTWARE.INI [2011.12.17 19:27:46 | 000,000,100 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\RC2003_Hattie_TeachersMakeADifference.pdf (applicationpdf-Objekt).URL [2011.12.17 10:02:46 | 000,000,156 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Visible Learning A synthesis of over 800 meta-analyses relating to achievement - Preview.URL [2011.12.16 23:21:51 | 000,000,098 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\5982RR_InstructionMeta_Analysis.pdf (applicationpdf-Objekt).URL [2011.12.15 22:33:23 | 000,499,440 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011.12.15 21:32:14 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011.12.13 00:41:43 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2011.12.11 21:10:19 | 000,759,339 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Amity Intern Application.pdf [2011.12.11 00:15:04 | 000,000,079 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\SpringerLink - Abstract.URL [2011.12.11 00:09:21 | 000,000,121 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\2.-thementreffen-referat-prof.-dr.-evelyne-wannack (applicationpdf-Objekt).URL [2011.12.09 22:35:26 | 000,000,106 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Cottbus26.9.pdf (applicationpdf-Objekt).URL [2011.12.09 21:33:03 | 000,000,114 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\ArtikelVortraege zum downloaden.URL [2011.12.09 19:37:53 | 000,000,119 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Unterricht_GEW_Bielefeld.pdf (applicationpdf-Objekt).URL [2011.12.09 07:28:03 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2011.12.08 04:56:14 | 000,110,684 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Bewerbungsbogen.pdf [2011.12.07 20:39:04 | 000,183,808 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.12.05 23:06:52 | 000,000,068 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\CogLing.pdf (applicationpdf-Objekt).URL [2011.12.04 16:03:16 | 000,000,126 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\ReferatMassenpsychologie_14042005.pdf (applicationpdf-Objekt).URL [2011.12.04 01:08:05 | 000,000,063 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Die Psychoanalyse von Sigmund Freud.URL [2011.12.03 23:09:10 | 000,000,062 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\psa-kd Was ist Psychoanalyse.URL [2011.12.02 22:54:09 | 000,000,143 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Frontalunterricht Wellenreuther.pdf (applicationpdf-Objekt).URL [2011.12.01 11:12:01 | 000,108,913 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\D-A_1-BB-FSA-Bewerbungsbogen_1213_Version_1.pdf [2011.11.30 17:20:06 | 000,000,427 | ---- | M] () -- C:\WINDOWS\WINWORD6.INI [2011.11.30 01:58:55 | 000,000,556 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Google-Ergebnis für httpwww.kieferorthopaedie-sinko.atuploadspicsherausnehmbare_zahnspange_13.jpg.URL [2011.11.30 00:04:04 | 000,000,172 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\5_Rez_Konzepte_der_Politik_in_ZPol_4588_2010.pdf (applicationpdf-Objekt).URL [2011.11.29 23:39:58 | 000,000,066 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Call for Papers — JSSE.URL [2011.11.26 01:49:18 | 000,009,220 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2011.11.21 21:18:09 | 000,262,145 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Allgemeine Hochschulreife.pdf [2011.11.21 10:45:16 | 000,803,300 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011.11.21 10:45:15 | 000,878,544 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2011.11.21 10:45:15 | 000,246,316 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2011.11.21 10:45:15 | 000,209,576 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011.11.20 14:34:56 | 000,000,691 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\PDF Blender.lnk [2011.11.20 01:38:02 | 000,000,069 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Platon.pdf (applicationpdf-Objekt).URL [6 C:\Dokumente und Einstellungen\***\Desktop\*.tmp files -> C:\Dokumente und Einstellungen\***\Desktop\*.tmp -> ] [5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [133 C:\Dokumente und Einstellungen\***\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\***\Eigene Dateien\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.12.18 15:37:20 | 000,000,134 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Dissertation.pdf (applicationpdf-Objekt).URL [2011.12.17 19:27:46 | 000,000,100 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\RC2003_Hattie_TeachersMakeADifference.pdf (applicationpdf-Objekt).URL [2011.12.17 10:02:46 | 000,000,156 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Visible Learning A synthesis of over 800 meta-analyses relating to achievement - Preview.URL [2011.12.16 23:21:51 | 000,000,098 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\5982RR_InstructionMeta_Analysis.pdf (applicationpdf-Objekt).URL [2011.12.11 21:04:50 | 000,759,339 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Amity Intern Application.pdf [2011.12.11 00:15:04 | 000,000,079 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\SpringerLink - Abstract.URL [2011.12.11 00:09:21 | 000,000,121 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\2.-thementreffen-referat-prof.-dr.-evelyne-wannack (applicationpdf-Objekt).URL [2011.12.09 22:35:26 | 000,000,106 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Cottbus26.9.pdf (applicationpdf-Objekt).URL [2011.12.09 21:33:03 | 000,000,114 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\ArtikelVortraege zum downloaden.URL [2011.12.09 19:28:18 | 000,000,119 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Unterricht_GEW_Bielefeld.pdf (applicationpdf-Objekt).URL [2011.12.05 23:06:52 | 000,000,068 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\CogLing.pdf (applicationpdf-Objekt).URL [2011.12.04 16:03:16 | 000,000,126 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\ReferatMassenpsychologie_14042005.pdf (applicationpdf-Objekt).URL [2011.12.04 01:08:05 | 000,000,063 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Die Psychoanalyse von Sigmund Freud.URL [2011.12.03 23:09:10 | 000,000,062 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\psa-kd Was ist Psychoanalyse.URL [2011.12.02 22:54:09 | 000,000,143 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Frontalunterricht Wellenreuther.pdf (applicationpdf-Objekt).URL [2011.12.01 13:07:10 | 000,110,684 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Bewerbungsbogen.pdf [2011.11.30 01:58:55 | 000,000,556 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Google-Ergebnis für httpwww.kieferorthopaedie-sinko.atuploadspicsherausnehmbare_zahnspange_13.jpg.URL [2011.11.30 00:04:04 | 000,000,172 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\5_Rez_Konzepte_der_Politik_in_ZPol_4588_2010.pdf (applicationpdf-Objekt).URL [2011.11.29 23:39:58 | 000,000,066 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Call for Papers — JSSE.URL [2011.11.21 21:18:09 | 000,262,145 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Allgemeine Hochschulreife.pdf [2011.11.20 14:34:56 | 000,000,691 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\PDF Blender.lnk [2011.11.20 01:38:02 | 000,000,069 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Platon.pdf (applicationpdf-Objekt).URL [2011.07.27 00:33:37 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll [2011.07.27 00:31:29 | 000,017,394 | ---- | C] () -- C:\WINDOWS\DIIUnin.dat [2011.05.20 08:08:06 | 000,450,560 | ---- | C] () -- C:\WINDOWS\System32\AscSQLite.dll [2011.05.12 21:24:44 | 000,540,392 