Trojaner-Board - Gema Trojaner & Windows Security Center Trojaner

OTL Logfile:

Code:

OTL logfile created on: 21.03.2012 00:50:28 - Run 1

OTL by OldTimer - Version 3.2.39.1     Folder = C:\Dokumente und Einstellungen\Mone\Desktop

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

1,99 Gb Total Physical Memory | 1,32 Gb Available Physical Memory | 66,20% Memory free

3,84 Gb Paging File | 3,17 Gb Available in Paging File | 82,58% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 74,52 Gb Total Space | 37,02 Gb Free Space | 49,68% Space Free | Partition Type: NTFS

Drive E: | 149,05 Gb Total Space | 104,68 Gb Free Space | 70,23% Space Free | Partition Type: NTFS

Drive G: | 7,38 Gb Total Space | 5,91 Gb Free Space | 80,10% Space Free | Partition Type: FAT32

Drive H: | 465,75 Gb Total Space | 83,10 Gb Free Space | 17,84% Space Free | Partition Type: NTFS

Drive J: | 1397,26 Gb Total Space | 155,19 Gb Free Space | 11,11% Space Free | Partition Type: NTFS

 

Computer Name: PUPPSIE | User Name: Mone | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2012.03.20 20:41:23 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Mone\Desktop\OTL.exe

PRC - [2012.01.31 08:56:34 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe

PRC - [2012.01.31 08:56:05 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe

PRC - [2012.01.31 08:55:48 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe

PRC - [2012.01.31 08:55:48 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe

PRC - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2012.01.13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe

PRC - [2011.07.29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe

PRC - [2011.06.09 12:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe

PRC - [2010.05.07 17:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) -- C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe

PRC - [2010.05.07 17:35:22 | 000,165,208 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\LWS\Webcam Software\LWS.exe

PRC - [2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2003.06.19 22:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2012.01.31 08:56:07 | 000,398,288 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll

MOD - [2012.01.03 14:10:46 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU

MOD - [2011.07.29 00:09:42 | 000,096,112 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll

MOD - [2011.07.29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe

MOD - [2010.05.07 17:37:40 | 000,126,808 | ---- | M] () -- C:\Programme\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll

MOD - [2010.05.07 17:37:40 | 000,027,480 | ---- | M] () -- C:\Programme\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll

MOD - [2010.05.07 17:36:54 | 000,340,824 | ---- | M] () -- C:\Programme\Logitech\LWS\Webcam Software\QTXml4.dll

MOD - [2010.05.07 17:36:20 | 000,921,944 | ---- | M] () -- C:\Programme\Logitech\LWS\Webcam Software\QtNetwork4.dll

MOD - [2010.05.07 17:35:56 | 007,954,776 | ---- | M] () -- C:\Programme\Logitech\LWS\Webcam Software\QTGui4.dll

MOD - [2010.05.07 17:35:44 | 002,143,576 | ---- | M] () -- C:\Programme\Logitech\LWS\Webcam Software\QTCore4.dll

MOD - [2010.03.15 10:28:22 | 000,141,824 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - [2012.01.31 08:56:05 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2012.01.31 08:55:48 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2010.05.07 17:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)

SRV - [2003.06.19 22:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe -- (MDM)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)

DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\MpEngineStore\MpKsl1f947b4b.sys -- (MpKsl1f947b4b)

DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)

DRV - File not found [Kernel | System | Stopped] --  -- (Changer)

DRV - File not found [Kernel | On_Demand | Unknown] --  -- (aybzhhsl)

DRV - [2012.01.31 08:56:33 | 000,137,416 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)

DRV - [2012.01.31 08:56:33 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)

DRV - [2011.12.10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)

DRV - [2011.09.16 16:08:07 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)

DRV - [2010.10.29 23:09:58 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)

DRV - [2010.07.27 09:15:20 | 000,023,904 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)

DRV - [2010.07.27 09:14:58 | 006,842,464 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam 250(UVC)

DRV - [2010.07.27 09:12:50 | 000,282,336 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)

DRV - [2010.07.27 09:12:26 | 000,114,784 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvpopflt.sys -- (lvpopflt)

DRV - [2010.05.07 17:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)

DRV - [2010.04.28 06:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)

DRV - [2010.04.06 17:13:04 | 005,912,096 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2009.11.18 06:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)

DRV - [2009.11.18 06:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)

DRV - [2009.10.08 16:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)

DRV - [2009.06.29 12:59:14 | 000,142,592 | R--- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)

DRV - [2009.04.06 08:13:52 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)

DRV - [2009.04.06 08:13:52 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)

DRV - [2009.03.25 15:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018mdm.sys -- (s1018mdm)

DRV - [2009.03.25 15:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)

DRV - [2009.03.25 15:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)

DRV - [2009.03.25 15:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018obex.sys -- (s1018obex)

DRV - [2009.03.25 15:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM)

DRV - [2009.03.25 15:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)

DRV - [2009.03.25 15:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018mdfl.sys -- (s1018mdfl)

DRV - [2007.04.24 10:33:46 | 000,100,488 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125mgmt.sys -- (s125mgmt) Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM)

DRV - [2007.04.24 10:33:46 | 000,098,696 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125obex.sys -- (s125obex)

DRV - [2007.04.24 10:33:44 | 000,108,680 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125mdm.sys -- (s125mdm)

DRV - [2007.04.24 10:33:42 | 000,015,112 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125mdfl.sys -- (s125mdfl)

DRV - [2007.04.24 10:33:34 | 000,083,336 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125bus.sys -- (s125bus) Sony Ericsson Device 125 driver (WDM)

DRV - [2007.04.23 14:54:50 | 000,100,488 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115mgmt.sys -- (s115mgmt) Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM)

DRV - [2007.04.23 14:54:50 | 000,098,568 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115obex.sys -- (s115obex)

DRV - [2007.04.23 14:54:48 | 000,108,680 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115mdm.sys -- (s115mdm)

DRV - [2007.04.23 14:54:48 | 000,015,112 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115mdfl.sys -- (s115mdfl)

DRV - [2007.04.23 14:54:46 | 000,083,208 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115bus.sys -- (s115bus) Sony Ericsson Device 115 driver (WDM)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-527237240-1580818891-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/

IE - HKU\S-1-5-21-527237240-1580818891-839522115-1003\..\URLSearchHook:  - No CLSID value found

IE - HKU\S-1-5-21-527237240-1580818891-839522115-1003\..\URLSearchHook: {6778613D-616B-4A6C-9856-65DE943CF424} - No CLSID value found

IE - HKU\S-1-5-21-527237240-1580818891-839522115-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-527237240-1580818891-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKU\S-1-5-21-527237240-1580818891-839522115-1003\..\SearchScopes\{4ED572E1-A188-4C35-A43F-C24B08E847BC}: "URL" = hxxp://www.google.de/search?q={searchTerms}

IE - HKU\S-1-5-21-527237240-1580818891-839522115-1003\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = hxxp://www.daemon-search.com/search/web?q={searchTerms}

IE - HKU\S-1-5-21-527237240-1580818891-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "Bing"

FF - prefs.js..browser.search.defaultthis.engineName: "Bigpoint Games DE Customized Web Search"

FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2843456&SearchSource=3&q={searchTerms}"

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "https://www.payback.de/pb/id/105532/?s_ixcid=11_300_102#"

FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20111107

FF - prefs.js..extensions.enabledItems: {84b24861-62f6-364b-eba5-2e5e2061d7e6}:0.9.3

FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.7

FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.9

FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.21

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.5

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26

FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.145

FF - prefs.js..extensions.enabledItems: {ba2430e0-5b72-4cac-bc9e-7d1aaca75d3d}:1.6.3

FF - prefs.js..extensions.enabledItems: {38fc2fbc-9500-46e7-8bc5-b128acd9e143}:1.5.0

FF - prefs.js..extensions.enabledItems: {31ea9703-204e-4307-8815-e9a3e087b91a}:1.4.4

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29

FF - prefs.js..extensions.enabledItems: {ebD9e131-818f-4298-bb90-5acac9e21ab8}:3.0.3

FF - prefs.js..extensions.enabledItems: firefox1@myibay.com:1.2.4

FF - prefs.js..extensions.enabledItems: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:5.8

FF - prefs.js..extensions.enabledItems: info@youtube-mp3.org:1.0.4

FF - prefs.js..keyword.URL: "hxxp://rs.mediapimp.com/s/?src=addrbar&browser=ff&category=web&partner_id=229&toolbar_id=3&toolbar_version=8.0&q="

FF - prefs.js..network.proxy.type: 4

FF - user.js - File not found

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Picasa3\npPicasa3.dll (Google, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Programme\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: c:\Programme\Sony\Media Go\npmediago.dll (Sony Creative Software Inc)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Facebook\npfbplugin_1_0_3.dll File not found

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Programme\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.04.14 13:29:32 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Programme\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.12.16 23:23:27 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\WINDOWS\system32\10017 [2012.03.17 09:33:35 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.03.18 10:27:54 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.01.12 15:23:43 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\WINDOWS\system32\10017 [2012.03.17 09:33:35 | 000,000,000 | ---D | M]

 

[2010.04.21 11:29:03 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Mozilla\Extensions

[2012.03.20 20:36:01 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Mozilla\Firefox\Profiles\vhmjp5a6.default\extensions

[2011.12.09 17:34:34 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Mozilla\Firefox\Profiles\vhmjp5a6.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}

[2012.03.16 08:52:33 | 000,000,000 | ---D | M] (Flagfox) -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Mozilla\Firefox\Profiles\vhmjp5a6.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}

[2010.06.01 10:36:51 | 000,000,000 | ---D | M] (mediaplayerconnectivity) -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Mozilla\Firefox\Profiles\vhmjp5a6.default\extensions\{84b24861-62f6-364b-eba5-2e5e2061d7e6}

[2010.05.29 22:23:17 | 000,000,000 | ---D | M] (mediaplayerconnectivity) -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Mozilla\Firefox\Profiles\vhmjp5a6.default\extensions\{84b24861-62f6-364b-eba5-2e5e2061d7e6}(2)

[2012.03.04 18:35:37 | 000,000,000 | ---D | M] (WOT) -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Mozilla\Firefox\Profiles\vhmjp5a6.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}

[2011.10.25 23:50:33 | 000,000,000 | ---D | M] (eBay Worldwide) -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Mozilla\Firefox\Profiles\vhmjp5a6.default\extensions\{ebD9e131-818f-4298-bb90-5acac9e21ab8}

[2010.05.29 15:39:14 | 000,000,000 | ---D | M] (FoxTab) -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Mozilla\Firefox\Profiles\vhmjp5a6.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}(2)

[2011.12.11 00:38:58 | 000,000,000 | ---D | M] (Myibidder (Myibay) Bid Sniper for eBay) -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Mozilla\Firefox\Profiles\vhmjp5a6.default\extensions\firefox1@myibay.com

[2011.04.14 14:44:16 | 000,000,000 | ---D | M] (Personas) -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Mozilla\Firefox\Profiles\vhmjp5a6.default\extensions\personas@christopher.beard

[2012.01.13 09:58:56 | 000,001,666 | ---- | M] () -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Mozilla\Firefox\Profiles\vhmjp5a6.default\searchplugins\mp3-downloads.xml

[2010.06.07 22:30:32 | 000,002,057 | ---- | M] () -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Mozilla\Firefox\Profiles\vhmjp5a6.default\searchplugins\youtube-videosuche.xml

[2012.01.13 21:38:16 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions

[2010.05.29 22:23:18 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\quickstores@quickstores.de

() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\MONE\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\VHMJP5A6.DEFAULT\EXTENSIONS\{0545B830-F0AA-4D7E-8820-50A4629A56FE}.XPI

() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\MONE\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\VHMJP5A6.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI

() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\MONE\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\VHMJP5A6.DEFAULT\EXTENSIONS\{31EA9703-204E-4307-8815-E9A3E087B91A}.XPI

() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\MONE\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\VHMJP5A6.DEFAULT\EXTENSIONS\{38FC2FBC-9500-46E7-8BC5-B128ACD9E143}.XPI

() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\MONE\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\VHMJP5A6.DEFAULT\EXTENSIONS\{62760FD6-B943-48C9-AB09-F99C6FE96088}.XPI

() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\MONE\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\VHMJP5A6.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}.XPI

() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\MONE\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\VHMJP5A6.DEFAULT\EXTENSIONS\{BA2430E0-5B72-4CAC-BC9E-7D1AACA75D3D}.XPI

() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\MONE\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\VHMJP5A6.DEFAULT\EXTENSIONS\{C0C9A2C7-2E5C-4447-BC53-97718BC91E1B}.XPI

() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\MONE\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\VHMJP5A6.DEFAULT\EXTENSIONS\ADBLOCKPOPUPS@JESSEHAKANEN.NET.XPI

() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\MONE\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\VHMJP5A6.DEFAULT\EXTENSIONS\DEVELOPMENT@BIDBAG.DE.XPI

() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\MONE\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\VHMJP5A6.DEFAULT\EXTENSIONS\YOUTUBE2MP3@MONDAYX.DE.XPI

[2011.12.16 23:23:27 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAMME\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5

[2010.06.06 22:20:03 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF

[2010.05.29 22:18:56 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION

[2012.03.17 09:33:35 | 000,000,000 | ---D | M] (Java String Helper) -- C:\WINDOWS\SYSTEM32\10017

[2012.03.18 10:27:52 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll

[2011.10.03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll

[2012.01.15 15:11:43 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml

[2012.01.15 15:11:43 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml

[2012.01.15 15:11:43 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml

[2012.01.15 15:11:43 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml

[2012.01.15 15:11:43 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml

[2012.01.15 15:11:43 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml

 
 ========== Chrome  ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}

CHR - Extension: YouTube = C:\Dokumente und Einstellungen\Mone\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\

CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Dokumente und Einstellungen\Mone\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\

 

O1 HOSTS File: ([2006.02.28 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O4 - HKLM..\Run: []  File not found

O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" File not found

O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - HKLM..\Run: [DelReg] C:\Programme\MSI\DualCoreCenter\DelReg.exe ()

O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()

O4 - HKLM..\Run: [Lexmark X1100 Series] "C:\Programme\Lexmark X1100 Series\lxbkbmgr.exe" File not found

O4 - HKLM..\Run: [LogitechQuickCamRibbon] "C:\Programme\Logitech\Logitech WebCam Software\LWS.exe" /hide File not found

O4 - HKLM..\Run: [LWS] C:\Programme\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)

O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-527237240-1580818891-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: Free YouTube Download - C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1271845369968 (MUWebControl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{54413FD6-6A38-41A8-A065-532A8E2DEA4B}: DhcpNameServer = 192.168.0.1

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)

O20 - HKU\S-1-5-21-527237240-1580818891-839522115-1003 Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home

O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Mone\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Mone\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2010.04.21 11:03:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2010.12.14 10:59:44 | 000,000,000 | RH-D | M] - E:\autorun -- [ NTFS ]

O32 - AutoRun File - [2009.04.27 10:19:02 | 000,000,274 | ---- | M] () - G:\autorun.inf -- [ FAT32 ]

O33 - MountPoints2\{2e27a215-f2c9-11e0-a2ca-4061867883b5}\Shell - "" = AutoRun

O33 - MountPoints2\{2e27a215-f2c9-11e0-a2ca-4061867883b5}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{2e27a215-f2c9-11e0-a2ca-4061867883b5}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Start.hta

O33 - MountPoints2\{c7ed98d5-17f3-11e0-a286-4061867883b5}\Shell - "" = AutoRun

O33 - MountPoints2\{c7ed98d5-17f3-11e0-a286-4061867883b5}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{c7ed98d5-17f3-11e0-a286-4061867883b5}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Start.hta