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat [2011.04.14 20:08:44 | 000,000,206 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI [2011.02.12 12:49:11 | 000,030,684 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\6966.5F0 [2010.12.19 01:36:54 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe [2010.11.21 22:21:53 | 000,169,557 | ---- | C] () -- C:\WINDOWS\hppins09.dat.temp [2010.11.21 22:07:11 | 000,000,355 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini [2010.11.21 22:06:10 | 000,168,159 | ---- | C] () -- C:\WINDOWS\hppins09.dat [2010.11.21 22:06:10 | 000,004,144 | ---- | C] () -- C:\WINDOWS\hppmdl09.dat [2010.11.21 21:01:22 | 000,000,621 | ---- | C] () -- C:\WINDOWS\System32\hppapr09.dat [2010.11.21 20:35:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\HPMProp.INI [2010.11.18 19:13:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin [2010.11.18 19:13:26 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat [2010.11.18 19:13:26 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat [2010.11.18 19:13:13 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe [2010.11.18 19:13:06 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe [2010.08.23 00:49:06 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TwaHky32.dll [2010.08.23 00:49:06 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\WIN32CMI.DLL [2010.08.23 00:46:54 | 000,000,427 | ---- | C] () -- C:\WINDOWS\WINWORD6.INI [2010.08.16 17:01:28 | 000,000,257 | ---- | C] () -- C:\WINDOWS\TEXTWARE.INI [2010.08.02 02:39:01 | 000,006,907 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\.freeciv-client-rc-2.2 [2010.06.24 01:27:47 | 000,000,118 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\kpref [2010.03.23 13:26:48 | 000,201,512 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll [2010.03.23 13:17:40 | 000,197,416 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll [2009.12.27 00:51:48 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe [2009.12.27 00:51:48 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2009.12.27 00:51:48 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2009.12.27 00:51:48 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe [2009.12.27 00:51:48 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2009.12.20 15:35:23 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll.old [2009.03.06 22:56:29 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\$_hpcst$.hpc [2009.01.25 01:07:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI [2008.09.21 13:47:47 | 000,000,432 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI [2008.09.21 13:47:47 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\BD2030.DAT [2008.08.10 20:00:37 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2008.08.04 11:59:17 | 000,000,518 | ---- | C] () -- C:\WINDOWS\System32\SPC220NC.INI [2008.06.28 15:09:01 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll [2008.06.06 15:31:37 | 000,000,145 | ---- | C] () -- C:\WINDOWS\NLB.INI [2008.05.02 08:06:58 | 000,136,448 | ---- | C] () -- C:\WINDOWS\RMTOOLS.DLL [2007.11.17 22:28:03 | 000,394,240 | ---- | C] () -- C:\WINDOWS\System32\Smab.dll [2007.11.17 22:28:02 | 000,502,784 | ---- | C] () -- C:\WINDOWS\x2.64.exe [2007.11.17 22:28:02 | 000,240,128 | ---- | C] () -- C:\WINDOWS\System32\x.264.exe [2007.11.17 22:28:02 | 000,217,073 | ---- | C] () -- C:\WINDOWS\meta4.exe [2007.11.17 22:28:02 | 000,066,560 | ---- | C] () -- C:\WINDOWS\MOTA113.exe [2007.11.17 22:28:02 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll [2007.08.23 12:54:16 | 000,293,712 | ---- | C] () -- C:\WINDOWS\System32\Tbsql03.dll [2007.08.23 12:54:16 | 000,246,368 | ---- | C] () -- C:\WINDOWS\System32\Tbqry03.dll [2007.08.23 12:54:16 | 000,145,696 | ---- | C] () -- C:\WINDOWS\System32\Tblib.dll [2007.08.23 12:54:16 | 000,090,688 | ---- | C] () -- C:\WINDOWS\System32\Tbutl03.dll [2007.08.23 12:54:16 | 000,014,512 | ---- | C] () -- C:\WINDOWS\System32\Tbgui03.dll [2007.08.23 12:54:16 | 000,005,488 | ---- | C] () -- C:\WINDOWS\System32\Tbmds03.dll [2007.06.24 14:24:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\editor.INI [2007.06.23 14:08:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat [2007.06.02 17:46:38 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\asutl8.dll [2007.04.15 19:46:57 | 000,000,032 | ---- | C] () -- C:\WINDOWS\autostart.INI [2007.01.20 15:54:32 | 000,000,380 | -H-- | C] () -- C:\WINDOWS\WINRDPDN40.SYS [2007.01.20 15:47:36 | 000,000,380 | -H-- | C] () -- C:\WINDOWS\WINRDP40.SYS [2006.12.27 23:26:29 | 000,000,019 | ---- | C] () -- C:\WINDOWS\rrver.ini [2006.12.17 19:47:09 | 000,000,356 | ---- | C] () -- C:\WINDOWS\pdf2word.INI [2006.07.23 09:54:37 | 000,000,032 | ---- | C] () -- C:\WINDOWS\wininit.ini [2006.04.29 21:42:12 | 000,000,032 | ---- | C] () -- C:\WINDOWS\AMPlayer.INI [2006.04.22 23:57:06 | 000,001,763 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache [2006.04.19 20:42:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2006.04.16 23:39:20 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat [2006.03.31 21:50:42 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll [2006.03.31 13:51:28 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\Hooks.dll [2005.12.11 23:30:09 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\TXTUSER.EXE [2005.12.07 19:21:32 | 000,000,422 | ---- | C] () -- C:\WINDOWS\bobdown.ini [2005.12.07 19:18:17 | 000,960,512 | ---- | C] () -- C:\WINDOWS\System32\Vorbis.dll [2005.12.07 19:18:17 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll [2005.12.07 19:18:17 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\ViscomID3.dll [2005.12.07 19:18:17 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\ViscomAudioCD.dll [2005.12.07 19:18:17 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\tagWriter.dll [2005.11.28 21:17:56 | 000,000,348 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2005.11.27 21:21:09 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2005.11.25 20:23:50 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll [2005.11.25 20:23:50 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll [2005.11.24 06:58:43 | 000,183,808 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2005.11.23 19:52:13 | 000,099,970 | ---- | C] () -- C:\WINDOWS\UninstallFirefox.exe [2005.11.23 19:51:55 | 000,003,663 | ---- | C] () -- C:\WINDOWS\mozver.dat [2005.11.22 21:18:12 | 000,042,840 | ---- | C] () -- C:\WINDOWS\System32\compare.dat [2005.11.22 21:17:52 | 000,000,146 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat [2005.11.07 19:06:48 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2005.11.07 18:41:00 | 000,001,412 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2005.11.07 18:39:39 | 000,009,220 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2005.11.07 18:39:10 | 000,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll [2005.11.07 18:33:28 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [2005.11.07 18:31:42 | 000,002,856 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini [2005.11.07 18:20:19 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini [2005.11.07 18:11:46 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2005.11.07 17:53:50 | 000,000,778 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2005.11.07 17:52:37 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2005.11.07 17:49:33 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2005.11.07 17:48:35 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini [2005.11.07 17:45:16 | 000,004,312 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2005.11.07 17:44:37 | 000,499,440 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2005.11.07 09:49:35 | 000,000,180 | ---- | C] () -- C:\WINDOWS\Option.ini [2005.11.07 09:45:10 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\unwlsdrv.exe [2005.11.07 09:45:06 | 000,003,072 | R--- | C] () -- C:\WINDOWS\System32\716xCoInstaller.dll [2005.11.07 09:44:36 | 000,189,051 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2005.11.07 09:38:01 | 000,878,544 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat [2005.11.07 09:38:01 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat [2005.11.07 09:38:01 | 000,246,316 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat [2005.11.07 09:38:01 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat [2005.11.07 09:37:55 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\NSREG.DLL [2005.11.07 09:37:52 | 000,803,300 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2005.11.07 09:37:52 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2005.11.07 09:37:52 | 000,209,576 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2005.11.07 09:37:52 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2005.11.07 09:37:52 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2005.11.07 09:37:50 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2005.11.07 09:37:50 | 000,004,643 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2005.11.07 09:37:49 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2005.11.07 09:37:47 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2005.11.07 09:37:47 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2005.11.07 09:37:43 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2005.11.07 09:37:41 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2001.07.07 04:00:00 | 000,003,254 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI [1999.07.29 17:27:10 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll ========== LOP Check ========== [2007.05.04 20:51:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Advanced Chemistry Development [2009.12.20 15:13:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Babylon [2007.10.02 17:17:16 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ [2008.03.23 10:39:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Catalog.LiveSubscribeSymantec [2010.07.31 02:50:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FreeDownloadManager.ORG [2010.11.30 18:00:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ [2005.11.07 18:37:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX [2010.09.20 21:53:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MGS [2010.05.06 16:20:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Storm [2005.11.23 15:33:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-Online [2005.11.23 15:21:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-Online_ZusatzSoftware [2010.06.24 00:51:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP [2009.06.29 19:37:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint [2011.02.12 05:30:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2010.08.02 01:55:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\.freeciv [2009.06.29 19:38:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\acccore [2006.03.17 20:20:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Aim [2007.06.02 17:52:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Anvil Studio [2008.12.27 17:38:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Babylon [2011.12.01 00:28:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Canon [2007.08.21 23:35:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\capella-software [2011.10.22 01:37:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\DL [2009.12.20 12:10:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Dropbox [2010.03.04 11:48:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Exif Viewer [2011.10.05 02:27:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\facemoods.com [2011.12.12 21:20:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\FileZilla [2007.10.20 15:51:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\flightgear.org [2011.09.30 00:59:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\foobar2000 [2011.12.18 20:33:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Free Download Manager [2006.07.05 15:58:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\funkitron [2007.05.29 08:35:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\hidires(2) [2011.12.10 18:13:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\ICQ [2007.02.26 22:09:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\ICQ Toolbar [2006.05.13 08:27:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\ICQLite [2007.05.11 19:20:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\KlipFolio [2011.08.29 16:25:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\kompozer.net [2011.11.30 19:08:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Microgaming [2006.07.07 14:42:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\My Games [2008.01.03 22:55:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\NCH Swift Sound [2011.07.21 10:11:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\OpenOffice.org [2009.06.16 16:42:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\QIP [2007.02.25 15:34:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Shareaza [2007.03.17 19:03:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\SmartDraw [2005.11.23 15:22:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\T-Online [2009.12.20 15:32:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Uniblue ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2011.08.12 00:58:16 | 000,000,000 | ---D | M] -- C:\2 [2010.12.19 01:32:36 | 000,000,000 | ---D | M] -- C:\ATI [2009.11.01 19:30:20 | 000,000,000 | ---D | M] -- C:\AudioSuite [2009.12.20 12:36:08 | 000,000,000 | ---D | M] -- C:\Autoruns [2005.11.24 23:08:34 | 000,000,000 | ---D | M] -- C:\BJPrinter [2010.03.01 17:05:33 | 000,000,000 | ---D | M] -- C:\Bluebyte [2008.05.04 11:43:05 | 000,000,000 | ---D | M] -- C:\Capitalism II [2010.06.27 18:55:14 | 000,000,000 | ---D | M] -- C:\Casino [2009.12.27 01:19:25 | 000,000,000 | RHSD | M] -- C:\cmdcons [2009.12.27 01:17:02 | 000,000,000 | ---D | M] -- C:\Cofi [2009.12.28 15:23:49 | 000,000,000 | ---D | M] -- C:\Cofi20873C [2010.03.23 13:55:24 | 000,000,000 | ---D | M] -- C:\cofi29451c [2011.12.17 12:12:31 | 000,000,000 | -H-D | M] -- C:\Config.Msi [2009.04.06 18:28:14 | 000,000,000 | ---D | M] -- C:\D [2007.01.10 00:54:09 | 000,000,000 | ---D | M] -- C:\digibib3 [2009.08.08 17:39:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen [2011.03.10 20:46:06 | 000,000,000 | ---D | M] -- C:\Downloads [2010.11.21 20:31:36 | 000,000,000 | ---D | M] -- C:\HP Universal Print Driver PCL5 v5.1.1.8283 [2010.11.21 21:00:20 | 000,000,000 | ---D | M] -- C:\HP_CP1510_Default_Install_4.0 [2010.11.21 21:23:29 | 000,000,000 | ---D | M] -- C:\HP_CP1510_full_solution_v4.0 [2010.11.21 20:42:45 | 000,000,000 | ---D | M] -- C:\HP_CP1510_win32_PS_add_printer_package_v61.072.52.00 [2008.05.02 00:23:47 | 000,000,000 | ---D | M] -- C:\Imperialismus [2010.08.01 04:59:50 | 000,000,000 | ---D | M] -- C:\INSTALL [2008.11.21 23:35:58 | 000,000,000 | ---D | M] -- C:\Klett Werkstatt [2010.01.24 21:04:07 | 000,000,000 | ---D | M] -- C:\Longman iBT Prep 2.0 [2009.12.26 22:36:01 | 000,000,000 | ---D | M] -- C:\Lop SD [2011.04.06 18:14:01 | 000,000,000 | -H-D | M] -- C:\Masher1.rar [2008.05.02 08:06:57 | 000,000,000 | ---D | M] -- C:\MAXIS [2011.10.23 22:51:05 | 000,000,000 | ---D | M] -- C:\OALD6 [2006.06.01 05:52:43 | 000,000,000 | ---D | M] -- C:\pc-bib [2007.11.17 22:28:01 | 000,000,000 | ---D | M] -- C:\Program Files [2011.11.20 14:34:54 | 000,000,000 | ---D | M] -- C:\Programme [2008.03.16 23:11:06 | 000,000,000 | ---D | M] -- C:\PSFONTS [2010.03.23 13:55:22 | 000,000,000 | ---D | M] -- C:\Qoobox [2010.03.24 13:49:39 | 000,000,000 | -HSD | M] -- C:\RECYCLER [2010.08.01 04:30:25 | 000,000,000 | ---D | M] -- C:\RedAlert1_AlliedDisc [2010.08.01 04:43:36 | 000,000,000 | ---D | M] -- C:\RedAlert1_SovietDisc [2010.03.04 16:56:48 | 000,000,000 | ---D | M] -- C:\rsit [2008.03.17 00:01:33 | 000,000,000 | ---D | M] -- C:\RTL Playtainment [2004.11.02 10:18:16 | 000,000,000 | ---D | M] -- C:\Settlers2gold [2011.08.12 00:56:11 | 000,000,000 | ---D | M] -- C:\SIMCITY [2009.12.22 22:44:28 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2006.01.15 20:35:44 | 000,000,000 | ---D | M] -- C:\Temp [2010.01.08 00:12:24 | 000,000,000 | ---D | M] -- C:\toefl [2011.08.11 23:57:36 | 000,000,000 | ---D | M] -- C:\Westwood [2011.12.15 22:44:02 | 000,000,000 | ---D | M] -- C:\WINDOWS < %PROGRAMFILES%\*.exe > Invalid Environment Variable: LOCALAPPDATA < %systemroot%\*. /mp /s > < %systemroot%\system32\*.manifest /3 > [5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < MD5 for: AFD.SYS > [2011.08.17 14:49:54 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=1E44BC1E83D8FD2305F8D452DB109CF9 -- C:\WINDOWS\system32\dllcache\afd.sys [2011.08.17 14:49:54 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=1E44BC1E83D8FD2305F8D452DB109CF9 -- C:\WINDOWS\system32\drivers\afd.sys [2008.04.13 20:19:23 | 000,138,112 | ---- | M] (Microsoft Corporation) MD5=322D0E36693D6E24A2398BEE62A268CD -- C:\WINDOWS\$NtUninstallKB951748$\afd.sys [2008.04.13 20:19:23 | 000,138,112 | ---- | M] (Microsoft Corporation) MD5=322D0E36693D6E24A2398BEE62A268CD -- C:\WINDOWS\ServicePackFiles\i386\afd.sys [2011.02.16 14:22:48 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=355556D9E580915118CD7EF736653A89 -- C:\WINDOWS\$NtUninstallKB2592799$\afd.sys [2008.10.16 16:07:58 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=38D7B715504DA4741DF35E3594FE2099 -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\afd.sys [2008.08.14 11:34:26 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=4D43E74F2A1239D53929B82600F1971C -- C:\WINDOWS\$hf_mig$\KB956803\SP3QFE\afd.sys [2004.08.04 13:00:00 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=5AC495F4CB807B2B98AD2AD591E6D92E -- C:\WINDOWS\$NtUninstallKB951748_0$\afd.sys [2008.08.14 10:48:52 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=6A0397376853E604DE8E1E7A87FC08AC -- C:\WINDOWS\$NtServicePackUninstall$\afd.sys [2008.10.16 15:43:01 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=7618D5218F2A614672EC61A80D854A37 -- C:\WINDOWS\$NtUninstallKB2503665$\afd.sys [2008.08.14 11:04:36 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=7E775010EF291DA96AD17CA4B17137D7 -- C:\WINDOWS\$hf_mig$\KB956803\SP3GDR\afd.sys [2008.08.14 11:04:36 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=7E775010EF291DA96AD17CA4B17137D7 -- C:\WINDOWS\$NtUninstallKB2509553$\afd.sys [2011.02.16 14:25:05 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=8D499B1276012EB907E7A9E0F4D8FDA4 -- C:\WINDOWS\$hf_mig$\KB2503665\SP3QFE\afd.sys [2008.06.20 12:48:03 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=D6EE6014241D034E63C49A50CB2B442A -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\afd.sys [2008.06.20 11:44:08 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=D99DDFFB33DEACDCF20717CB520379F6 -- C:\WINDOWS\$NtUninstallKB956803_0$\afd.sys [2008.06.20 12:40:08 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=E3049B90FE06F3F740B7CFDA44995E2C -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\afd.sys [2008.06.20 12:40:08 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=E3049B90FE06F3F740B7CFDA44995E2C -- C:\WINDOWS\$NtUninstallKB956803$\afd.sys [2011.08.17 14:41:46 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=F6B7B1ECD7B41736BDB6FF4B092BCB79 -- C:\WINDOWS\$hf_mig$\KB2592799\SP3QFE\afd.sys < MD5 for: EXPLORER.EXE > [2004.08.04 13:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=22FE1BE02EADDE1632E478E4125639E0 -- C:\WINDOWS\$NtUninstallKB884883$\explorer.exe [2007.06.13 14:10:08 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=331ED93570BAF3CFE30340298762CD56 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe [2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\ERDNT\cache\explorer.exe [2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe [2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe [2005.04.07 19:46:59 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=64322E8399B205B7281FF883737A9B03 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe < MD5 for: IPSEC.SYS > [2008.04.13 20:19:42 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=23C74D75E36E7158768DD63D92789A91 -- C:\WINDOWS\ServicePackFiles\i386\ipsec.sys [2008.04.13 20:19:42 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=23C74D75E36E7158768DD63D92789A91 -- C:\WINDOWS\system32\drivers\ipsec.sys [2004.08.04 13:00:00 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=64537AA5C003A6AFEEE1DF819062D0D1 -- C:\WINDOWS\$NtServicePackUninstall$\ipsec.sys < MD5 for: REGEDIT.EXE > [2004.08.04 13:00:00 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=8193CE5FB09E83F2699FD65BBCBE2FD2 -- C:\WINDOWS\$NtServicePackUninstall$\regedit.exe [2004.08.04 13:00:00 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=8193CE5FB09E83F2699FD65BBCBE2FD2 -- C:\WINDOWS\I386\REGEDIT.EXE [2008.04.14 03:22:58 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=AD9226BF3CED13636083BB9C76E9D2A2 -- C:\WINDOWS\regedit.exe [2008.04.14 03:22:58 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=AD9226BF3CED13636083BB9C76E9D2A2 -- C:\WINDOWS\ServicePackFiles\i386\regedit.exe [2008.04.14 03:22:58 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=AD9226BF3CED13636083BB9C76E9D2A2 -- C:\WINDOWS\system32\dllcache\regedit.exe < MD5 for: USERINIT.EXE > [2008.04.14 03:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ERDNT\cache\userinit.exe [2008.04.14 03:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe [2008.04.14 03:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe [2004.08.04 13:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe < MD5 for: WINLOGON.EXE > [2004.08.04 13:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtUninstallKB883529$\winlogon.exe [2004.08.25 17:59:56 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=325A82EBBD69248D75C5F831E8817D17 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2008.04.14 03:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ERDNT\cache\winlogon.exe [2008.04.14 03:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008.04.14 03:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Kmode: %SystemRoot%\system32\win32k.sys [2011.11.23 15:40:13 | 001,859,712 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-12-15 20:32:51 ========== Alternate Data Streams ========== @Alternate Data Stream - 109 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:A8ADE5D8 @Alternate Data Stream - 103 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2 @Alternate Data Stream - 102 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:8FB6501C < End of report > --- |
hi den link kannst du mir mal als private nachicht senden bitte. |
angekommen danke Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde! Bitte downloade dir Combofix.exe und speichere es unbedingt auf deinem Desktop.