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: 6to4 -  File not found

NetSvcs: Ias -  File not found

NetSvcs: Iprip -  File not found

NetSvcs: Irmon -  File not found

NetSvcs: NWCWorkstation -  File not found

NetSvcs: Nwsapagent -  File not found

NetSvcs: WmdmPmSp -  File not found

 

MsConfig - State: "system.ini" - 0

MsConfig - State: "win.ini" - 0

MsConfig - State: "bootini" - 0

MsConfig - State: "services" - 0

MsConfig - State: "startup" - 0

 

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: sermouse.sys - Driver

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vds - Service

SafeBootMin: vga.sys - Driver

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

 

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: nm -  File not found

SafeBootNet: nm.sys -  File not found

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: sermouse.sys - Driver

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vga.sys - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

 

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4

ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe

ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Sicherheitsupdate für Windows XP (KB923789)

ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser

ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework

ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2} - C:\Programme\PixiePack Codec Pack\InstallerHelper.exe

ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner

ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1

ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

 

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (hxxp://www.mp3dev.org/)

Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)

Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)

Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()

Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)

Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()

Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.03.20 20:41:21 | 000,594,432 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Mone\Desktop\OTL.exe

[2012.03.19 21:16:58 | 000,000,000 | ---D | C] -- C:\Programme\ESET

[2012.03.19 18:35:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Avira

[2012.03.19 18:29:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Avira

[2012.03.19 18:27:46 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys

[2012.03.19 18:27:35 | 000,137,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys

[2012.03.19 18:27:35 | 000,074,640 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys

[2012.03.19 18:27:35 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avkmgr.sys

[2012.03.19 18:26:56 | 000,000,000 | ---D | C] -- C:\Programme\Avira

[2012.03.19 18:26:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira

[2012.03.17 10:04:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\UAs

[2012.03.17 09:33:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\10017

[2012.03.17 09:33:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\kock

[2012.03.15 00:04:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Malwarebytes

[2012.03.15 00:04:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware

[2012.03.15 00:04:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes

[2012.03.15 00:04:16 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2012.03.15 00:04:16 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware

[2012.03.08 02:19:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Recuva

[2012.03.08 02:19:09 | 000,000,000 | ---D | C] -- C:\Programme\Recuva

[2012.03.05 22:36:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\gema

[2012.03.05 22:36:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\gema

[2012.03.02 23:15:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mone\Eigene Dateien\FormatFactory

[2012.02.29 16:42:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mone\Startmenü\Programme\PhotoZoom Pro 4

[2012.02.29 16:42:25 | 000,000,000 | ---D | C] -- C:\Programme\PhotoZoom Pro 4

[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.03.21 01:46:04 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2012.03.21 00:48:38 | 000,183,789 | -H-- | M] () -- C:\treeinfo.wc

[2012.03.20 20:41:23 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Mone\Desktop\OTL.exe

[2012.03.20 02:46:01 | 000,001,082 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2012.03.19 21:15:47 | 002,672,312 | ---- | M] () -- C:\Dokumente und Einstellungen\Mone\Desktop\esetsmartinstaller_enu.exe

[2012.03.19 18:29:01 | 000,001,671 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk

[2012.03.19 17:58:39 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2012.03.19 17:56:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2012.03.18 23:08:06 | 087,227,952 | ---- | M] () -- C:\avira_free_antivirus_de1200898.exe

[2012.03.18 23:05:01 | 012,038,144 | ---- | M] () -- C:\Ad-Aware_9.6_Install.exe

[2012.03.18 08:32:19 | 000,151,584 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2012.03.17 19:14:04 | 000,000,023 | ---- | M] () -- C:\WINDOWS\System32\urhtps.dat

[2012.03.17 19:11:04 | 000,000,016 | ---- | M] () -- C:\WINDOWS\System32\blckdom.res

[2012.03.15 18:54:38 | 000,000,210 | -HS- | M] () -- C:\boot.ini

[2012.03.15 10:32:09 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2012.03.15 00:31:16 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk

[2012.03.14 22:06:03 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2012.03.14 16:05:59 | 000,495,078 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat

[2012.03.14 16:05:59 | 000,450,642 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2012.03.14 16:05:59 | 000,099,896 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat

[2012.03.14 16:05:59 | 000,075,488 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2012.03.09 21:51:28 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs

[2012.03.09 21:51:26 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad

[2012.03.08 02:19:14 | 000,001,476 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Recuva.lnk

[2012.03.08 02:14:17 | 000,044,032 | ---- | M] () -- C:\Dokumente und Einstellungen\Mone\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012.03.05 20:33:23 | 000,000,038 | ---- | M] () -- C:\WINDOWS\avisplitter.ini

[2012.03.02 23:22:20 | 000,002,469 | ---- | M] () -- C:\Dokumente und Einstellungen\Mone\Desktop\Pop Art Studio 6.0.lnk

[2012.02.29 16:42:49 | 000,004,440 | ---- | M] () -- C:\WINDOWS\jcqfhzm24.ini

[2012.02.29 16:42:39 | 000,000,740 | ---- | M] () -- C:\Dokumente und Einstellungen\Mone\Desktop\PhotoZoom Pro 4.lnk

[2012.02.28 11:53:46 | 000,000,049 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2012.02.21 08:43:16 | 002,837,184 | ---- | M] () -- C:\Dokumente und Einstellungen\Mone\Eigene Dateien\21022012625.JPG

[2012.02.21 08:42:44 | 002,846,268 | ---- | M] () -- C:\Dokumente und Einstellungen\Mone\Eigene Dateien\21022012624.JPG

[2012.02.21 08:42:34 | 003,329,760 | ---- | M] () -- C:\Dokumente und Einstellungen\Mone\Eigene Dateien\21022012623.JPG

[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2012.03.19 21:15:45 | 002,672,312 | ---- | C] () -- C:\Dokumente und Einstellungen\Mone\Desktop\esetsmartinstaller_enu.exe

[2012.03.19 18:29:01 | 000,001,671 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk

[2012.03.18 23:07:14 | 087,227,952 | ---- | C] () -- C:\avira_free_antivirus_de1200898.exe

[2012.03.18 23:05:01 | 012,038,144 | ---- | C] () -- C:\Ad-Aware_9.6_Install.exe

[2012.03.17 19:14:04 | 000,000,023 | ---- | C] () -- C:\WINDOWS\System32\urhtps.dat

[2012.03.17 09:33:17 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\blckdom.res

[2012.03.15 18:54:21 | 000,001,714 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk

[2012.03.15 00:04:25 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk

[2012.03.08 02:19:14 | 000,001,476 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Recuva.lnk

[2012.02.29 16:42:49 | 000,004,440 | ---- | C] () -- C:\WINDOWS\jcqfhzm24.ini

[2012.02.29 16:42:38 | 000,000,740 | ---- | C] () -- C:\Dokumente und Einstellungen\Mone\Desktop\PhotoZoom Pro 4.lnk

[2012.02.21 09:52:42 | 002,846,268 | ---- | C] () -- C:\Dokumente und Einstellungen\Mone\Eigene Dateien\21022012624.JPG

[2012.02.21 09:52:41 | 003,329,760 | ---- | C] () -- C:\Dokumente und Einstellungen\Mone\Eigene Dateien\21022012623.JPG

[2012.02.21 09:52:41 | 002,837,184 | ---- | C] () -- C:\Dokumente und Einstellungen\Mone\Eigene Dateien\21022012625.JPG

[2012.02.15 11:38:26 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2011.04.14 13:14:24 | 000,197,308 | ---- | C] () -- C:\WINDOWS\hpwins27.dat

[2011.04.14 13:14:24 | 000,000,385 | ---- | C] () -- C:\WINDOWS\hpwmdl27.dat

[2011.03.29 22:37:22 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI

[2011.02.24 20:43:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI

[2010.12.09 14:58:06 | 000,000,032 | ---- | C] () -- C:\WINDOWS\Menu.INI

[2010.11.14 13:06:13 | 000,044,032 | ---- | C] () -- C:\Dokumente und Einstellungen\Mone\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010.10.15 12:30:02 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll

[2010.10.15 12:30:00 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini

[2010.10.15 12:29:50 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

[2010.10.15 12:29:50 | 000,134,144 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll

[2010.07.27 09:03:20 | 010,829,656 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll

[2010.07.27 09:03:20 | 000,102,744 | ---- | C] () -- C:\WINDOWS\System32\LogiDPPApp.exe

[2010.07.27 09:03:18 | 000,290,648 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll

[2010.05.18 21:32:58 | 000,000,117 | ---- | C] () -- C:\WINDOWS\Podcasts.INI

[2010.05.14 01:02:06 | 000,000,173 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI

[2010.05.07 17:46:36 | 000,014,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll

[2010.05.07 17:43:30 | 000,025,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys

[2010.05.06 21:14:07 | 000,000,016 | ---- | C] () -- C:\WINDOWS\popcinfo.dat

[2010.05.03 12:58:42 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat

[2010.04.27 20:55:19 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2010.04.24 11:43:03 | 000,090,411 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini

[2010.04.23 19:00:43 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat

[2010.04.22 12:25:45 | 000,000,101 | ---- | C] () -- C:\WINDOWS\lexstat.ini

[2010.04.22 11:14:16 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2010.04.21 11:57:33 | 000,217,088 | ---- | C] () -- C:\WINDOWS\NVGfxOgl.dll

[2010.04.21 11:54:28 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2010.04.21 11:53:04 | 000,151,584 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2010.04.21 11:29:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2010.04.21 11:21:43 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4906.dll

[2010.04.21 11:17:31 | 000,073,728 | R--- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll

[2010.04.21 11:05:39 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2010.04.21 11:00:20 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

 
 ========== LOP Check ==========

 

[2010.11.28 20:07:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Astroburn Lite

[2011.04.14 14:39:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avanquest

[2010.10.13 22:24:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Azureus

[2011.10.11 09:39:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BVRP Software

[2010.10.29 23:09:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite

[2012.03.15 00:30:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\gema

[2010.05.29 22:20:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RapidSolution

[2010.07.14 10:28:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Teleca

[2011.06.22 20:11:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP

[2010.11.17 12:40:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Age of Japan II

[2010.11.28 20:07:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Astroburn Lite

[2010.10.14 21:04:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Azureus

[2010.11.02 23:47:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\DAEMON Tools Lite

[2011.12.17 10:24:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\DDMSettings

[2012.01.13 11:15:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\DVDVideoSoft

[2012.01.13 11:17:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\DVDVideoSoftIEHelpers

[2011.07.01 22:03:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Free MP3 WMA Cutter

[2011.06.20 08:59:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\FreeFLVConverter

[2012.03.15 00:30:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\gema

[2012.01.13 22:52:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\GHISLER

[2011.12.04 23:33:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\gtk-2.0

[2010.04.24 11:44:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Leadertech

[2012.02.29 22:09:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\MyPhoneExplorer

[2010.06.11 16:36:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\phonostar GmbH

[2010.05.29 22:23:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\QuickStoresToolbar

[2010.07.14 11:18:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Sony

[2010.07.14 11:12:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Sony Setup

[2010.07.14 10:56:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Teleca

[2010.05.31 11:33:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Uniblue

[2010.08.09 12:11:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Windows Desktop Search

[2010.08.20 11:22:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Windows Search

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 
 < %ALLUSERSPROFILE%\Application Data\*. >

 
 < %ALLUSERSPROFILE%\Application Data\*.exe /s >

 
 < %APPDATA%\*. >

[2011.05.29 09:45:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Adobe

[2010.04.22 12:36:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\AdobeUM

[2010.11.17 12:40:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Age of Japan II

[2010.10.10 23:02:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Ahead

[2010.12.31 17:16:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Apple Computer

[2010.11.28 20:07:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Astroburn Lite

[2012.03.19 18:35:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Avira

[2010.10.14 21:04:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Azureus

[2010.11.02 23:47:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\DAEMON Tools Lite

[2011.12.17 10:24:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\DDMSettings

[2010.04.21 20:02:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\DivX

[2012.02.21 22:54:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\dvdcss

[2012.01.13 11:15:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\DVDVideoSoft

[2012.01.13 11:17:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\DVDVideoSoftIEHelpers

[2011.07.01 22:03:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Free MP3 WMA Cutter

[2011.06.20 08:59:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\FreeFLVConverter

[2012.03.15 00:30:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\gema

[2012.01.13 22:52:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\GHISLER

[2011.07.17 23:26:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Google

[2011.12.04 23:33:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\gtk-2.0

[2010.04.22 10:48:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Help

[2011.04.14 15:24:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\HP

[2012.03.12 18:49:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\HPAppData

[2011.09.14 16:39:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\HpUpdate

[2010.04.21 11:09:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Identities

[2010.04.24 11:44:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Leadertech

[2010.04.21 12:14:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Macromedia

[2012.03.15 00:04:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Malwarebytes

[2012.01.26 19:22:21 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Microsoft

[2010.04.21 11:29:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Mozilla

[2012.02.29 22:09:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\MyPhoneExplorer

[2010.06.11 16:36:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\phonostar GmbH

[2010.05.29 22:23:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\QuickStoresToolbar

[2012.03.13 09:51:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Skype

[2011.08.26 07:04:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\skypePM

[2010.07.14 11:18:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Sony

[2010.07.14 10:28:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Sony Ericsson

[2010.07.14 11:12:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Sony Setup

[2010.06.06 22:19:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Sun

[2010.07.14 10:56:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Teleca

[2010.07.09 11:20:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\U3

[2010.05.31 11:33:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Uniblue

[2012.02.21 22:59:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\vlc

[2010.08.09 12:11:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Windows Desktop Search

[2010.08.20 11:22:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Windows Search

[2010.04.22 11:24:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\WinRAR

 
 < %APPDATA%\*.exe /s >

[2010.10.14 20:58:55 | 009,038,776 | ---- | M] (Vuze Inc.) -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Azureus\tmp\AZU3514820647951625853.tmp\Vuze_4.5.1.0a_win32.exe

[2010.10.19 10:14:31 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe

[2011.09.07 20:48:25 | 000,010,134 | R--- | M] () -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Microsoft\Installer\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}\ARPPRODUCTICON.exe

[2011.11.10 21:33:26 | 000,013,094 | R--- | M] () -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Microsoft\Installer\{FA0980C9-F697-41EF-A279-DCDD7133C688}\_58925C2FF4B65C0526B8E1.exe

[2011.11.10 21:33:26 | 000,013,094 | R--- | M] () -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Microsoft\Installer\{FA0980C9-F697-41EF-A279-DCDD7133C688}\_6FEFF9B68218417F98F549.exe

[2011.11.10 21:33:26 | 000,013,094 | R--- | M] () -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Microsoft\Installer\{FA0980C9-F697-41EF-A279-DCDD7133C688}\_D3EFA49C5227650FA0722B.exe

[2012.03.20 20:41:12 | 000,158,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Mozilla\Firefox\Profiles\vhmjp5a6.default\FlashGot.exe

[2010.11.17 19:04:13 | 012,500,632 | ---- | M] (                                                            ) -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\phonostar GmbH\phonostar-Player\update.exe

[1 C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\phonostar GmbH\phonostar-Player\*.tmp files -> C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\phonostar GmbH\phonostar-Player\*.tmp -> ]

[2010.05.06 21:43:19 | 000,704,248 | ---- | M] () -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\QuickStoresToolbar\unins000.exe

[2010.03.03 14:00:50 | 000,045,304 | ---- | M] (Andreas Breitschopp - Softwareentwicklung und -vertrieb) -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\QuickStoresToolbar\Update.exe