|
Ist im Anhang. |
download tdss killer: http://www.trojaner-board.de/82358-t...entfernen.html Klicke auf Change parameters • Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system • Klick auf OK und anschließend auf Start scan lösche niths, nur log posten |
16:10:28.0273 3540 TDSS rootkit removing tool 2.6.23.0 Dec 13 2011 10:39:31 16:10:28.0602 3540 ============================================================ 16:10:28.0602 3540 Current date / time: 2011/12/19 16:10:28.0602 16:10:28.0602 3540 SystemInfo: 16:10:28.0602 3540 16:10:28.0602 3540 OS Version: 5.1.2600 ServicePack: 3.0 16:10:28.0602 3540 Product type: Workstation 16:10:28.0602 3540 ComputerName: WOODSTOCK 16:10:28.0602 3540 UserName: *** 16:10:28.0602 3540 Windows directory: C:\WINDOWS 16:10:28.0602 3540 System windows directory: C:\WINDOWS 16:10:28.0602 3540 Processor architecture: Intel x86 16:10:28.0602 3540 Number of processors: 2 16:10:28.0602 3540 Page size: 0x1000 16:10:28.0602 3540 Boot type: Normal boot 16:10:28.0602 3540 ============================================================ 16:10:30.0117 3540 Initialize success 16:10:38.0992 3592 ============================================================ 16:10:38.0992 3592 Scan started 16:10:38.0992 3592 Mode: Manual; SigCheck; TDLFS; 16:10:38.0992 3592 ============================================================ 16:10:41.0352 3592 878BDA (36e27c96c909eec528d9c3ccf8508345) C:\WINDOWS\system32\Drivers\878BDA.sys 16:10:41.0648 3592 878BDA - ok 16:10:41.0711 3592 Abiosdsk - ok 16:10:41.0727 3592 abp480n5 - ok 16:10:41.0758 3592 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys 16:10:42.0555 3592 ACPI - ok 16:10:42.0633 3592 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys 16:10:42.0836 3592 ACPIEC - ok 16:10:42.0867 3592 adpu160m - ok 16:10:42.0898 3592 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 16:10:43.0117 3592 aec - ok 16:10:43.0164 3592 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys 16:10:43.0227 3592 AFD - ok 16:10:43.0242 3592 Aha154x - ok 16:10:43.0258 3592 aic78u2 - ok 16:10:43.0273 3592 aic78xx - ok 16:10:43.0289 3592 AliIde - ok 16:10:43.0305 3592 amsint - ok 16:10:43.0352 3592 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 16:10:43.0602 3592 Arp1394 - ok 16:10:43.0633 3592 asc - ok 16:10:43.0648 3592 asc3350p - ok 16:10:43.0664 3592 asc3550 - ok 16:10:43.0695 3592 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 16:10:43.0992 3592 AsyncMac - ok 16:10:44.0008 3592 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 16:10:44.0336 3592 atapi - ok 16:10:44.0352 3592 Atdisk - ok 16:10:44.0523 3592 ati2mtag (c0b86ecb324e50f6bbd529f9d5c6b24b) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 16:10:44.0789 3592 ati2mtag ( UnsignedFile.Multi.Generic ) - warning 16:10:44.0789 3592 ati2mtag - detected UnsignedFile.Multi.Generic (1) 16:10:44.0852 3592 AtiHdmiService (e3b9fe6d478dc12ee9fb5169ee98d1ba) C:\WINDOWS\system32\drivers\AtiHdmi.sys 16:10:44.0914 3592 AtiHdmiService - ok 16:10:44.0961 3592 atinrvxx (74e104ada8a304774713e9a9a9cb3556) C:\WINDOWS\system32\DRIVERS\atinrvxx.sys 16:10:45.0023 3592 atinrvxx - ok 16:10:45.0070 3592 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 16:10:45.0414 3592 Atmarpc - ok 16:10:45.0445 3592 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 16:10:45.0742 3592 audstub - ok 16:10:45.0773 3592 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\WINDOWS\system32\DRIVERS\avgntflt.sys 16:10:46.0555 3592 avgntflt - ok 16:10:46.0602 3592 avipbb (912d23140cd05980f6cdae790ddafc8d) C:\WINDOWS\system32\DRIVERS\avipbb.sys 16:10:46.0633 3592 avipbb - ok 16:10:46.0680 3592 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys 16:10:46.0711 3592 avkmgr - ok 16:10:46.0742 3592 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 16:10:47.0023 3592 Beep - ok 16:10:47.0055 3592 catchme - ok 16:10:47.0117 3592 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 16:10:47.0430 3592 cbidf2k - ok 16:10:47.0461 3592 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 16:10:47.0773 3592 CCDECODE - ok 16:10:47.0805 3592 cd20xrnt - ok 16:10:47.0836 3592 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 16:10:48.0195 3592 Cdaudio - ok 16:10:48.0258 3592 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 16:10:48.0570 3592 Cdfs - ok 16:10:48.0586 3592 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 16:10:48.0914 3592 Cdrom - ok 16:10:48.0930 3592 Changer - ok 16:10:49.0008 3592 CmdIde - ok 16:10:49.0055 3592 Cpqarray - ok 16:10:49.0102 3592 CVirtA (b5ecadf7708960f1818c7fa015f4c239) C:\WINDOWS\system32\DRIVERS\CVirtA.sys 16:10:49.0164 3592 CVirtA - ok 16:10:49.0211 3592 CVPNDRVA (18994842386fd3039279d7865740abbd) C:\WINDOWS\system32\Drivers\CVPNDRVA.sys 16:10:49.0258 3592 CVPNDRVA ( UnsignedFile.Multi.Generic ) - warning 16:10:49.0258 3592 CVPNDRVA - detected UnsignedFile.Multi.Generic (1) 16:10:49.0289 3592 dac2w2k - ok 16:10:49.0320 3592 dac960nt - ok 16:10:49.0383 3592 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 16:10:49.0727 3592 Disk - ok 16:10:49.0805 3592 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys 16:10:50.0227 3592 dmboot - ok 16:10:50.0273 3592 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys 16:10:50.0633 3592 dmio - ok 16:10:50.0664 3592 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 16:10:51.0039 3592 dmload - ok 16:10:51.0086 3592 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 16:10:51.0477 3592 DMusic - ok 16:10:51.0508 3592 DNE (b5aa5aa5ac327bd7c1aec0c58f0c1144) C:\WINDOWS\system32\DRIVERS\dne2000.sys 16:10:51.0555 3592 DNE - ok 16:10:51.0586 3592 dpti2o - ok 16:10:51.0617 3592 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 16:10:51.0961 3592 drmkaud - ok 16:10:51.0977 3592 dtscsi - ok 16:10:52.0023 3592 E100B (d57a8fc800b501ac05b10d00f66d127a) C:\WINDOWS\system32\DRIVERS\e100b325.sys 16:10:52.0086 3592 E100B - ok 16:10:52.0195 3592 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 16:10:52.0539 3592 Fastfat - ok 16:10:52.0602 3592 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 16:10:52.0945 3592 Fdc - ok 16:10:52.0992 3592 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys 16:10:53.0367 3592 Fips - ok 16:10:53.0430 3592 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys 16:10:53.0773 3592 Flpydisk - ok 16:10:53.0836 3592 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 16:10:54.0211 3592 FltMgr - ok 16:10:54.0258 3592 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 16:10:54.0648 3592 Fs_Rec - ok 16:10:54.0680 3592 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 16:10:55.0102 3592 Ftdisk - ok 16:10:55.0148 3592 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys 16:10:55.0180 3592 GEARAspiWDM - ok 16:10:55.0227 3592 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 16:10:55.0586 3592 Gpc - ok 16:10:55.0648 3592 HdAudAddService (2a013e7530beab6e569faa83f517e836) C:\WINDOWS\system32\drivers\HdAudio.sys 16:10:55.0727 3592 HdAudAddService - ok 16:10:55.0773 3592 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 16:10:56.0117 3592 HDAudBus - ok 16:10:56.0180 3592 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 16:10:56.0539 3592 HidUsb - ok 16:10:56.0617 3592 HPFXBULK (299683d4c8aaa3f6f5d5d226a1782a6e) C:\WINDOWS\system32\drivers\hpfxbulk.sys 16:10:56.0648 3592 HPFXBULK - ok 16:10:56.0680 3592 hpn - ok 16:10:56.0727 3592 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 16:10:56.0805 3592 HTTP - ok 16:10:56.0820 3592 i2omgmt - ok 16:10:56.0852 3592 i2omp - ok 16:10:56.0898 3592 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\drivers\i8042prt.sys 16:10:57.0258 3592 i8042prt - ok 16:10:57.0320 3592 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 16:10:57.0680 3592 Imapi - ok 16:10:57.0711 3592 ini910u - ok 16:10:57.0898 3592 IntcAzAudAddService (a30685283f90ae02f1cd50972c6065e3) C:\WINDOWS\system32\drivers\RtkHDAud.sys 16:10:58.0211 3592 IntcAzAudAddService - ok 16:10:58.0258 3592 IntelIde (69c4e3c9e67a1f103b94e14fdd5f3213) C:\WINDOWS\system32\DRIVERS\intelide.sys 16:10:58.0602 3592 IntelIde - ok 16:10:58.0648 3592 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys 16:10:58.0992 3592 intelppm - ok 16:10:59.0023 3592 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 16:10:59.0398 3592 Ip6Fw - ok 16:10:59.0445 3592 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 16:10:59.0836 3592 IpFilterDriver - ok 16:10:59.0867 3592 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 16:11:00.0242 3592 IpInIp - ok 16:11:00.0289 3592 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 16:11:00.0648 3592 IpNat - ok 16:11:00.0695 3592 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 16:11:01.0055 3592 IPSec - ok 16:11:01.0102 3592 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 16:11:01.0477 3592 IRENUM - ok 16:11:01.0523 3592 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys 16:11:01.0883 3592 isapnp - ok 16:11:01.0914 3592 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 16:11:02.0305 3592 Kbdclass - ok 16:11:02.0336 3592 kbdhid (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 16:11:02.0695 3592 kbdhid - ok 16:11:02.0758 3592 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 16:11:03.0133 3592 kmixer - ok 16:11:03.0180 3592 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 16:11:03.0242 3592 KSecDD - ok 16:11:03.0273 3592 lbrtfdc - ok 16:11:03.0367 3592 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 16:11:03.0758 3592 mnmdd - ok 16:11:03.0836 3592 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys 16:11:04.0211 3592 Modem - ok 16:11:04.0242 3592 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys 16:11:04.0617 3592 Mouclass - ok 16:11:04.0648 3592 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys 16:11:05.0039 3592 mouhid - ok 16:11:05.0086 3592 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 16:11:05.0477 3592 MountMgr - ok 16:11:05.0508 3592 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys 16:11:05.0883 3592 MPE - ok 16:11:05.0898 3592 mraid35x - ok 16:11:05.0930 3592 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 16:11:06.0320 3592 MRxDAV - ok 16:11:06.0367 3592 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 16:11:06.0461 3592 MRxSmb - ok 16:11:06.0508 3592 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 16:11:06.0883 3592 Msfs - ok 16:11:06.0930 3592 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 16:11:07.0305 3592 MSKSSRV - ok 16:11:07.0336 3592 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 16:11:07.0711 3592 MSPCLOCK - ok 16:11:07.0742 3592 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 16:11:08.0102 3592 MSPQM - ok 16:11:08.0148 3592 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 16:11:08.0508 3592 mssmbios - ok 16:11:08.0555 3592 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 16:11:08.0930 3592 MSTEE - ok 16:11:08.0961 3592 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 16:11:09.0039 3592 Mup - ok 16:11:09.0086 3592 MVDCODEC (514829ed3e7f140aac16154106d04981) C:\WINDOWS\system32\DRIVERS\atinmdxx.sys 16:11:09.0148 3592 MVDCODEC - ok 16:11:09.0180 3592 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 16:11:09.0555 3592 NABTSFEC - ok 16:11:09.0602 3592 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 16:11:09.0977 3592 NDIS - ok 16:11:10.0008 3592 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 16:11:10.0398 3592 NdisIP - ok 16:11:10.0430 3592 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 16:11:10.0492 3592 NdisTapi - ok 16:11:10.0523 3592 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 16:11:10.0898 3592 Ndisuio - ok 16:11:10.0930 3592 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 16:11:11.0320 3592 NdisWan - ok 16:11:11.0352 3592 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 16:11:11.0414 