[2010.07.14 11:13:12 | 033,850,672 | ---- | M] (Apple Inc.) -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\Sony Setup\9234765D-29DF-48d0-93FB-284B7B6009B9\QuickTimeInstaller.exe

[2007.10.23 08:27:20 | 000,110,592 | ---- | M] () -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\U3\temp\cleanup.exe

[2008.05.02 09:41:48 | 003,493,888 | -H-- | M] (SanDisk Corporation) -- C:\Dokumente und Einstellungen\Mone\Anwendungsdaten\U3\temp\Launchpad Removal.exe

 
 < %SYSTEMDRIVE%\*.exe >

[2012.03.18 23:05:01 | 012,038,144 | ---- | M] () -- C:\Ad-Aware_9.6_Install.exe

[2012.01.12 10:00:04 | 000,883,840 | ---- | M] () -- C:\Avira-DE-Cleaner.exe

[2012.03.18 23:08:06 | 087,227,952 | ---- | M] () -- C:\avira_free_antivirus_de1200898.exe

[2012.01.13 11:01:17 | 066,566,416 | ---- | M] (DVDVideoSoft Ltd.                                           ) -- C:\FreeStudio.exe

[2012.01.13 10:57:53 | 019,850,888 | ---- | M] (DVDVideoSoft Ltd.                                           ) -- C:\FreeVideoToMP3Converter504.exe

[2012.01.05 10:38:33 | 004,629,040 | ---- | M] () -- C:\MyPhoneExplorer_Setup_1.8.2-uni.exe

[2001.05.24 11:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE

 
 < MD5 for: AGP440.SYS  >

[2006.02.28 13:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys

[2008.04.14 07:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

[2008.04.14 07:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys

[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys

[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

 
 < MD5 for: ATAPI.SYS  >

[2006.02.28 13:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys

[2008.04.14 07:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys

[2008.04.14 07:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys

[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys

[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

[2006.02.28 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys

 
 < MD5 for: EVENTLOG.DLL  >

[2008.04.14 03:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll

[2008.04.14 03:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll

[2006.02.28 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

 
 < MD5 for: NETLOGON.DLL  >

[2008.04.14 03:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll

[2008.04.14 03:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll

[2006.02.28 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

[2009.02.06 19:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll

[2009.02.06 19:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll

 
 < MD5 for: SCECLI.DLL  >

[2008.04.14 03:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll

[2008.04.14 03:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll

[2006.02.28 13:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll

 
 < MD5 for: USER32.DLL  >

[2006.02.28 13:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll

[2008.04.14 03:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll

[2008.04.14 03:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll

 
 < MD5 for: USERINIT.EXE  >

[2008.04.14 03:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe

[2008.04.14 03:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe

[2006.02.28 13:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

 
 < MD5 for: WINLOGON.EXE  >

[2006.02.28 13:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe

[2012.01.13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

[2008.04.14 03:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe

[2008.04.14 03:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe

 
 < MD5 for: WS2IFSL.SYS  >

[2006.02.28 13:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys

[2006.02.28 13:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys

 
 < %systemroot%\system32\drivers\*.sys /lockedfiles >

[2010.10.29 23:09:58 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

 
 < %systemroot%\System32\config\*.sav >

[2010.04.21 12:52:18 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav

[2010.04.21 12:52:18 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav

[2010.04.21 12:52:18 | 000,430,080 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

 
 < %systemroot%\*. /mp /s >

 
 < %systemroot%\system32\*.dll /lockedfiles >

[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

 
 <           >

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 137 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:E8BE05FA
 

< End of report >

--- --- ---

OTL Logfile:

Code:

OTL Extras logfile created on: 21.03.2012 00:50:28 - Run 1

OTL by OldTimer - Version 3.2.39.1     Folder = C:\Dokumente und Einstellungen\Mone\Desktop

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

1,99 Gb Total Physical Memory | 1,32 Gb Available Physical Memory | 66,20% Memory free

3,84 Gb Paging File | 3,17 Gb Available in Paging File | 82,58% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 74,52 Gb Total Space | 37,02 Gb Free Space | 49,68% Space Free | Partition Type: NTFS

Drive E: | 149,05 Gb Total Space | 104,68 Gb Free Space | 70,23% Space Free | Partition Type: NTFS

Drive G: | 7,38 Gb Total Space | 5,91 Gb Free Space | 80,10% Space Free | Partition Type: FAT32

Drive H: | 465,75 Gb Total Space | 83,10 Gb Free Space | 17,84% Space Free | Partition Type: NTFS

Drive J: | 1397,26 Gb Total Space | 155,19 Gb Free Space | 11,11% Space Free | Partition Type: NTFS

 

Computer Name: PUPPSIE | User Name: Mone | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

 

[HKEY_USERS\S-1-5-21-527237240-1580818891-839522115-1003\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

http [open] -- Reg Error: Key error.

https [open] -- Reg Error: Key error.

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 1

"FirewallOverride" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 
 ========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

"DoNotAllowExceptions" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

 
 ========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)

"C:\Programme\HP\Digital Imaging\bin\hposfx08.exe" = C:\Programme\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)

"C:\Programme\HP\Digital Imaging\bin\hposid01.exe" = C:\Programme\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)

"C:\Programme\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Programme\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- ()

"C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)

"C:\Programme\HP\Digital Imaging\bin\hpoews01.exe" = C:\Programme\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)

"C:\Programme\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Programme\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)

"C:\Programme\HP\Digital Imaging\bin\hpofxs08.exe" = C:\Programme\HP\Digital Imaging\bin\hpofxs08.exe:*:Enabled:hpofxs08.exe -- (Hewlett-Packard Co.)

"C:\Programme\HP\Digital Imaging\bin\hpqfxt08.exe" = C:\Programme\HP\Digital Imaging\bin\hpqfxt08.exe:*:Enabled:hpqfxt08.exe -- (Hewlett-Packard Co.)

"C:\Programme\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Programme\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)

"C:\Programme\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Programme\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)

"C:\Programme\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Programme\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)

"C:\Programme\HP\HP Software Update\HPWUCli.exe" = C:\Programme\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)

"C:\Programme\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Programme\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Programme\Skype\Plugin Manager\skypePM.exe" = C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager

"C:\Programme\Vuze\Azureus.exe" = C:\Programme\Vuze\Azureus.exe:*:Enabled:Azureus

"C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)

"C:\Programme\HP\Digital Imaging\bin\hposfx08.exe" = C:\Programme\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)

"C:\Programme\HP\Digital Imaging\bin\hposid01.exe" = C:\Programme\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)

"C:\Programme\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Programme\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- ()

"C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)

"C:\Programme\HP\Digital Imaging\bin\hpoews01.exe" = C:\Programme\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)

"C:\Programme\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Programme\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)

"C:\Programme\HP\Digital Imaging\bin\hpofxs08.exe" = C:\Programme\HP\Digital Imaging\bin\hpofxs08.exe:*:Enabled:hpofxs08.exe -- (Hewlett-Packard Co.)

"C:\Programme\HP\Digital Imaging\bin\hpqfxt08.exe" = C:\Programme\HP\Digital Imaging\bin\hpqfxt08.exe:*:Enabled:hpqfxt08.exe -- (Hewlett-Packard Co.)

"C:\Programme\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Programme\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)

"C:\Programme\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Programme\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)

"C:\Programme\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Programme\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)

"C:\Programme\HP\HP Software Update\HPWUCli.exe" = C:\Programme\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)

"C:\Programme\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Programme\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)

"C:\Programme\Google\Google Earth\plugin\geplugin.exe" = C:\Programme\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)

"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0138F525-6C8A-333F-A105-14AE030B9A54}" = Visual C++ 9.0 CRT (x86) WinSXS MSM

"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video

"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan

"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects

"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi

"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main

"{172423F9-522A-483A-AD65-03600CE4CA4F}" = Microsoft Works 6-9 Converter

"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool

"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery

"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{25BEC3AB-5CD4-481D-9143-215C1BBB189E}" = Sony Ericsson PC Suite

"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 29

"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in

"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm

"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update

"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform

"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{3EB6F78A-66E3-434f-BD0E-76C7D078DB5E}" = 4500G510af_Software_Min

"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT

"{43002AE2-4093-49E0-A03D-990EE184C568}" = Lyrics Plugin for Windows Media Player

"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg

"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter

"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent

"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3

"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync

"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2

"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply

"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox

"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection

"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher

"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert

"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software

"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)

"{8B9F50F9-BA6F-47c5-990B-76A74A1C68B0}" = 4500G510af

"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update

"{91110407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional

"{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr

"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin

"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer

"{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}" = PixiePack Codec Pack

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5

"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch

"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status

"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger

"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)

"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C175D5B0-ED04-42C9-B23F-D8BD406173E7}" = 4500_G510af_Help

"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant

"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail

"{C60BA916-9E44-4DA4-B11A-9E27B7624EF5}" = Sony Ericsson Drivers

"{C92E7DF1-624A-4D95-A4C4-18CB491B44A4}" = Sony Ericsson Device Data

"{C98517B6-DCE9-49B7-B19E-E384178D3986}" = HP Officejet 4500 G510a-f

"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call

"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software

"{D6BF6477-8369-489F-8DE6-3731F4B88560}" = Sony Ericsson PC Suite

"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support

"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp

"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer

"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime

"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker

"{EFCEF949-9821-4759-A573-3EB8C857DF46}" = Windows Live Family Safety

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{FA0980C9-F697-41EF-A279-DCDD7133C688}" = Pop Art Studio 6.0

"{FBE5AA96-22F0-4C4A-8E92-4BE3498D4CCB}" = Media Go

"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Astroburn Lite" = Astroburn Lite

"Avira AntiVir Desktop" = Avira Free Antivirus

"DivX Setup" = DivX-Setup

"DualCoreCenter_is1" = DualCoreCenter

"FormatFactory" = FormatFactory 2.70

"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4

"Free Audio Converter_is1" = Free Audio Converter version 2.0

"Free FLV Converter_is1" = Free FLV Converter V 6.98.0

"Free MP3 WMA Cutter_is1" = Free MP3 WMA Cutter 3.7.2.5

"Free Studio_is1" = Free Studio version 5.3.3

"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 5.0.4.1228

"Free Video to Sony Phones Converter_is1" = Free Video to Sony Phones Converter version 5.0.2.1125

"Free YouTube Download_is1" = Free YouTube Download version 2.10.31

"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8

"HDMI" = Intel(R) Graphics Media Accelerator Driver

"HP Document Manager" = HP Document Manager 2.0

"HP Imaging Device Functions" = HP Imaging Device Functions 13.0

"HP Smart Web Printing" = HP Smart Web Printing 4.5

"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0

"HPExtendedCapabilities" = HP Customer Participation Program 13.0

"HPOCR" = OCR Software by I.R.I.S. 13.0

"ie8" = Windows Internet Explorer 8

"IrfanView" = IrfanView (remove only)

"KLiteCodecPack_is1" = K-Lite Codec Pack 6.4.0 (Full)

"Liveupdate4_is1" = Liveupdate4

"lvdrivers_12.10" = Logitech Webcam Software-Treiberpaket

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de)

"MPE" = MyPhoneExplorer

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"Nero - Burning Rom!UninstallKey" = Nero 6 Enterprise Edition

"Nero BurnRights!UninstallKey" = Nero BurnRights (Ahead Software)

"NMPUninstallKey" = Ahead NeroMediaPlayer

"Picasa 3" = Picasa 3

"QuickStores-Toolbar_is1" = QuickStores-Toolbar 1.0.0

"Recuva" = Recuva

"SCREEN2EXE_is1" = SCREEN2EXE 3.2 (build:2498)

"Shop for HP Supplies" = Shop for HP Supplies

"SolveigMM AVI Trimmer" = SolveigMM AVI Trimmer

"Totalcmd" = Total Commander (Remove or Repair)

"Uninstall_is1" = Uninstall 1.0.0.1

"VLC media player" = VLC media player 1.1.10

"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Windows Media Player 11

"Windows XP Service Pack" = Windows XP Service Pack 3

"WinGimp-2.0_is1" = GIMP 2.6.11

"WinLiveSuite_Wave3" = Windows Live Essentials

"WinRAR archiver" = WinRAR

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

"Xilisoft 3GP Video Converter" = Xilisoft 3GP Video Converter

 
 ========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-527237240-1580818891-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"PhotoZoom Pro 4" = BenVista PhotoZoom Pro 4.1.2

 
 ========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 15.03.2012 14:37:37 | Computer Name = PUPPSIE | Source = Application Hang | ID = 1002

Description = Stillstehende Anwendung mbam.exe, Version 1.60.0.61, Stillstandmodul

 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

 

Error - 15.03.2012 14:42:57 | Computer Name = PUPPSIE | Source = Windows Search Service | ID = 3013

Description = Eintrag <MAPI://{S-1-5-21-527237240-1580818891-839522115-1003}/PERSÖNLICHE

 ORDNER($10CDF5DA)/X/POSTEINGANG/????????????????????????> in der Hash-Zuordnung

 kann nicht aktualisiert werden.  Kontext:  Anwendung, SystemIndex Katalog  Details:

        Ein

 an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f) 

 

Error - 16.03.2012 04:42:33 | Computer Name = PUPPSIE | Source = Windows Search Service | ID = 3013

Description = Eintrag <C:\DOKUMENTE UND EINSTELLUNGEN\MONE\RECENT\STAFFEL 6.LNK>

 in der Hash-Zuordnung kann nicht aktualisiert werden.  Kontext:  Anwendung, SystemIndex

 Katalog  Details:  Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
 

 

Error - 16.03.2012 04:42:33 | Computer Name = PUPPSIE | Source = Windows Search Service | ID = 3013

Description = Eintrag <C:\DOKUMENTE UND EINSTELLUNGEN\MONE\RECENT\STAFFEL 6.LNK>

 in der Hash-Zuordnung kann nicht aktualisiert werden.  Kontext:  Anwendung, SystemIndex

 Katalog  Details:  Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
 

 

Error - 17.03.2012 18:23:44 | Computer Name = PUPPSIE | Source = Application Error | ID = 1000

Description = Fehlgeschlagene Anwendung 0.9541032774843773h7i.exe, Version 5.0.2134.1,

 fehlgeschlagenes Modul unknown, Version 0.0.0.0, Fehleradresse 0x008c9538.

 

Error - 17.03.2012 20:10:36 | Computer Name = PUPPSIE | Source = Application Hang | ID = 1002

Description = Stillstehende Anwendung 24960-OTL.exe, Version 3.2.36.3, Stillstandmodul

 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

 

Error - 17.03.2012 21:02:02 | Computer Name = PUPPSIE | Source = Application Hang | ID = 1002

Description = Stillstehende Anwendung 24960-OTL.exe, Version 3.2.36.3, Stillstandmodul

 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

 

Error - 17.03.2012 21:02:02 | Computer Name = PUPPSIE | Source = Application Hang | ID = 1002

Description = Stillstehende Anwendung 24960-OTL.exe, Version 3.2.36.3, Stillstandmodul

 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

 

Error - 18.03.2012 18:23:53 | Computer Name = PUPPSIE | Source = Application Error | ID = 1000

Description = Fehlgeschlagene Anwendung divx plus player.exe, Version 10.3.2.6, 

fehlgeschlagenes Modul unknown, Version 0.0.0.0, Fehleradresse 0x04f35693.

 

Error - 20.03.2012 15:44:48 | Computer Name = PUPPSIE | Source = Application Hang | ID = 1002

Description = Stillstehende Anwendung OTL.exe, Version 3.2.39.1, Stillstandmodul

 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

 

[ System Events ]

Error - 15.03.2012 05:46:46 | Computer Name = PUPPSIE | Source = Service Control Manager | ID = 7009

Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Google

 Update-Dienst (gupdate).