3592 NDProxy - ok 16:11:11.0445 3592 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 16:11:11.0820 3592 NetBIOS - ok 16:11:11.0867 3592 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 16:11:12.0258 3592 NetBT - ok 16:11:12.0320 3592 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 16:11:12.0711 3592 NIC1394 - ok 16:11:12.0758 3592 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 16:11:13.0148 3592 Npfs - ok 16:11:13.0195 3592 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 16:11:13.0633 3592 Ntfs - ok 16:11:13.0680 3592 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 16:11:14.0070 3592 Null - ok 16:11:14.0117 3592 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 16:11:14.0492 3592 NwlnkFlt - ok 16:11:14.0523 3592 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 16:11:14.0914 3592 NwlnkFwd - ok 16:11:14.0945 3592 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys 16:11:15.0336 3592 NwlnkIpx - ok 16:11:15.0383 3592 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys 16:11:15.0789 3592 NwlnkNb - ok 16:11:15.0805 3592 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys 16:11:16.0211 3592 NwlnkSpx - ok 16:11:16.0242 3592 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 16:11:16.0617 3592 ohci1394 - ok 16:11:16.0680 3592 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\drivers\Parport.sys 16:11:17.0055 3592 Parport - ok 16:11:17.0070 3592 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 16:11:17.0461 3592 PartMgr - ok 16:11:17.0492 3592 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys 16:11:17.0883 3592 ParVdm - ok 16:11:17.0914 3592 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys 16:11:18.0305 3592 PCI - ok 16:11:18.0320 3592 PCIDump - ok 16:11:18.0352 3592 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys 16:11:18.0742 3592 PCIIde - ok 16:11:18.0789 3592 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys 16:11:19.0164 3592 Pcmcia - ok 16:11:19.0195 3592 PDCOMP - ok 16:11:19.0211 3592 PDFRAME - ok 16:11:19.0242 3592 PDRELI - ok 16:11:19.0273 3592 PDRFRAME - ok 16:11:19.0289 3592 perc2 - ok 16:11:19.0320 3592 perc2hib - ok 16:11:19.0445 3592 PhilCap (021ba865148ffaf6cdcbe1d0df050ee1) C:\WINDOWS\system32\DRIVERS\PhilCap.sys 16:11:19.0570 3592 PhilCap - ok 16:11:19.0633 3592 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 16:11:20.0008 3592 PptpMiniport - ok 16:11:20.0039 3592 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 16:11:20.0430 3592 PSched - ok 16:11:20.0461 3592 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 16:11:20.0836 3592 Ptilink - ok 16:11:20.0883 3592 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys 16:11:20.0930 3592 PxHelp20 - ok 16:11:20.0945 3592 ql1080 - ok 16:11:20.0977 3592 Ql10wnt - ok 16:11:20.0992 3592 ql12160 - ok 16:11:21.0023 3592 ql1240 - ok 16:11:21.0055 3592 ql1280 - ok 16:11:21.0102 3592 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 16:11:21.0508 3592 RasAcd - ok 16:11:21.0570 3592 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 16:11:21.0977 3592 Rasl2tp - ok 16:11:22.0008 3592 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 16:11:22.0383 3592 RasPppoe - ok 16:11:22.0430 3592 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 16:11:22.0820 3592 Raspti - ok 16:11:22.0883 3592 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 16:11:23.0273 3592 Rdbss - ok 16:11:23.0305 3592 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 16:11:23.0695 3592 RDPCDD - ok 16:11:23.0742 3592 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys 16:11:23.0805 3592 RDPWD - ok 16:11:23.0852 3592 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys 16:11:24.0227 3592 redbook - ok 16:11:24.0336 3592 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 16:11:24.0711 3592 Secdrv - ok 16:11:24.0773 3592 Ser2pl (fd245689004356aa2928b678736b9abd) C:\WINDOWS\system32\DRIVERS\ser2pl.sys 16:11:24.0836 3592 Ser2pl - ok 16:11:24.0883 3592 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 16:11:25.0273 3592 serenum - ok 16:11:25.0305 3592 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys 16:11:25.0680 3592 Serial - ok 16:11:25.0758 3592 sfdrv01 (4c0d673281178cb496011a2e28571fc8) C:\WINDOWS\system32\drivers\sfdrv01.sys 16:11:25.0758 3592 sfdrv01 ( UnsignedFile.Multi.Generic ) - warning 16:11:25.0758 3592 sfdrv01 - detected UnsignedFile.Multi.Generic (1) 16:11:25.0789 3592 sfhlp02 (15be2b5e4dc5b8623cf167720682abc9) C:\WINDOWS\system32\drivers\sfhlp02.sys 16:11:25.0805 3592 sfhlp02 ( UnsignedFile.Multi.Generic ) - warning 16:11:25.0805 3592 sfhlp02 - detected UnsignedFile.Multi.Generic (1) 16:11:25.0836 3592 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 16:11:26.0227 3592 Sfloppy - ok 16:11:26.0242 3592 sfvfs02 (d5a7e09d2c6a702809e49190d52adc9f) C:\WINDOWS\system32\drivers\sfvfs02.sys 16:11:26.0258 3592 sfvfs02 ( UnsignedFile.Multi.Generic ) - warning 16:11:26.0258 3592 sfvfs02 - detected UnsignedFile.Multi.Generic (1) 16:11:26.0305 3592 Simbad - ok 16:11:26.0367 3592 SIS163u (4edc881c138e778feb9bd24cbc6b33ed) C:\WINDOWS\system32\DRIVERS\sis163u.sys 16:11:26.0430 3592 SIS163u - ok 16:11:26.0461 3592 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 16:11:26.0852 3592 SLIP - ok 16:11:26.0883 3592 Sparrow - ok 16:11:26.0961 3592 SPC220NC (3526097e13a156a2276b855b555c2891) C:\WINDOWS\system32\DRIVERS\SPC220NC.SYS 16:11:27.0070 3592 SPC220NC - ok 16:11:27.0102 3592 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 16:11:27.0477 3592 splitter - ok 16:11:27.0539 3592 sptd (090adc3d9b5730ac3b20bdd5a54e2d28) C:\WINDOWS\System32\Drivers\sptd.sys 16:11:27.0633 3592 sptd - ok 16:11:27.0664 3592 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys 16:11:28.0039 3592 sr - ok 16:11:28.0102 3592 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 16:11:28.0180 3592 Srv - ok 16:11:28.0227 3592 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys 16:11:28.0258 3592 ssmdrv - ok 16:11:28.0305 3592 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 16:11:28.0680 3592 streamip - ok 16:11:28.0727 3592 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 16:11:29.0102 3592 swenum - ok 16:11:29.0133 3592 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 16:11:29.0508 3592 swmidi - ok 16:11:29.0555 3592 symc810 - ok 16:11:29.0570 3592 symc8xx - ok 16:11:29.0602 3592 sym_hi - ok 16:11:29.0633 3592 sym_u3 - ok 16:11:29.0680 3592 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 16:11:30.0039 3592 sysaudio - ok 16:11:30.0117 3592 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 16:11:30.0242 3592 Tcpip - ok 16:11:30.0273 3592 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 16:11:30.0648 3592 TDPIPE - ok 16:11:30.0680 3592 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 16:11:31.0055 3592 TDTCP - ok 16:11:31.0102 3592 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 16:11:31.0477 3592 TermDD - ok 16:11:31.0508 3592 TosIde - ok 16:11:31.0586 3592 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 16:11:31.0992 3592 Udfs - ok 16:11:32.0008 3592 ultra - ok 16:11:32.0070 3592 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 16:11:32.0508 3592 Update - ok 16:11:32.0570 3592 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys 16:11:32.0961 3592 usbaudio - ok 16:11:33.0008 3592 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 16:11:33.0398 3592 usbccgp - ok 16:11:33.0430 3592 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 16:11:33.0805 3592 usbehci - ok 16:11:33.0867 3592 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 16:11:34.0242 3592 usbhub - ok 16:11:34.0289 3592 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 16:11:34.0664 3592 usbprint - ok 16:11:34.0711 3592 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 16:11:35.0102 3592 usbscan - ok 16:11:35.0133 3592 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 16:11:35.0523 3592 usbstor - ok 16:11:35.0555 3592 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 16:11:35.0930 3592 usbuhci - ok 16:11:35.0977 3592 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys 16:11:36.0367 3592 usbvideo - ok 16:11:36.0398 3592 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 16:11:36.0773 3592 VgaSave - ok 16:11:36.0789 3592 ViaIde - ok 16:11:36.0836 3592 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys 16:11:37.0211 3592 VolSnap - ok 16:11:37.0258 3592 vsdatant (0354ba3a5ba5e28cc247eb5f5dd8793c) C:\WINDOWS\system32\vsdatant.sys 16:11:37.0352 3592 vsdatant - ok 16:11:37.0430 3592 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 16:11:37.0805 3592 Wanarp - ok 16:11:37.0852 3592 wceusbsh (46a247f6617526afe38b6f12f5512120) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys 16:11:37.0930 3592 wceusbsh - ok 16:11:37.0945 3592 WDICA - ok 16:11:37.0992 3592 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 16:11:38.0398 3592 wdmaud - ok 16:11:38.0523 3592 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 16:11:38.0898 3592 WSTCODEC - ok 16:11:38.0961 3592 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 16:11:39.0039 3592 WudfPf - ok 16:11:39.0148 3592 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0 16:11:39.0430 3592 \Device\Harddisk0\DR0 - ok 16:11:39.0445 3592 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1 16:11:39.0883 3592 \Device\Harddisk1\DR1 - ok 16:11:39.0883 3592 Boot (0x1200) (5431522f497aaccd5625ac249501f342) \Device\Harddisk0\DR0\Partition0 16:11:39.0883 3592 \Device\Harddisk0\DR0\Partition0 - ok 16:11:39.0898 3592 Boot (0x1200) (14a1c817fd1f317389f7ca4110543312) \Device\Harddisk1\DR1\Partition0 16:11:39.0898 3592 \Device\Harddisk1\DR1\Partition0 - ok 16:11:39.0898 3592 ============================================================ 16:11:39.0898 3592 Scan finished 16:11:39.0898 3592 ============================================================ 16:11:40.0023 3648 Detected object count: 5 16:11:40.0023 3648 Actual detected object count: 5 16:11:50.0055 3648 ati2mtag ( UnsignedFile.Multi.Generic ) - skipped by user 16:11:50.0055 3648 ati2mtag ( UnsignedFile.Multi.Generic ) - User select action: Skip 16:11:50.0055 3648 CVPNDRVA ( UnsignedFile.Multi.Generic ) - skipped by user 16:11:50.0055 3648 CVPNDRVA ( UnsignedFile.Multi.Generic ) - User select action: Skip 16:11:50.0055 3648 sfdrv01 ( UnsignedFile.Multi.Generic ) - skipped by user 16:11:50.0055 3648 sfdrv01 ( UnsignedFile.Multi.Generic ) - User select action: Skip 16:11:50.0055 3648 sfhlp02 ( UnsignedFile.Multi.Generic ) - skipped by user 16:11:50.0055 3648 sfhlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip 16:11:50.0055 3648 sfvfs02 ( UnsignedFile.Multi.Generic ) - skipped by user 16:11:50.0055 3648 sfvfs02 ( UnsignedFile.Multi.Generic ) - User select action: Skip |
malwarebytes: Downloade Dir bitte Malwarebytes
|
Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Datenbank Version: 8399 Windows 5.1.2600 Service Pack 3 Internet Explorer 6.0.2900.2180 20.12.2011 03:47:28 mbam-log-2011-12-20 (03-47-28).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|) Durchsuchte Objekte: 347809 Laufzeit: 5 Stunde(n), 3 Minute(n), 21 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
treten die probleme noch auf? |
Nein - nur die Aktualisierung von Avira Free Antivirus will noch nicht so richtig klappen. |
http://dl.surfright.nl/HitmanPro36beta2_x64.exe laden, doppelklicken, settings, license testlicense wählen. dann scanner, funde in quarantäne und am ende die xls datei spiechern und hier anhängen |
Da kommt die Fehlermeldung "HitmanPro36beta2_x64.exe ist keine zulässige Win32-Anwendung.", wenn ich es öffnen wil. |
|
Hi, das Programm teilt mir mit, es habe keine Funde gegeben. |
ok, welche der probleme treten noch auf? |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 06:35 Uhr. |
Copyright ©2000-2025, Trojaner-Board