 

Error - 15.03.2012 05:46:46 | Computer Name = PUPPSIE | Source = Service Control Manager | ID = 7000

Description = Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden

 Fehlers nicht gestartet:   %%1053

 

Error - 15.03.2012 06:26:40 | Computer Name = PUPPSIE | Source = Service Control Manager | ID = 7009

Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst WMI-Leistungsadapter.

 

Error - 15.03.2012 06:26:40 | Computer Name = PUPPSIE | Source = Service Control Manager | ID = 7000

Description = Der Dienst "WMI-Leistungsadapter" wurde aufgrund folgenden Fehlers

 nicht gestartet:   %%1053

 

Error - 17.03.2012 18:34:28 | Computer Name = PUPPSIE | Source = sptd | ID = 262148

Description = Der Treiber hat einen internen Fehler in seinen Datenstrukturen für

  festgestellt.

 

Error - 17.03.2012 18:35:09 | Computer Name = PUPPSIE | Source = DCOM | ID = 10005

Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"

 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {1BE1F766-5536-11D1-B726-00C04FB926AF}

 

Error - 17.03.2012 18:35:14 | Computer Name = PUPPSIE | Source = Service Control Manager | ID = 7026

Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:

   avgio  avipbb  Fips  intelppm  sptd  ssmdrv

 

Error - 17.03.2012 19:00:03 | Computer Name = PUPPSIE | Source = DCOM | ID = 10005

Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"

 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {1BE1F766-5536-11D1-B726-00C04FB926AF}

 

Error - 19.03.2012 12:58:22 | Computer Name = PUPPSIE | Source = Service Control Manager | ID = 7009

Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst IMAPI-CD-Brenn-COM-Dienste.

 

Error - 19.03.2012 12:58:22 | Computer Name = PUPPSIE | Source = Service Control Manager | ID = 7000

Description = Der Dienst "IMAPI-CD-Brenn-COM-Dienste" wurde aufgrund folgenden Fehlers

 nicht gestartet:   %%1053

 

 

< End of report >

--- --- ---

Code:

 11:29:32.0437 3308        TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18

11:29:32.0500 3308        ============================================================

11:29:32.0500 3308        Current date / time: 2012/03/27 11:29:32.0500

11:29:32.0500 3308        SystemInfo:

11:29:32.0500 3308        

11:29:32.0500 3308        OS Version: 5.1.2600 ServicePack: 3.0

11:29:32.0500 3308        Product type: Workstation

11:29:32.0500 3308        ComputerName: PUPPSIE

11:29:32.0500 3308        UserName: Mone

11:29:32.0500 3308        Windows directory: C:\WINDOWS

11:29:32.0500 3308        System windows directory: C:\WINDOWS

11:29:32.0500 3308        Processor architecture: Intel x86

11:29:32.0500 3308        Number of processors: 2

11:29:32.0500 3308        Page size: 0x1000

11:29:32.0500 3308        Boot type: Normal boot

11:29:32.0500 3308        ============================================================

11:29:35.0171 3308        Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

11:29:35.0171 3308        Drive \Device\Harddisk1\DR2 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

11:29:35.0187 3308        Drive \Device\Harddisk2\DR3 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

11:29:35.0203 3308        \Device\Harddisk0\DR0:

11:29:35.0203 3308        MBR used

11:29:35.0203 3308        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1

11:29:35.0203 3308        \Device\Harddisk1\DR2:

11:29:35.0203 3308        MBR used

11:29:35.0203 3308        \Device\Harddisk1\DR2\Partition0: MBR, Type 0x7, StartLBA 0x3F00, BlocksNum 0x3A380D41

11:29:35.0203 3308        \Device\Harddisk2\DR3:

11:29:35.0203 3308        MBR used

11:29:35.0203 3308        \Device\Harddisk2\DR3\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAEA86800

11:29:35.0828 3308        Initialize success

11:29:35.0828 3308        ============================================================

11:29:37.0687 3368        ============================================================

11:29:37.0687 3368        Scan started

11:29:37.0687 3368        Mode: Manual; 

11:29:37.0687 3368        ============================================================

11:29:39.0328 3368        Abiosdsk - ok

11:29:39.0859 3368        abp480n5 - ok

11:29:40.0468 3368        ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys

11:29:40.0484 3368        ACPI - ok

11:29:40.0890 3368        ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys

11:29:40.0890 3368        ACPIEC - ok

11:29:41.0265 3368        adpu160m - ok

11:29:41.0718 3368        aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

11:29:41.0781 3368        aec - ok

11:29:42.0234 3368        AFD             (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

11:29:42.0296 3368        AFD - ok

11:29:42.0687 3368        Aha154x - ok

11:29:43.0078 3368        aic78u2 - ok

11:29:43.0453 3368        aic78xx - ok

11:29:43.0812 3368        Alerter         (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll

11:29:43.0828 3368        Alerter - ok

11:29:44.0203 3368        ALG             (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe

11:29:44.0203 3368        ALG - ok

11:29:44.0593 3368        AliIde - ok

11:29:45.0703 3368        Ambfilt         (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys

11:29:46.0437 3368        Ambfilt - ok

11:29:46.0875 3368        amsint - ok

11:29:47.0046 3368        AntiVirSchedulerService (a122d68ea2541453f787f341877cb40b) C:\Programme\Avira\AntiVir Desktop\sched.exe

11:29:47.0046 3368        AntiVirSchedulerService - ok

11:29:47.0218 3368        AntiVirService  (2fe359edeb34efcf42574752f8aebd3f) C:\Programme\Avira\AntiVir Desktop\avguard.exe

11:29:47.0234 3368        AntiVirService - ok

11:29:47.0359 3368        Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe

11:29:47.0375 3368        Apple Mobile Device - ok

11:29:47.0765 3368        AppMgmt         (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll

11:29:47.0843 3368        AppMgmt - ok

11:29:48.0203 3368        asc - ok

11:29:48.0562 3368        asc3350p - ok

11:29:48.0921 3368        asc3550 - ok

11:29:49.0171 3368        aspnet_state    (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

11:29:49.0250 3368        aspnet_state - ok

11:29:49.0656 3368        AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

11:29:49.0671 3368        AsyncMac - ok

11:29:50.0093 3368        atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

11:29:50.0093 3368        atapi - ok

11:29:50.0468 3368        Atdisk - ok

11:29:50.0906 3368        Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

11:29:50.0937 3368        Atmarpc - ok

11:29:51.0703 3368        AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll

11:29:51.0703 3368        AudioSrv - ok

11:29:52.0312 3368        audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

11:29:52.0312 3368        audstub - ok

11:29:52.0765 3368        avgntflt        (7713e4eb0276702faa08e52a6e23f2a6) C:\WINDOWS\system32\DRIVERS\avgntflt.sys

11:29:52.0765 3368        avgntflt - ok

11:29:53.0218 3368        avipbb          (13b02b9b969dde270cd7c351203dad3c) C:\WINDOWS\system32\DRIVERS\avipbb.sys

11:29:53.0218 3368        avipbb - ok

11:29:53.0640 3368        avkmgr          (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys

11:29:53.0640 3368        avkmgr - ok

11:29:54.0062 3368        Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

11:29:54.0062 3368        Beep - ok

11:29:54.0578 3368        BITS            (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll

11:29:54.0906 3368        BITS - ok

11:29:55.0187 3368        Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Programme\Bonjour\mDNSResponder.exe

11:29:55.0203 3368        Bonjour Service - ok

11:29:55.0625 3368        Browser         (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll

11:29:55.0640 3368        Browser - ok

11:29:56.0078 3368        cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

11:29:56.0078 3368        cbidf2k - ok

11:29:56.0515 3368        CCDECODE        (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

11:29:56.0515 3368        CCDECODE - ok

11:29:56.0921 3368        cd20xrnt - ok

11:29:57.0343 3368        Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

11:29:57.0359 3368        Cdaudio - ok

11:29:57.0812 3368        Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

11:29:57.0843 3368        Cdfs - ok

11:29:58.0265 3368        Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

11:29:58.0296 3368        Cdrom - ok

11:29:58.0687 3368        Changer - ok

11:29:59.0062 3368        CiSvc           (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe

11:29:59.0062 3368        CiSvc - ok

11:29:59.0468 3368        ClipSrv         (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe

11:29:59.0484 3368        ClipSrv - ok

11:29:59.0765 3368        clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

11:29:59.0875 3368        clr_optimization_v2.0.50727_32 - ok

11:30:00.0250 3368        CmdIde - ok

11:30:00.0593 3368        COMSysApp - ok

11:30:01.0000 3368        Cpqarray - ok

11:30:01.0390 3368        CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll

11:30:01.0390 3368        CryptSvc - ok

11:30:01.0765 3368        dac2w2k - ok

11:30:02.0125 3368        dac960nt - ok

11:30:02.0734 3368        DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll

11:30:02.0750 3368        DcomLaunch - ok

11:30:03.0234 3368        Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll

11:30:03.0234 3368        Dhcp - ok

11:30:03.0671 3368        Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

11:30:03.0687 3368        Disk - ok

11:30:04.0031 3368        dmadmin - ok

11:30:04.0765 3368        dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys

11:30:05.0093 3368        dmboot - ok

11:30:05.0593 3368        dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys

11:30:05.0656 3368        dmio - ok

11:30:06.0093 3368        dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

11:30:06.0109 3368        dmload - ok

11:30:06.0484 3368        dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll

11:30:06.0484 3368        dmserver - ok

11:30:06.0921 3368        DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

11:30:06.0937 3368        DMusic - ok

11:30:07.0343 3368        Dnscache        (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll

11:30:07.0343 3368        Dnscache - ok

11:30:07.0750 3368        Dot3svc         (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll

11:30:07.0812 3368        Dot3svc - ok

11:30:08.0218 3368        dpti2o - ok

11:30:08.0640 3368        drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

11:30:08.0640 3368        drmkaud - ok

11:30:09.0046 3368        EapHost         (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll

11:30:09.0062 3368        EapHost - ok

11:30:09.0453 3368        ERSvc           (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll

11:30:09.0453 3368        ERSvc - ok

11:30:09.0890 3368        Eventlog        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe

11:30:09.0906 3368        Eventlog - ok

11:30:10.0375 3368        EventSystem     (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll

11:30:10.0406 3368        EventSystem - ok

11:30:11.0000 3368        Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

11:30:11.0078 3368        Fastfat - ok

11:30:11.0500 3368        FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll

11:30:11.0500 3368        FastUserSwitchingCompatibility - ok

11:30:11.0921 3368        Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

11:30:11.0937 3368        Fdc - ok

11:30:12.0390 3368        FilterService   (d59274041bbdbfbecd05b92c0c28b51f) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys

11:30:12.0390 3368        FilterService - ok

11:30:12.0828 3368        Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys

11:30:12.0828 3368        Fips - ok

11:30:13.0234 3368        Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

11:30:13.0250 3368        Flpydisk - ok

11:30:13.0718 3368        FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

11:30:13.0781 3368        FltMgr - ok

11:30:14.0062 3368        FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

11:30:14.0109 3368        FontCache3.0.0.0 - ok

11:30:14.0546 3368        fssfltr         (e0087225b137e57239ff40f8ae82059b) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys

11:30:14.0546 3368        fssfltr - ok

11:30:15.0000 3368        fsssvc          (45b52394f9624237f33a8a3d73c0b221) C:\Programme\Windows Live\Family Safety\fsssvc.exe

11:30:15.0281 3368        fsssvc - ok

11:30:15.0718 3368        Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

11:30:15.0718 3368        Fs_Rec - ok

11:30:16.0218 3368        Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

11:30:16.0265 3368        Ftdisk - ok

11:30:16.0687 3368        GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

11:30:16.0687 3368        GEARAspiWDM - ok

11:30:17.0093 3368        ggflt           (007aea2e06e7cef7372e40c277163959) C:\WINDOWS\system32\DRIVERS\ggflt.sys

11:30:17.0109 3368        ggflt - ok

11:30:17.0562 3368        ggsemc          (c73de35960ca75c5ab4ae636b127c64e) C:\WINDOWS\system32\DRIVERS\ggsemc.sys

11:30:17.0578 3368        ggsemc - ok

11:30:18.0000 3368        Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

11:30:18.0015 3368        Gpc - ok

11:30:18.0187 3368        gupdate         (f02a533f517eb38333cb12a9e8963773) C:\Programme\Google\Update\GoogleUpdate.exe

11:30:18.0187 3368        gupdate - ok

11:30:18.0281 3368        gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Programme\Google\Update\GoogleUpdate.exe

11:30:18.0281 3368        gupdatem - ok

11:30:18.0421 3368        gusvc           (c1b577b2169900f4cf7190c39f085794) C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe

11:30:18.0484 3368        gusvc - ok

11:30:18.0968 3368        HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

11:30:18.0968 3368        HDAudBus - ok

11:30:19.0171 3368        helpsvc         (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

11:30:19.0171 3368        helpsvc - ok

11:30:19.0625 3368        HidServ         (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll

11:30:19.0625 3368        HidServ - ok

11:30:20.0046 3368        hidusb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

11:30:20.0046 3368        hidusb - ok

11:30:20.0468 3368        hkmsvc          (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll

11:30:20.0500 3368        hkmsvc - ok

11:30:20.0906 3368        hpn - ok

11:30:21.0156 3368        hpqcxs08        (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Programme\HP\Digital Imaging\bin\hpqcxs08.dll

11:30:21.0156 3368        hpqcxs08 - ok

11:30:21.0359 3368        hpqddsvc        (f3f72a2a86c22610bca5439fa789dd52) C:\Programme\HP\Digital Imaging\bin\hpqddsvc.dll

11:30:21.0359 3368        hpqddsvc - ok

11:30:21.0812 3368        HPZid412        (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys

11:30:21.0828 3368        HPZid412 - ok

11:30:22.0234 3368        HPZipr12        (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

11:30:22.0250 3368        HPZipr12 - ok

11:30:22.0703 3368        HPZius12        (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys

11:30:22.0718 3368        HPZius12 - ok

11:30:23.0250 3368        HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

11:30:23.0250 3368        HTTP - ok

11:30:23.0640 3368        HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll

11:30:23.0656 3368        HTTPFilter - ok

11:30:24.0031 3368        i2omgmt - ok

11:30:24.0421 3368        i2omp - ok

11:30:24.0843 3368        i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

11:30:24.0875 3368        i8042prt - ok

11:30:27.0750 3368        ialm            (0f68e2ec713f132ffb19e45415b09679) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys

11:30:30.0156 3368        ialm - ok

11:30:30.0765 3368        idsvc           (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

11:30:31.0156 3368        idsvc - ok

11:30:31.0640 3368        Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

11:30:31.0656 3368        Imapi - ok

11:30:32.0109 3368        ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe

11:30:32.0109 3368        ImapiService - ok

11:30:32.0500 3368        ini910u - ok

11:30:35.0312 3368        IntcAzAudAddService (718f495096df8d94fb66c9c962646372) C:\WINDOWS\system32\drivers\RtkHDAud.sys

11:30:35.0359 3368        IntcAzAudAddService - ok

11:30:35.0734 3368        IntelIde - ok

11:30:36.0125 3368        intelppm        (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys

11:30:36.0125 3368        intelppm - ok

11:30:36.0562 3368        Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

11:30:36.0578 3368        Ip6Fw - ok

11:30:37.0000 3368        IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

11:30:37.0000 3368        IpFilterDriver - ok

11:30:37.0390 3368        IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

11:30:37.0406 3368        IpInIp - ok

11:30:37.0875 3368        IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

11:30:37.0875 3368        IpNat - ok

11:30:38.0281 3368        iPod Service    (ce004777b92dea56fe14ec900d20baa4) C:\Programme\iPod\bin\iPodService.exe

11:30:38.0281 3368        iPod Service - ok

11:30:38.0750 3368        IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

11:30:38.0781 3368        IPSec - ok

11:30:39.0218 3368        IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

11:30:39.0218 3368        IRENUM - ok

11:30:39.0671 3368        isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys

11:30:39.0687 3368        isapnp - ok

11:30:39.0875 3368        JavaQuickStarterService (381b25dc8e958d905b33130d500bbf29) C:\Programme\Java\jre6\bin\jqs.exe

11:30:39.0875 3368        JavaQuickStarterService - ok

11:30:40.0296 3368        Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

11:30:40.0312 3368        Kbdclass - ok

11:30:40.0734 3368        kbdhid          (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

11:30:40.0734 3368        kbdhid - ok

11:30:41.0218 3368        kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

11:30:41.0218 3368        kmixer - ok

11:30:41.0703 3368        KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

11:30:41.0734 3368        KSecDD - ok

11:30:42.0140 3368        lanmanserver    (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll

11:30:42.0140 3368        lanmanserver - ok

11:30:42.0578 3368        lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll

11:30:42.0578 3368        lanmanworkstation - ok

11:30:42.0953 3368        lbrtfdc - ok

11:30:43.0328 3368        LmHosts         (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll

11:30:43.0328 3368        LmHosts - ok

11:30:43.0781 3368        lvpopflt        (cbf0bf6af73a704211bbb52efacaa8a0) C:\WINDOWS\system32\DRIVERS\lvpopflt.sys

11:30:43.0828 3368        lvpopflt - ok

11:30:44.0265 3368        LVPr2Mon        (8be71d7edb8c7494913722059f760dd0) C:\WINDOWS\system32\Drivers\LVPr2Mon.sys

11:30:44.0265 3368        LVPr2Mon - ok

11:30:44.0453 3368        LVPrcSrv        (2333057542c91ae8228bdccc2e5f2632) C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcSrv.exe

11:30:44.0453 3368        LVPrcSrv - ok

11:30:45.0000 3368        LVRS            (6917b407dbec11b3a078abfc2ec2ac7c) C:\WINDOWS\system32\DRIVERS\lvrs.sys

11:30:45.0000 3368        LVRS - ok

11:30:48.0218 3368        LVUVC           (44876e70e07e9a653bbe423dbfa35a1a) C:\WINDOWS\system32\DRIVERS\lvuvc.sys

11:30:48.0281 3368        LVUVC - ok

11:30:48.0703 3368        MBAMProtector   (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys

11:30:48.0703 3368        MBAMProtector - ok

11:30:49.0062 3368        MBAMService     (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe

11:30:49.0078 3368        MBAMService - ok

11:30:49.0515 3368        MBAMSwissArmy   (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys

11:30:49.0531 3368        MBAMSwissArmy - ok

11:30:49.0750 3368        MDM             (11f714f85530a2bd134074dc30e99fca) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe

11:30:49.0750 3368        MDM - ok

11:30:50.0156 3368        Messenger       (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll

11:30:50.0171 3368        Messenger - ok

11:30:50.0609 3368        mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

11:30:50.0609 3368        mnmdd - ok

11:30:50.0984 3368        mnmsrvc         (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe

11:30:51.0000 3368        mnmsrvc - ok

11:30:51.0406 3368        Modem           (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys

11:30:51.0421 3368        Modem - ok

11:30:52.0609 3368        Monfilt         (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys

11:30:53.0187 3368        Monfilt - ok

11:30:53.0625 3368        Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys

11:30:53.0625 3368        Mouclass - ok

11:30:54.0046 3368        mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys

11:30:54.0046 3368        mouhid - ok

11:30:54.0500 3368        MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

11:30:54.0546 3368        MountMgr - ok

11:30:54.0906 3368        MpKsl1f947b4b - ok

11:30:55.0359 3368        mraid35x - ok

11:30:55.0859 3368        MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

11:30:55.0937 3368        MRxDAV - ok

11:30:56.0562 3368        MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

11:30:56.0765 3368        MRxSmb - ok

11:30:57.0156 3368        MSDTC           (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe

11:30:57.0156 3368        MSDTC - ok

11:30:57.0609 3368        Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

11:30:57.0625 3368        Msfs - ok

11:30:57.0953 3368        MSIServer - ok

11:30:58.0359 3368        MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

11:30:58.0359 3368        MSKSSRV - ok

11:30:58.0796 3368        MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

11:30:58.0796 3368        MSPCLOCK - ok

11:30:59.0218 3368        MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

11:30:59.0218 3368        MSPQM - ok

11:30:59.0781 3368        mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

11:30:59.0781 3368        mssmbios - ok

11:31:00.0265 3368        MSTEE           (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

11:31:00.0281 3368        MSTEE - ok

11:31:00.0953 3368        Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

11:31:01.0015 3368        Mup - ok

11:31:01.0859 3368        NABTSFEC        (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

11:31:01.0890 3368        NABTSFEC - ok

11:31:02.0437 3368        napagent        (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll

11:31:02.0671 3368        napagent - ok

11:31:03.0265 3368        NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

11:31:03.0343 3368        NDIS - ok

11:31:03.0906 3368        NdisIP          (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

11:31:03.0937 3368        NdisIP - ok

11:31:04.0687 3368        NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

11:31:04.0703 3368        NdisTapi - ok

11:31:05.0187 3368        Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

11:31:05.0187 3368        Ndisuio - ok

11:31:05.0828 3368        NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

11:31:05.0875 3368        NdisWan - ok

11:31:06.0437 3368        NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

11:31:06.0453 3368        NDProxy - ok

11:31:06.0921 3368        Net Driver HPZ12 (a081cb6fb9a12668f233eb5414be3a0e) C:\WINDOWS\system32\HPZinw12.dll

11:31:06.0937 3368        Net Driver HPZ12 - ok

11:31:07.0609 3368        NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

11:31:07.0625 3368        NetBIOS - ok

11:31:08.0109 3368        NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

11:31:08.0171 3368        NetBT - ok

11:31:08.0781 3368        NetDDE          (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe

11:31:08.0859 3368        NetDDE - ok

11:31:08.0906 3368        NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe

11:31:08.0906 3368        NetDDEdsdm - ok

11:31:09.0296 3368        Netlogon        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe

11:31:09.0296 3368        Netlogon - ok

11:31:09.0796 3368        Netman          (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll

11:31:09.0812 3368        Netman - ok

11:31:10.0187 3368        NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

11:31:10.0312 3368        NetTcpPortSharing - ok

11:31:11.0031 3368        Nla             (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll

11:31:11.0046 3368        Nla - ok

11:31:11.0875 3368        Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

11:31:11.0906 3368        Npfs - ok

11:31:12.0890 3368        Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

11:31:13.0187 3368        Ntfs - ok

11:31:13.0812 3368        NtLmSsp         (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe

11:31:13.0812 3368        NtLmSsp - ok

11:31:14.0359 3368        NtmsSvc         (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll

11:31:14.0640 3368        NtmsSvc - ok

11:31:15.0062 3368        Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

11:31:15.0062 3368        Null - ok

11:31:15.0515 3368        NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

11:31:15.0562 3368        NwlnkFlt - ok

11:31:15.0984 3368        NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

11:31:16.0000 3368        NwlnkFwd - ok

11:31:16.0468 3368        Parport         (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys

11:31:16.0500 3368        Parport - ok

11:31:17.0046 3368        PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

11:31:17.0062 3368        PartMgr - ok

11:31:17.0515 3368        ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys

11:31:17.0531 3368        ParVdm - ok

11:31:18.0093 3368        PCI             (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys

11:31:18.0125 3368        PCI - ok

11:31:18.0515 3368        PCIDump - ok

11:31:19.0078 3368        PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys

11:31:19.0078 3368        PCIIde - ok

11:31:19.0578 3368        Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys

11:31:19.0671 3368        Pcmcia - ok

11:31:20.0046 3368        PDCOMP - ok

11:31:20.0437 3368        PDFRAME - ok

11:31:20.0921 3368        PDRELI - ok

11:31:21.0312 3368        PDRFRAME - ok

11:31:21.0750 3368        perc2 - ok

11:31:22.0125 3368        perc2hib - ok

11:31:22.0937 3368        PlugPlay        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe

11:31:22.0937 3368        PlugPlay - ok

11:31:23.0328 3368        Pml Driver HPZ12 (65bc271f337637731d3c71455ae1f476) C:\WINDOWS\system32\HPZipm12.dll

11:31:23.0328 3368        Pml Driver HPZ12 - ok

11:31:23.0703 3368        PolicyAgent     (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe

11:31:23.0703 3368        PolicyAgent - ok

11:31:24.0250 3368        PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

11:31:24.0265 3368        PptpMiniport - ok

11:31:24.0718 3368        ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe

11:31:24.0718 3368        ProtectedStorage - ok

11:31:25.0296 3368        PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

11:31:25.0328 3368        PSched - ok

11:31:26.0093 3368        Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

11:31:26.0109 3368        Ptilink - ok

11:31:26.0546 3368        PxHelp20        (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys

11:31:26.0609 3368        PxHelp20 - ok

11:31:27.0171 3368        ql1080 - ok

11:31:27.0562 3368        Ql10wnt - ok

11:31:28.0421 3368        ql12160 - ok

11:31:29.0390 3368        ql1240 - ok

11:31:30.0406 3368        ql1280 - ok

11:31:31.0421 3368        RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

11:31:31.0453 3368        RasAcd - ok

11:31:32.0031 3368        RasAuto         (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll

11:31:32.0062 3368        RasAuto - ok

11:31:32.0921 3368        Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

11:31:32.0968 3368        Rasl2tp - ok

11:31:33.0421 3368        RasMan          (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll

11:31:33.0421 3368        RasMan - ok

11:31:34.0046 3368        RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

11:31:34.0078 3368        RasPppoe - ok

11:31:34.0500 3368        Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

11:31:34.0515 3368        Raspti - ok

11:31:35.0953 3368        Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

11:31:36.0062 3368        Rdbss - ok

11:31:36.0609 3368        RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

11:31:36.0609 3368        RDPCDD - ok

11:31:37.0359 3368        rdpdr           (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

11:31:37.0453 3368        rdpdr - ok

11:31:38.0375 3368        RDPWD           (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys

11:31:38.0453 3368        RDPWD - ok

11:31:39.0203 3368        RDSessMgr       (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe

11:31:39.0265 3368        RDSessMgr - ok

11:31:39.0843 3368        redbook         (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys

11:31:39.0859 3368        redbook - ok

11:31:40.0343 3368        RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll

11:31:40.0359 3368        RemoteAccess - ok

11:31:40.0843 3368        RemoteRegistry  (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll

11:31:40.0843 3368        RemoteRegistry - ok

11:31:41.0265 3368        RpcLocator      (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe

11:31:41.0296 3368        RpcLocator - ok

11:31:42.0000 3368        RpcSs           (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll

11:31:42.0015 3368        RpcSs - ok

11:31:44.0250 3368        RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe

11:31:44.0390 3368        RSVP - ok

11:31:46.0765 3368        RTLE8023xp      (79b4fe884c18dd82d5449f6b6026d092) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys

11:31:46.0875 3368        RTLE8023xp - ok

11:31:48.0625 3368        s1018bus        (1c5c2cb892553d2cf3f45a4bb323fcd6) C:\WINDOWS\system32\DRIVERS\s1018bus.sys

11:31:48.0671 3368        s1018bus - ok

11:31:49.0156 3368        s1018mdfl       (38f5ea219593f19b6b3a1b9c169e3b61) C:\WINDOWS\system32\DRIVERS\s1018mdfl.sys

11:31:49.0156 3368        s1018mdfl - ok

11:31:49.0828 3368        s1018mdm        (666af6b64fc7df92d3ca4819ea91631d) C:\WINDOWS\system32\DRIVERS\s1018mdm.sys

11:31:49.0875 3368        s1018mdm - ok

11:31:50.0328 3368        s1018mgmt       (f4ceda6e2ddff2af8bd745615a7ca9c0) C:\WINDOWS\system32\DRIVERS\s1018mgmt.sys

11:31:50.0406 3368        s1018mgmt - ok

11:31:51.0078 3368        s1018nd5        (3622d9ff2253dcbe885b10736609a4ca) C:\WINDOWS\system32\DRIVERS\s1018nd5.sys

11:31:51.0078 3368        s1018nd5 - ok

11:31:51.0640 3368        s1018obex       (49431efda842b474531c29ffae9f5d09) C:\WINDOWS\system32\DRIVERS\s1018obex.sys

11:31:51.0687 3368        s1018obex - ok

11:31:52.0156 3368        s1018unic       (ac6b514cb4474f4c867d7cdc9cd54f05) C:\WINDOWS\system32\DRIVERS\s1018unic.sys

11:31:52.0203 3368        s1018unic - ok

11:31:53.0093 3368        s115bus         (e1ab463b36a7ef31d8a73a97a9b57afa) C:\WINDOWS\system32\DRIVERS\s115bus.sys

11:31:53.0140 3368        s115bus - ok

11:31:53.0609 3368        s115mdfl        (e24113fc13b8737c94cf4e3415488c76) C:\WINDOWS\system32\DRIVERS\s115mdfl.sys

11:31:53.0609 3368        s115mdfl - ok

11:31:54.0062 3368        s115mdm         (4029e49e7c673aa0670bd206b0af1b5b) C:\WINDOWS\system32\DRIVERS\s115mdm.sys

11:31:54.0109 3368        s115mdm - ok

11:31:54.0609 3368        s115mgmt        (eb02ab4ca8bccecfde236cad8fc6e135) C:\WINDOWS\system32\DRIVERS\s115mgmt.sys

11:31:54.0656 3368        s115mgmt - ok

11:31:55.0140 3368        s115obex        (089869db9ffd2ac807fa87fe82ac7761) C:\WINDOWS\system32\DRIVERS\s115obex.sys

11:31:55.0187 3368        s115obex - ok

11:31:55.0640 3368        s125bus         (06847aa6f3a9bf7c44134d00a2e578c0) C:\WINDOWS\system32\DRIVERS\s125bus.sys

11:31:55.0671 3368        s125bus - ok

11:31:56.0390 3368        s125mdfl        (f83f88e1b125308fb5015ea0349502b0) C:\WINDOWS\system32\DRIVERS\s125mdfl.sys

11:31:56.0406 3368        s125mdfl - ok

11:31:56.0875 3368        s125mdm         (402a97756c14940ad6ae5169c2fb105e) C:\WINDOWS\system32\DRIVERS\s125mdm.sys

11:31:56.0921 3368        s125mdm - ok

11:31:57.0500 3368        s125mgmt        (82b14c51de76825ec769a6374e4c57d6) C:\WINDOWS\system32\DRIVERS\s125mgmt.sys

11:31:57.0546 3368        s125mgmt - ok

11:31:58.0046 3368        s125obex        (bedfc5707c356fd073bf1a4afe442d91) C:\WINDOWS\system32\DRIVERS\s125obex.sys

11:31:58.0109 3368        s125obex - ok

11:31:58.0546 3368        SamSs           (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe

11:31:58.0562 3368        SamSs - ok

11:31:58.0984 3368        SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe

11:31:59.0031 3368        SCardSvr - ok

11:31:59.0734 3368        Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll

11:31:59.0750 3368        Schedule - ok

11:32:00.0171 3368        Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

11:32:00.0171 3368        Secdrv - ok

11:32:00.0531 3368        seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll

11:32:00.0531 3368        seclogon - ok

11:32:00.0906 3368        SENS            (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll

11:32:00.0906 3368        SENS - ok

11:32:01.0437 3368        serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

11:32:01.0437 3368        serenum - ok

11:32:01.0890 3368        Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys

11:32:01.0906 3368        Serial - ok

11:32:02.0359 3368        Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

11:32:02.0359 3368        Sfloppy - ok

11:32:02.0875 3368        SharedAccess    (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll

11:32:02.0921 3368        SharedAccess - ok

11:32:03.0343 3368        ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll

11:32:03.0343 3368        ShellHWDetection - ok

11:32:03.0984 3368        Simbad - ok

11:32:04.0546 3368        SLIP            (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

11:32:04.0562 3368        SLIP - ok

11:32:04.0921 3368        Sparrow - ok

11:32:05.0343 3368        splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

11:32:05.0359 3368        splitter - ok

11:32:05.0734 3368        Spooler         (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe

11:32:05.0734 3368        Spooler - ok

11:32:06.0421 3368        sptd            (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys

11:32:06.0437 3368        Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505

11:32:06.0437 3368        sptd ( LockedFile.Multi.Generic ) - warning

11:32:06.0437 3368        sptd - detected LockedFile.Multi.Generic (1)

11:32:06.0921 3368        sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys

11:32:06.0953 3368        sr - ok

11:32:07.0406 3368        srservice       (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll

11:32:07.0406 3368        srservice - ok

11:32:07.0984 3368        Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

11:32:08.0156 3368        Srv - ok

11:32:08.0562 3368        SSDPSRV         (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll

11:32:08.0562 3368        SSDPSRV - ok

11:32:09.0328 3368        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys

11:32:09.0328 3368        ssmdrv - ok

11:32:09.0843 3368        stisvc          (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll

11:32:09.0906 3368        stisvc - ok

11:32:10.0343 3368        streamip        (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

11:32:10.0359 3368        streamip - ok

11:32:10.0781 3368        swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

11:32:10.0781 3368        swenum - ok

11:32:11.0203 3368        swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

11:32:11.0218 3368        swmidi - ok

11:32:11.0640 3368        SwPrv - ok

11:32:12.0125 3368        symc810 - ok

11:32:12.0515 3368        symc8xx - ok

11:32:13.0046 3368        sym_hi - ok

11:32:13.0468 3368        sym_u3 - ok

11:32:13.0875 3368        sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

11:32:13.0906 3368        sysaudio - ok

11:32:14.0375 3368        SysmonLog       (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe

11:32:14.0406 3368        SysmonLog - ok

11:32:14.0890 3368        TapiSrv         (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll

11:32:14.0890 3368        TapiSrv - ok

11:32:15.0453 3368        Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\TCPIP.SYS

11:32:15.0625 3368        Tcpip - ok

11:32:16.0031 3368        TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

11:32:16.0031 3368        TDPIPE - ok

11:32:16.0718 3368        TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

11:32:16.0734 3368        TDTCP - ok

11:32:17.0140 3368        TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

11:32:17.0156 3368        TermDD - ok

11:32:17.0625 3368        TermService     (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll

11:32:17.0671 3368        TermService - ok

11:32:18.0062 3368        Themes          (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll

11:32:18.0078 3368        Themes - ok

11:32:18.0468 3368        TlntSvr         (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\system32\tlntsvr.exe

11:32:18.0500 3368        TlntSvr - ok

11:32:18.0937 3368        TosIde - ok

11:32:19.0437 3368        TrkWks          (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll

11:32:19.0437 3368        TrkWks - ok

11:32:19.0859 3368        Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

11:32:19.0875 3368        Udfs - ok

11:32:20.0250 3368        ultra - ok

11:32:20.0812 3368        Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

11:32:20.0968 3368        Update - ok

11:32:21.0406 3368        upnphost        (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll

11:32:21.0500 3368        upnphost - ok

11:32:21.0890 3368        UPS             (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe

11:32:21.0906 3368        UPS - ok

11:32:22.0359 3368        usbaudio        (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys

11:32:22.0390 3368        usbaudio - ok

11:32:22.0796 3368        usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

11:32:22.0812 3368        usbccgp - ok

11:32:23.0234 3368        usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

11:32:23.0250 3368        usbehci - ok

11:32:23.0703 3368        usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

11:32:23.0718 3368        usbhub - ok

11:32:24.0328 3368        usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

11:32:24.0343 3368        usbprint - ok

11:32:24.0750 3368        usbscan         (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

11:32:24.0765 3368        usbscan - ok

11:32:25.0171 3368        usbser          (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\DRIVERS\usbser.sys

11:32:25.0187 3368        usbser - ok

11:32:25.0593 3368        USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

11:32:25.0609 3368        USBSTOR - ok

11:32:26.0031 3368        usbuhci         (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

11:32:26.0031 3368        usbuhci - ok

11:32:26.0546 3368        usbvideo        (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys

11:32:26.0625 3368        usbvideo - ok

11:32:27.0031 3368        VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

11:32:27.0046 3368        VgaSave - ok

11:32:27.0421 3368        ViaIde - ok

11:32:27.0843 3368        VolSnap         (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys

11:32:27.0859 3368        VolSnap - ok

11:32:28.0359 3368        VSS             (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe

11:32:28.0468 3368        VSS - ok

11:32:28.0921 3368        W32Time         (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll

11:32:28.0921 3368        W32Time - ok

11:32:29.0359 3368        Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

11:32:29.0375 3368        Wanarp - ok

11:32:29.0953 3368        Wdf01000        (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys

11:32:30.0171 3368        Wdf01000 - ok

11:32:30.0562 3368        WDICA - ok

11:32:31.0109 3368        wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

11:32:31.0187 3368        wdmaud - ok

11:32:31.0578 3368        WebClient       (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll

11:32:31.0593 3368        WebClient - ok

11:32:32.0015 3368        winmgmt         (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll

11:32:32.0031 3368        winmgmt - ok

11:32:32.0406 3368        WmdmPmSN        (051b1bdecd6dee18c771b5d5ec7f044d) C:\WINDOWS\system32\MsPMSNSv.dll

11:32:32.0421 3368        WmdmPmSN - ok

11:32:33.0031 3368        Wmi             (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll

11:32:33.0046 3368        Wmi - ok

11:32:33.0546 3368        WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe

11:32:33.0546 3368        WmiApSrv - ok

11:32:34.0109 3368        WMPNetworkSvc   (d3dbd6e76f4be9bee67eb631488b5f29) C:\Programme\Windows Media Player\WMPNetwk.exe

11:32:34.0593 3368        WMPNetworkSvc - ok

11:32:35.0031 3368        WpdUsb          (c60dc16d4e406810fad54b98dc92d5ec) C:\WINDOWS\system32\DRIVERS\wpdusb.sys

11:32:35.0046 3368        WpdUsb - ok

11:32:35.0468 3368        wscsvc          (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll

11:32:35.0468 3368        wscsvc - ok

11:32:35.0890 3368        WSearch - ok

11:32:36.0359 3368        WSTCODEC        (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

11:32:36.0375 3368        WSTCODEC - ok

11:32:36.0765 3368        wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll

11:32:36.0781 3368        wuauserv - ok

11:32:37.0203 3368        WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

11:32:37.0234 3368        WudfPf - ok

11:32:37.0656 3368        WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

11:32:37.0687 3368        WudfRd - ok

11:32:38.0109 3368        WudfSvc         (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll

11:32:38.0109 3368        WudfSvc - ok

11:32:38.0781 3368        WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll

11:32:38.0921 3368        WZCSVC - ok

11:32:39.0343 3368        xmlprov         (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll

11:32:39.0421 3368        xmlprov - ok

11:32:39.0843 3368        MBR (0x1B8)     (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0

11:32:40.0203 3368        \Device\Harddisk0\DR0 - ok

11:32:40.0234 3368        MBR (0x1B8)     (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR2

11:32:40.0234 3368        \Device\Harddisk1\DR2 - ok

11:32:40.0250 3368        MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk2\DR3

11:32:40.0250 3368        \Device\Harddisk2\DR3 - ok

11:32:40.0343 3368        Boot (0x1200)   (c26e33a19b326a21b3bdfabf27f1031c) \Device\Harddisk0\DR0\Partition0

11:32:40.0390 3368        \Device\Harddisk0\DR0\Partition0 - ok

11:32:40.0390 3368        Boot (0x1200)   (afa5273584d158ddd2c8bc72c1aee70f) \Device\Harddisk1\DR2\Partition0

11:32:40.0406 3368        \Device\Harddisk1\DR2\Partition0 - ok

11:32:40.0406 3368        Boot (0x1200)   (cacc095ab2ebfa29e6482702ec7448d7) \Device\Harddisk2\DR3\Partition0

11:32:40.0421 3368        \Device\Harddisk2\DR3\Partition0 - ok

11:32:40.0421 3368        ============================================================

11:32:40.0421 3368        Scan finished

11:32:40.0421 3368        ============================================================

11:32:40.0421 0472        Detected object count: 1

11:32:40.0421 0472        Actual detected object count: 1

11:33:23.0796 0472        sptd ( LockedFile.Multi.Generic ) - skipped by user

11:33:23.0796 0472        sptd ( LockedFile.Multi.Generic ) - User select action: Skip 

11:33:35.0781 3708        ============================================================

11:33:35.0781 3708        Scan started

11:33:35.0781 3708        Mode: Manual; SigCheck; TDLFS; 

11:33:35.0781 3708        ============================================================

11:33:36.0453 3708        Abiosdsk - ok

11:33:36.0953 3708        abp480n5 - ok

11:33:37.0468 3708        ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys

11:33:45.0000 3708        ACPI - ok

11:33:45.0484 3708        ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys

11:33:45.0734 3708        ACPIEC - ok

11:33:46.0109 3708        adpu160m - ok

11:33:46.0640 3708        aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

11:33:46.0812 3708        aec - ok

11:33:47.0296 3708        AFD             (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

11:33:47.0468 3708        AFD - ok

11:33:47.0875 3708        Aha154x - ok

11:33:48.0281 3708        aic78u2 - ok

11:33:48.0671 3708        aic78xx - ok

11:33:49.0062 3708        Alerter         (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll

11:33:49.0250 3708        Alerter - ok

11:33:49.0718 3708        ALG             (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe

11:33:49.0968 3708        ALG - ok

11:33:50.0359 3708        AliIde - ok

11:33:51.0500 3708        Ambfilt         (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys

11:33:57.0312 3708        Ambfilt - ok

11:33:57.0703 3708        amsint - ok

11:33:57.0859 3708        AntiVirSchedulerService (a122d68ea2541453f787f341877cb40b) C:\Programme\Avira\AntiVir Desktop\sched.exe

11:33:57.0875 3708        AntiVirSchedulerService - ok

11:33:58.0062 3708        AntiVirService  (2fe359edeb34efcf42574752f8aebd3f) C:\Programme\Avira\AntiVir Desktop\avguard.exe

11:33:58.0093 3708        AntiVirService - ok

11:33:58.0218 3708        Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe

11:33:58.0250 3708        Apple Mobile Device - ok

11:33:58.0718 3708        AppMgmt         (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll

11:33:58.0968 3708        AppMgmt - ok

11:33:59.0375 3708        asc - ok

11:33:59.0765 3708        asc3350p - ok

11:34:00.0250 3708        asc3550 - ok

11:34:00.0890 3708        aspnet_state    (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

11:34:01.0093 3708        aspnet_state - ok

11:34:01.0546 3708        AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

11:34:01.0765 3708        AsyncMac - ok

11:34:02.0296 3708        atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

11:34:02.0515 3708        atapi - ok

11:34:02.0906 3708        Atdisk - ok

11:34:03.0343 3708        Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

11:34:03.0515 3708        Atmarpc - ok

11:34:04.0015 3708        AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll

11:34:04.0250 3708        AudioSrv - ok

11:34:04.0671 3708        audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

11:34:04.0859 3708        audstub - ok

11:34:05.0375 3708        avgntflt        (7713e4eb0276702faa08e52a6e23f2a6) C:\WINDOWS\system32\DRIVERS\avgntflt.sys

11:34:05.0421 3708        avgntflt - ok

11:34:06.0046 3708        avipbb          (13b02b9b969dde270cd7c351203dad3c) C:\WINDOWS\system32\DRIVERS\avipbb.sys

11:34:06.0078 3708        avipbb - ok

11:34:06.0546 3708        avkmgr          (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys

11:34:06.0562 3708        avkmgr - ok

11:34:07.0015 3708        Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

11:34:07.0203 3708        Beep - ok

11:34:07.0921 3708        BITS            (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll

11:34:08.0265 3708        BITS - ok

11:34:08.0578 3708        Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Programme\Bonjour\mDNSResponder.exe

11:34:08.0718 3708        Bonjour Service - ok

11:34:09.0156 3708        Browser         (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll

11:34:09.0390 3708        Browser - ok

11:34:09.0796 3708        cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

11:34:10.0015 3708        cbidf2k - ok

11:34:10.0625 3708        CCDECODE        (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

11:34:10.0828 3708        CCDECODE - ok

11:34:11.0218 3708        cd20xrnt - ok

11:34:11.0671 3708        Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

11:34:11.0906 3708        Cdaudio - ok

11:34:12.0359 3708        Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

11:34:12.0562 3708        Cdfs - ok

11:34:13.0140 3708        Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

11:34:13.0359 3708        Cdrom - ok

11:34:13.0781 3708        Changer - ok

11:34:14.0187 3708        CiSvc           (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe

11:34:14.0437 3708        CiSvc - ok

11:34:14.0828 3708        ClipSrv         (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe

11:34:15.0062 3708        ClipSrv - ok

11:34:15.0421 3708        clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

11:34:15.0437 3708        clr_optimization_v2.0.50727_32 - ok

11:34:15.0843 3708        CmdIde - ok

11:34:16.0187 3708        COMSysApp - ok

11:34:16.0578 3708        Cpqarray - ok

11:34:16.0984 3708        CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll

11:34:17.0187 3708        CryptSvc - ok

11:34:17.0625 3708        dac2w2k - ok

11:34:18.0109 3708        dac960nt - ok

11:34:18.0640 3708        DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll

11:34:18.0859 3708        DcomLaunch - ok

11:34:19.0296 3708        Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll

11:34:19.0531 3708        Dhcp - ok

11:34:19.0968 3708        Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

11:34:20.0187 3708        Disk - ok

11:34:20.0531 3708        dmadmin - ok

11:34:21.0250 3708        dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys

11:34:21.0750 3708        dmboot - ok

11:34:22.0281 3708        dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys

11:34:22.0484 3708        dmio - ok

11:34:23.0015 3708        dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

11:34:23.0218 3708        dmload - ok

11:34:23.0609 3708        dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll

11:34:23.0843 3708        dmserver - ok

11:34:24.0312 3708        DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

11:34:24.0781 3708        DMusic - ok

11:34:25.0203 3708        Dnscache        (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll

11:34:25.0328 3708        Dnscache - ok

11:34:25.0765 3708        Dot3svc         (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll

11:34:25.0953 3708        Dot3svc - ok

11:34:26.0328 3708        dpti2o - ok

11:34:26.0937 3708        drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

11:34:27.0187 3708        drmkaud - ok

11:34:27.0859 3708        EapHost         (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll

11:34:28.0062 3708        EapHost - ok

11:34:28.0687 3708        ERSvc           (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll

11:34:28.0921 3708        ERSvc - ok

11:34:29.0593 3708        Eventlog        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe

11:34:29.0640 3708        Eventlog - ok

11:34:30.0109 3708        EventSystem     (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll

11:34:30.0171 3708        EventSystem - ok

11:34:30.0812 3708        Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

11:34:31.0015 3708        Fastfat - ok

11:34:31.0562 3708        FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll

11:34:31.0656 3708        FastUserSwitchingCompatibility - ok

11:34:32.0093 3708        Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

11:34:32.0296 3708        Fdc - ok

11:34:32.0875 3708        FilterService   (d59274041bbdbfbecd05b92c0c28b51f) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys

11:34:32.0921 3708        FilterService - ok

11:34:33.0578 3708        Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys

11:34:33.0781 3708        Fips - ok

11:34:34.0203 3708        Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

11:34:34.0421 3708        Flpydisk - ok

11:34:34.0921 3708        FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

11:34:35.0140 3708        FltMgr - ok

11:34:35.0515 3708        FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

11:34:35.0546 3708        FontCache3.0.0.0 - ok

11:34:35.0984 3708        fssfltr         (e0087225b137e57239ff40f8ae82059b) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys

11:34:36.0000 3708        fssfltr - ok

11:34:36.0406 3708        fsssvc          (45b52394f9624237f33a8a3d73c0b221) C:\Programme\Windows Live\Family Safety\fsssvc.exe

11:34:36.0656 3708        fsssvc - ok

11:34:37.0062 3708        Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

11:34:37.0234 3708        Fs_Rec - ok

11:34:37.0921 3708        Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

11:34:38.0093 3708        Ftdisk - ok

11:34:38.0500 3708        GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

11:34:38.0515 3708        GEARAspiWDM - ok

11:34:38.0921 3708        ggflt           (007aea2e06e7cef7372e40c277163959) C:\WINDOWS\system32\DRIVERS\ggflt.sys

11:34:38.0921 3708        ggflt - ok

11:34:39.0375 3708        ggsemc          (c73de35960ca75c5ab4ae636b127c64e) C:\WINDOWS\system32\DRIVERS\ggsemc.sys

11:34:39.0375 3708        ggsemc - ok

11:34:39.0812 3708        Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

11:34:40.0125 3708        Gpc - ok

11:34:40.0281 3708        gupdate         (f02a533f517eb38333cb12a9e8963773) C:\Programme\Google\Update\GoogleUpdate.exe

11:34:40.0312 3708        gupdate - ok

11:34:40.0375 3708        gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Programme\Google\Update\GoogleUpdate.exe

11:34:40.0390 3708        gupdatem - ok

11:34:40.0562 3708        gusvc           (c1b577b2169900f4cf7190c39f085794) C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe

11:34:40.0578 3708        gusvc - ok

11:34:41.0078 3708        HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

11:34:41.0234 3708        HDAudBus - ok

11:34:41.0453 3708        helpsvc         (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

11:34:41.0593 3708        helpsvc - ok

11:34:41.0953 3708        HidServ         (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll

11:34:42.0109 3708        HidServ - ok

11:34:42.0687 3708        hidusb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

11:34:42.0812 3708        hidusb - ok

11:34:43.0187 3708        hkmsvc          (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll

11:34:43.0343 3708        hkmsvc - ok

11:34:43.0718 3708        hpn - ok

11:34:43.0953 3708        hpqcxs08        (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Programme\HP\Digital Imaging\bin\hpqcxs08.dll

11:34:43.0984 3708        hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning

11:34:43.0984 3708        hpqcxs08 - detected UnsignedFile.Multi.Generic (1)

11:34:44.0171 3708        hpqddsvc        (f3f72a2a86c22610bca5439fa789dd52) C:\Programme\HP\Digital Imaging\bin\hpqddsvc.dll

11:34:44.0171 3708        hpqddsvc ( UnsignedFile.Multi.Generic ) - warning

11:34:44.0171 3708        hpqddsvc - detected UnsignedFile.Multi.Generic (1)

11:34:44.0718 3708        HPZid412        (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys

11:34:44.0937 3708        HPZid412 - ok

11:34:45.0343 3708        HPZipr12        (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

11:34:45.0375 3708        HPZipr12 - ok

11:34:45.0796 3708        HPZius12        (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys

11:34:45.0859 3708        HPZius12 - ok

11:34:46.0375 3708        HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

11:34:46.0484 3708        HTTP - ok

11:34:46.0968 3708        HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll

11:34:47.0203 3708        HTTPFilter - ok

11:34:47.0578 3708        i2omgmt - ok

11:34:47.0937 3708        i2omp - ok

11:34:48.0343 3708        i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

11:34:48.0515 3708        i8042prt - ok

11:34:51.0671 3708        ialm            (0f68e2ec713f132ffb19e45415b09679) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys

11:34:54.0531 3708        ialm - ok

11:34:55.0109 3708        idsvc           (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

11:34:55.0468 3708        idsvc - ok

11:34:55.0890 3708        Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

11:34:56.0031 3708        Imapi - ok

11:34:56.0718 3708        ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe

11:34:56.0890 3708        ImapiService - ok

11:34:57.0265 3708        ini910u - ok

11:35:00.0093 3708        IntcAzAudAddService (718f495096df8d94fb66c9c962646372) C:\WINDOWS\system32\drivers\RtkHDAud.sys

11:35:02.0765 3708        IntcAzAudAddService - ok

11:35:03.0125 3708        IntelIde - ok

11:35:03.0640 3708        intelppm        (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys

11:35:03.0812 3708        intelppm - ok

11:35:04.0218 3708        Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

11:35:04.0375 3708        Ip6Fw - ok

11:35:04.0812 3708        IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

11:35:04.0984 3708        IpFilterDriver - ok

11:35:05.0375 3708        IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

11:35:05.0515 3708        IpInIp - ok

11:35:06.0031 3708        IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

11:35:06.0171 3708        IpNat - ok

11:35:06.0562 3708        iPod Service    (ce004777b92dea56fe14ec900d20baa4) C:\Programme\iPod\bin\iPodService.exe

11:35:06.0812 3708        iPod Service - ok

11:35:07.0234 3708        IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

11:35:07.0390 3708        IPSec - ok

11:35:07.0812 3708        IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

11:35:08.0000 3708        IRENUM - ok

11:35:08.0421 3708        isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys

11:35:08.0593 3708        isapnp - ok

11:35:08.0765 3708        JavaQuickStarterService (381b25dc8e958d905b33130d500bbf29) C:\Programme\Java\jre6\bin\jqs.exe

11:35:08.0781 3708        JavaQuickStarterService - ok

11:35:09.0187 3708        Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

11:35:09.0328 3708        Kbdclass - ok

11:35:09.0750 3708        kbdhid          (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

11:35:09.0890 3708        kbdhid - ok

11:35:10.0531 3708        kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

11:35:10.0671 3708        kmixer - ok

11:35:11.0109 3708        KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

11:35:11.0203 3708        KSecDD - ok

11:35:11.0625 3708        lanmanserver    (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll

11:35:11.0703 3708        lanmanserver - ok

11:35:12.0109 3708        lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll

11:35:12.0187 3708        lanmanworkstation - ok

11:35:12.0578 3708        lbrtfdc - ok

11:35:12.0937 3708        LmHosts         (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll

11:35:13.0078 3708        LmHosts - ok

11:35:13.0515 3708        lvpopflt        (cbf0bf6af73a704211bbb52efacaa8a0) C:\WINDOWS\system32\DRIVERS\lvpopflt.sys

11:35:13.0546 3708        lvpopflt - ok

11:35:13.0984 3708        LVPr2Mon        (8be71d7edb8c7494913722059f760dd0) C:\WINDOWS\system32\Drivers\LVPr2Mon.sys

11:35:13.0984 3708        LVPr2Mon - ok

11:35:14.0156 3708        LVPrcSrv        (2333057542c91ae8228bdccc2e5f2632) C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcSrv.exe

11:35:14.0171 3708        LVPrcSrv - ok

11:35:14.0781 3708        LVRS            (6917b407dbec11b3a078abfc2ec2ac7c) C:\WINDOWS\system32\DRIVERS\lvrs.sys

11:35:14.0796 3708        LVRS - ok

11:35:17.0953 3708        LVUVC           (44876e70e07e9a653bbe423dbfa35a1a) C:\WINDOWS\system32\DRIVERS\lvuvc.sys

11:35:22.0828 3708        LVUVC - ok

11:35:24.0562 3708        MBAMProtector   (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys

11:35:24.0578 3708        MBAMProtector - ok

11:35:25.0687 3708        MBAMService     (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe

11:35:26.0109 3708        MBAMService - ok

11:35:28.0140 3708        MBAMSwissArmy   (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys

11:35:28.0234 3708        MBAMSwissArmy - ok

11:35:29.0328 3708        MDM             (11f714f85530a2bd134074dc30e99fca) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe

11:35:29.0343 3708        MDM - ok

11:35:29.0734 3708        Messenger       (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll

11:35:29.0875 3708        Messenger - ok

11:35:30.0296 3708        mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

11:35:30.0484 3708        mnmdd - ok

11:35:30.0890 3708        mnmsrvc         (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe

11:35:31.0109 3708        mnmsrvc - ok

11:35:31.0531 3708        Modem           (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys

11:35:31.0671 3708        Modem - ok

11:35:32.0609 3708        Monfilt         (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys

11:35:33.0218 3708        Monfilt - ok

11:35:33.0625 3708        Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys

11:35:33.0765 3708        Mouclass - ok

11:35:34.0171 3708        mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys

11:35:34.0312 3708        mouhid - ok

11:35:34.0734 3708        MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

11:35:34.0890 3708        MountMgr - ok

11:35:35.0281 3708        MpKsl1f947b4b - ok

11:35:35.0828 3708        mraid35x - ok

11:35:36.0328 3708        MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

11:35:36.0468 3708        MRxDAV - ok

11:35:37.0062 3708        MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

11:35:37.0265 3708        MRxSmb - ok

11:35:37.0640 3708        MSDTC           (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe

11:35:37.0796 3708        MSDTC - ok

11:35:38.0265 3708        Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

11:35:38.0390 3708        Msfs - ok

11:35:38.0734 3708        MSIServer - ok

11:35:39.0140 3708        MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

11:35:39.0281 3708        MSKSSRV - ok

11:35:39.0687 3708        MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

11:35:39.0828 3708        MSPCLOCK - ok

11:35:40.0328 3708        MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

11:35:40.0468 3708        MSPQM - ok

11:35:40.0875 3708        mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

11:35:41.0015 3708        mssmbios - ok

11:35:41.0468 3708        MSTEE           (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

11:35:41.0687 3708        MSTEE - ok

11:35:42.0125 3708        Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

11:35:42.0171 3708        Mup - ok

11:35:42.0593 3708        NABTSFEC        (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

11:35:42.0734 3708        NABTSFEC - ok

11:35:43.0203 3708        napagent        (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll

11:35:43.0343 3708        napagent - ok

11:35:43.0843 3708        NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

11:35:44.0093 3708        NDIS - ok

11:35:44.0468 3708        NdisIP          (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

11:35:44.0609 3708        NdisIP - ok

11:35:45.0000 3708        NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

11:35:45.0062 3708        NdisTapi - ok

11:35:45.0484 3708        Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

11:35:45.0625 3708        Ndisuio - ok

11:35:46.0046 3708        NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

11:35:46.0234 3708        NdisWan - ok

11:35:46.0640 3708        NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

11:35:46.0718 3708        NDProxy - ok

11:35:47.0078 3708        Net Driver HPZ12 (a081cb6fb9a12668f233eb5414be3a0e) C:\WINDOWS\system32\HPZinw12.dll

11:35:47.0093 3708        Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

11:35:47.0093 3708        Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

11:35:47.0500 3708        NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

11:35:47.0656 3708        NetBIOS - ok

11:35:48.0109 3708        NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

11:35:48.0250 3708        NetBT - ok

11:35:48.0656 3708        NetDDE          (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe

11:35:48.0828 3708        NetDDE - ok

11:35:48.0875 3708        NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe

11:35:49.0000 3708        NetDDEdsdm - ok

11:35:49.0359 3708        Netlogon        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe

11:35:49.0500 3708        Netlogon - ok

11:35:49.0953 3708        Netman          (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll

11:35:50.0093 3708        Netman - ok

11:35:50.0484 3708        NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

11:35:50.0500 3708        NetTcpPortSharing - ok

11:35:50.0984 3708        Nla             (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll

11:35:51.0031 3708        Nla - ok

11:35:51.0437 3708        Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

11:35:51.0593 3708        Npfs - ok

11:35:52.0203 3708        Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

11:35:52.0484 3708        Ntfs - ok

11:35:53.0093 3708        NtLmSsp         (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe

11:35:53.0234 3708        NtLmSsp - ok

11:35:53.0750 3708        NtmsSvc         (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll

11:35:54.0015 3708        NtmsSvc - ok

11:35:54.0406 3708        Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

11:35:54.0546 3708        Null - ok

11:35:54.0937 3708        NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

11:35:55.0093 3708        NwlnkFlt - ok

11:35:55.0578 3708        NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

11:35:55.0703 3708        NwlnkFwd - ok

11:35:56.0140 3708        Parport         (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys

11:35:56.0265 3708        Parport - ok

11:35:56.0687 3708        PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

11:35:56.0859 3708        PartMgr - ok

11:35:57.0281 3708        ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys

11:35:57.0437 3708        ParVdm - ok

11:35:57.0984 3708        PCI             (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys

11:35:58.0140 3708        PCI - ok

11:35:58.0515 3708        PCIDump - ok

11:35:58.0937 3708        PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys

11:35:59.0078 3708        PCIIde - ok

11:36:00.0265 3708        Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys

11:36:00.0578 3708        Pcmcia - ok

11:36:01.0875 3708        PDCOMP - ok

11:36:02.0937 3708        PDFRAME - ok

11:36:04.0015 3708        PDRELI - ok

11:36:05.0531 3708        PDRFRAME - ok

11:36:07.0546 3708        perc2 - ok

11:36:08.0515 3708        perc2hib - ok

11:36:09.0046 3708        PlugPlay        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe

11:36:09.0093 3708        PlugPlay - ok

11:36:09.0500 3708        Pml Driver HPZ12 (65bc271f337637731d3c71455ae1f476) C:\WINDOWS\system32\HPZipm12.dll

11:36:09.0531 3708        Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

11:36:09.0531 3708        Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

11:36:09.0890 3708        PolicyAgent     (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe

11:36:10.0015 3708        PolicyAgent - ok

11:36:10.0625 3708        PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

11:36:10.0812 3708        PptpMiniport - ok

11:36:11.0156 3708        ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe

11:36:11.0296 3708        ProtectedStorage - ok

11:36:11.0734 3708        PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

11:36:11.0875 3708        PSched - ok

11:36:12.0296 3708        Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

11:36:12.0437 3708        Ptilink - ok

11:36:12.0843 3708        PxHelp20        (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys

11:36:12.0843 3708        PxHelp20 - ok

11:36:13.0218 3708        ql1080 - ok

11:36:13.0578 3708        Ql10wnt - ok

11:36:13.0968 3708        ql12160 - ok

11:36:14.0343 3708        ql1240 - ok

11:36:14.0734 3708        ql1280 - ok

11:36:15.0312 3708        RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

11:36:15.0437 3708        RasAcd - ok

11:36:15.0843 3708        RasAuto         (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll

11:36:15.0984 3708        RasAuto - ok

11:36:16.0390 3708        Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

11:36:16.0578 3708        Rasl2tp - ok

11:36:17.0000 3708        RasMan          (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll

11:36:17.0140 3708        RasMan - ok

11:36:17.0609 3708        RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

11:36:17.0750 3708        RasPppoe - ok

11:36:18.0171 3708        Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

11:36:18.0312 3708        Raspti - ok

11:36:18.0781 3708        Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

11:36:18.0937 3708        Rdbss - ok

11:36:19.0390 3708        RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

11:36:19.0546 3708        RDPCDD - ok

11:36:20.0046 3708        rdpdr           (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

11:36:20.0234 3708        rdpdr - ok

11:36:20.0687 3708        RDPWD           (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys

11:36:20.0765 3708        RDPWD - ok

11:36:21.0187 3708        RDSessMgr       (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe

11:36:21.0343 3708        RDSessMgr - ok

11:36:21.0765 3708        redbook         (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys

11:36:21.0906 3708        redbook - ok

11:36:22.0265 3708        RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll

11:36:22.0406 3708        RemoteAccess - ok

11:36:22.0812 3708        RemoteRegistry  (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll

11:36:22.0953 3708        RemoteRegistry - ok

11:36:23.0359 3708        RpcLocator      (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe

11:36:23.0515 3708        RpcLocator - ok

11:36:24.0125 3708        RpcSs           (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll

11:36:24.0359 3708        RpcSs - ok

11:36:24.0750 3708        RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe

11:36:24.0890 3708        RSVP - ok

11:36:25.0359 3708        RTLE8023xp      (79b4fe884c18dd82d5449f6b6026d092) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys

11:36:25.0500 3708        RTLE8023xp - ok

11:36:25.0953 3708        s1018bus        (1c5c2cb892553d2cf3f45a4bb323fcd6) C:\WINDOWS\system32\DRIVERS\s1018bus.sys

11:36:25.0984 3708        s1018bus - ok

11:36:26.0500 3708        s1018mdfl       (38f5ea219593f19b6b3a1b9c169e3b61) C:\WINDOWS\system32\DRIVERS\s1018mdfl.sys

11:36:26.0500 3708        s1018mdfl - ok

11:36:26.0937 3708        s1018mdm        (666af6b64fc7df92d3ca4819ea91631d) C:\WINDOWS\system32\DRIVERS\s1018mdm.sys

11:36:26.0953 3708        s1018mdm - ok

11:36:27.0406 3708        s1018mgmt       (f4ceda6e2ddff2af8bd745615a7ca9c0) C:\WINDOWS\system32\DRIVERS\s1018mgmt.sys

11:36:27.0515 3708        s1018mgmt - ok

11:36:27.0937 3708        s1018nd5        (3622d9ff2253dcbe885b10736609a4ca) C:\WINDOWS\system32\DRIVERS\s1018nd5.sys

11:36:27.0937 3708        s1018nd5 - ok

11:36:28.0421 3708        s1018obex       (49431efda842b474531c29ffae9f5d09) C:\WINDOWS\system32\DRIVERS\s1018obex.sys

11:36:28.0500 3708        s1018obex - ok

11:36:29.0046 3708        s1018unic       (ac6b514cb4474f4c867d7cdc9cd54f05) C:\WINDOWS\system32\DRIVERS\s1018unic.sys

11:36:29.0078 3708        s1018unic - ok

11:36:29.0500 3708        s115bus         (e1ab463b36a7ef31d8a73a97a9b57afa) C:\WINDOWS\system32\DRIVERS\s115bus.sys

11:36:29.0515 3708        s115bus - ok

11:36:29.0984 3708        s115mdfl        (e24113fc13b8737c94cf4e3415488c76) C:\WINDOWS\system32\DRIVERS\s115mdfl.sys

11:36:30.0328 3708        s115mdfl - ok

11:36:30.0781 3708        s115mdm         (4029e49e7c673aa0670bd206b0af1b5b) C:\WINDOWS\system32\DRIVERS\s115mdm.sys

11:36:30.0796 3708        s115mdm - ok

11:36:31.0484 3708        s115mgmt        (eb02ab4ca8bccecfde236cad8fc6e135) C:\WINDOWS\system32\DRIVERS\s115mgmt.sys

11:36:31.0500 3708        s115mgmt - ok

11:36:31.0937 3708        s115obex        (089869db9ffd2ac807fa87fe82ac7761) C:\WINDOWS\system32\DRIVERS\s115obex.sys

11:36:31.0953 3708        s115obex - ok

11:36:32.0390 3708        s125bus         (06847aa6f3a9bf7c44134d00a2e578c0) C:\WINDOWS\system32\DRIVERS\s125bus.sys

11:36:32.0406 3708        s125bus - ok

11:36:32.0828 3708        s125mdfl        (f83f88e1b125308fb5015ea0349502b0) C:\WINDOWS\system32\DRIVERS\s125mdfl.sys

11:36:32.0843 3708        s125mdfl - ok

11:36:33.0312 3708        s125mdm         (402a97756c14940ad6ae5169c2fb105e) C:\WINDOWS\system32\DRIVERS\s125mdm.sys

11:36:33.0328 3708        s125mdm - ok

11:36:33.0781 3708        s125mgmt        (82b14c51de76825ec769a6374e4c57d6) C:\WINDOWS\system32\DRIVERS\s125mgmt.sys

11:36:33.0796 3708        s125mgmt - ok

11:36:34.0265 3708        s125obex        (bedfc5707c356fd073bf1a4afe442d91) C:\WINDOWS\system32\DRIVERS\s125obex.sys

11:36:34.0265 3708        s125obex - ok

11:36:34.0625 3708        SamSs           (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe

11:36:34.0765 3708        SamSs - ok

11:36:35.0140 3708        SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe

11:36:35.0328 3708        SCardSvr - ok

11:36:35.0828 3708        Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll

11:36:36.0015 3708        Schedule - ok

11:36:36.0437 3708        Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

11:36:36.0562 3708        Secdrv - ok

11:36:36.0921 3708        seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll

11:36:37.0062 3708        seclogon - ok

11:36:37.0531 3708        SENS            (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll

11:36:37.0718 3708        SENS - ok

11:36:38.0203 3708        serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

11:36:38.0421 3708        serenum - ok

11:36:38.0875 3708        Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys

11:36:39.0156 3708        Serial - ok

11:36:40.0843 3708        Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

11:36:41.0093 3708        Sfloppy - ok

11:36:42.0656 3708        SharedAccess    (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll

11:36:44.0875 3708        SharedAccess - ok

11:36:45.0765 3708        ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll

11:36:45.0828 3708        ShellHWDetection - ok

11:36:46.0843 3708        Simbad - ok

11:36:48.0343 3708        SLIP            (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

11:36:48.0578 3708        SLIP - ok

11:36:49.0937 3708        Sparrow - ok

11:36:51.0406 3708        splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

11:36:51.0640 3708        splitter - ok

11:36:52.0140 3708        Spooler         (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe

11:36:52.0187 3708        Spooler - ok

11:36:52.0906 3708        sptd            (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys

11:36:52.0906 3708        Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505

11:36:52.0906 3708        sptd ( LockedFile.Multi.Generic ) - warning

11:36:52.0906 3708        sptd - detected LockedFile.Multi.Generic (1)

11:36:53.0375 3708        sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys

11:36:53.0562 3708        sr - ok

11:36:54.0015 3708        srservice       (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll

11:36:54.0171 3708        srservice - ok

11:36:54.0921 3708        Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

11:36:55.0484 3708        Srv - ok

11:36:55.0859 3708        SSDPSRV         (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll

11:36:56.0062 3708        SSDPSRV - ok

11:36:56.0781 3708        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys

11:36:56.0796 3708        ssmdrv - ok

11:36:57.0296 3708        stisvc          (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll

11:36:57.0625 3708        stisvc - ok

11:36:58.0109 3708        streamip        (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

11:36:58.0328 3708        streamip - ok

11:36:58.0875 3708        swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

11:36:59.0062 3708        swenum - ok

11:36:59.0500 3708        swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

11:36:59.0703 3708        swmidi - ok

11:37:00.0062 3708        SwPrv - ok

11:37:00.0437 3708        symc810 - ok

11:37:00.0843 3708        symc8xx - ok

11:37:01.0500 3708        sym_hi - ok

11:37:01.0875 3708        sym_u3 - ok

11:37:02.0328 3708        sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

11:37:02.0562 3708        sysaudio - ok

11:37:02.0968 3708        SysmonLog       (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe

11:37:03.0187 3708        SysmonLog - ok

11:37:03.0750 3708        TapiSrv         (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll

11:37:03.0953 3708        TapiSrv - ok

11:37:04.0531 3708        Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\TCPIP.SYS

11:37:04.0703 3708        Tcpip - ok

11:37:05.0125 3708        TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

11:37:05.0281 3708        TDPIPE - ok

11:37:05.0718 3708        TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

11:37:05.0937 3708        TDTCP - ok

11:37:06.0406 3708        TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

11:37:06.0593 3708        TermDD - ok

11:37:07.0109 3708        TermService     (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll

11:37:07.0359 3708        TermService - ok

11:37:07.0781 3708        Themes          (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll

11:37:07.0812 3708        Themes - ok

11:37:08.0234 3708        TlntSvr         (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\system32\tlntsvr.exe

11:37:08.0484 3708        TlntSvr - ok

11:37:08.0875 3708        TosIde - ok

11:37:09.0265 3708        TrkWks          (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll

11:37:09.0468 3708        TrkWks - ok

11:37:09.0921 3708        Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

11:37:10.0093 3708        Udfs - ok

11:37:10.0500 3708        ultra - ok

11:37:11.0234 3708        Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

11:37:11.0531 3708        Update - ok

11:37:11.0984 3708        upnphost        (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll

11:37:12.0156 3708        upnphost - ok

11:37:12.0546 3708        UPS             (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe

11:37:12.0718 3708        UPS - ok

11:37:13.0281 3708        usbaudio        (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys

11:37:13.0484 3708        usbaudio - ok

11:37:13.0921 3708        usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

11:37:14.0093 3708        usbccgp - ok

11:37:14.0546 3708        usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

11:37:14.0687 3708        usbehci - ok

11:37:15.0125 3708        usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

11:37:15.0312 3708        usbhub - ok

11:37:15.0906 3708        usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

11:37:16.0093 3708        usbprint - ok

11:37:16.0515 3708        usbscan         (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

11:37:16.0671 3708        usbscan - ok

11:37:17.0125 3708        usbser          (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\DRIVERS\usbser.sys

11:37:17.0328 3708        usbser - ok

11:37:17.0968 3708        USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

11:37:18.0140 3708        USBSTOR - ok

11:37:18.0562 3708        usbuhci         (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

11:37:18.0750 3708        usbuhci - ok

11:37:19.0187 3708        usbvideo        (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys

11:37:19.0390 3708        usbvideo - ok

11:37:19.0812 3708        VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

11:37:19.0984 3708        VgaSave - ok

11:37:20.0484 3708        ViaIde - ok

11:37:20.0984 3708        VolSnap         (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys

11:37:21.0156 3708        VolSnap - ok

11:37:21.0703 3708        VSS             (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe

11:37:21.0921 3708        VSS - ok

11:37:22.0500 3708        W32Time         (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll

11:37:22.0859 3708        W32Time - ok

11:37:23.0906 3708        Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

11:37:24.0203 3708        Wanarp - ok

11:37:26.0171 3708        Wdf01000        (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys

11:37:26.0484 3708        Wdf01000 - ok

11:37:30.0140 3708        WDICA - ok

11:37:33.0171 3708        wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

11:37:33.0515 3708        wdmaud - ok

11:37:34.0968 3708        WebClient       (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll

11:37:35.0187 3708        WebClient - ok

11:37:35.0609 3708        winmgmt         (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll

11:37:35.0812 3708        winmgmt - ok

11:37:36.0234 3708        WmdmPmSN        (051b1bdecd6dee18c771b5d5ec7f044d) C:\WINDOWS\system32\MsPMSNSv.dll

11:37:36.0406 3708        WmdmPmSN - ok

11:37:37.0812 3708        Wmi             (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll

11:37:39.0515 3708        Wmi - ok

11:37:40.0328 3708        WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe

11:37:40.0640 3708        WmiApSrv - ok

11:37:41.0687 3708        WMPNetworkSvc   (d3dbd6e76f4be9bee67eb631488b5f29) C:\Programme\Windows Media Player\WMPNetwk.exe

11:37:42.0125 3708        WMPNetworkSvc - ok

11:37:42.0718 3708        WpdUsb          (c60dc16d4e406810fad54b98dc92d5ec) C:\WINDOWS\system32\DRIVERS\wpdusb.sys

11:37:42.0781 3708        WpdUsb - ok

11:37:43.0203 3708        wscsvc          (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll

11:37:43.0406 3708        wscsvc - ok

11:37:43.0984 3708        WSearch - ok

11:37:44.0500 3708        WSTCODEC        (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

11:37:44.0718 3708        WSTCODEC - ok

11:37:45.0093 3708        wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll

11:37:45.0312 3708        wuauserv - ok

11:37:46.0640 3708        WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

11:37:46.0968 3708        WudfPf - ok

11:37:47.0468 3708        WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

11:37:47.0562 3708        WudfRd - ok

11:37:47.0984 3708        WudfSvc         (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll

11:37:48.0046 3708        WudfSvc - ok

11:37:49.0000 3708        WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll

11:37:49.0359 3708        WZCSVC - ok

11:37:49.0828 3708        xmlprov         (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll

11:37:50.0093 3708        xmlprov - ok

11:37:50.0531 3708        MBR (0x1B8)     (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0

11:37:51.0250 3708        \Device\Harddisk0\DR0 ( TDSS File System ) - warning

11:37:51.0250 3708        \Device\Harddisk0\DR0 - detected TDSS File System (1)

11:37:51.0250 3708        MBR (0x1B8)     (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR2

11:37:51.0390 3708        \Device\Harddisk1\DR2 - ok

11:37:51.0406 3708        MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk2\DR3

11:37:51.0687 3708        \Device\Harddisk2\DR3 - ok

11:37:51.0781 3708        Boot (0x1200)   (c26e33a19b326a21b3bdfabf27f1031c) \Device\Harddisk0\DR0\Partition0

11:37:51.0781 3708        \Device\Harddisk0\DR0\Partition0 - ok

11:37:51.0796 3708        Boot (0x1200)   (afa5273584d158ddd2c8bc72c1aee70f) \Device\Harddisk1\DR2\Partition0

11:37:51.0796 3708        \Device\Harddisk1\DR2\Partition0 - ok

11:37:51.0828 3708        Boot (0x1200)   (cacc095ab2ebfa29e6482702ec7448d7) \Device\Harddisk2\DR3\Partition0

11:37:51.0828 3708        \Device\Harddisk2\DR3\Partition0 - ok

11:37:51.0828 3708        ============================================================

11:37:51.0828 3708        Scan finished

11:37:51.0828 3708        ============================================================

11:37:51.0953 1596        Detected object count: 6

11:37:51.0953 1596        Actual detected object count: 6

11:39:12.0234 1596        hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user

11:39:12.0234 1596        hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

11:39:12.0234 1596        hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user

11:39:12.0234 1596        hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 

11:39:12.0250 1596        Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

11:39:12.0250 1596        Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

11:39:12.0250 1596        Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

11:39:12.0250 1596        Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

11:39:12.0250 1596        sptd ( LockedFile.Multi.Generic ) - skipped by user

11:39:12.0250 1596        sptd ( LockedFile.Multi.Generic ) - User select action: Skip 

11:39:12.0250 1596        \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

11:39:12.0250 1596        \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip