Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Infizierte Registrierungsschlüssel (https://www.trojaner-board.de/113262-infizierte-registrierungsschluessel.html)

Jagger192 07.04.2012 11:16
Infizierte Registrierungsschlüssel
 
Hi

Habe hier schon ein thema mit dem laptop von meinen bruder.
Dachte mir ich kann mal über meinen gamer-pc malwarebytes laufen lassen und habe auch 13 einträge bekommen unter anderem im Registrierungsschlüssel.

Hier mal der ganze bericht.

Malwarebytes Anti-Malware (Test) 1.60.1.1000
www.malwarebytes.org

Datenbank Version: v2012.04.07.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Jagger :: JAEGER [Administrator]

Schutz: Aktiviert

06.10.2007 22:59:14
mbam-log-2007-10-06 (22-59-14).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 291712
Laufzeit: 47 Minute(n), 7 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (Adware.Mongoose) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 1
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bösartig: (1) Gut: (0) -> Erfolgreich ersetzt und in Quarantäne gestellt.

Infizierte Verzeichnisse: 5
C:\Programme\RelevantKnowledge (PUP.Spyware.MarketScore) -> Keine Aktion durchgeführt.
C:\Programme\RelevantKnowledge\components (PUP.Spyware.MarketScore) -> Keine Aktion durchgeführt.
C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\RelevantKnowledge (PUP.Spyware.MarketScore) -> Keine Aktion durchgeführt.
C:\Dokumente und Einstellungen\All Users\Application Data\SalesMon (Rogue.Multiple) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Dokumente und Einstellungen\All Users\Application Data\SalesMon\Data (Rogue.Multiple) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 7
O:\System Volume Information\_restore{76F88FA9-22F7-4C86-BEF8-3B814320775E}\RP192\A0428247.exe (PUP.OfferBundler.ST) -> Keine Aktion durchgeführt.
C:\Programme\RelevantKnowledge\install.rdf (PUP.Spyware.MarketScore) -> Keine Aktion durchgeführt.
C:\Programme\RelevantKnowledge\rloci.bin (PUP.Spyware.MarketScore) -> Keine Aktion durchgeführt.
C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\RelevantKnowledge\About RelevantKnowledge.lnk (PUP.Spyware.MarketScore) -> Keine Aktion durchgeführt.
C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\RelevantKnowledge\Privacy Policy and User License Agreement.lnk (PUP.Spyware.MarketScore) -> Keine Aktion durchgeführt.
C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\RelevantKnowledge\Support.lnk (PUP.Spyware.MarketScore) -> Keine Aktion durchgeführt.
O:\Nicht verwendete Desktopverknüpfungen\setup.exe (Adware.Mongoose) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)


Was ist zu tun?
Denke mal ist nicht ok so.

Danke schon mal Jagger

cosinus 07.04.2012 19:18
Malwarebytes erstellt bei jedem Scanvorgang genau ein Log. Hast du in der Vergangenheit schonmal mit Malwarebytes gescannt?
Wenn ja dann stehen auch alle Logs zu jedem Scanvorgang im Reiter Logdateien. Bitte alle posten, die dort sichtbar sind.

Jagger192 07.04.2012 19:50
Hi

Ja hatte vor 3-4 Jahren schon mal probleme mit den ich hier war.
Leider habe ich keine log berichte mehr von den weil ich malwarebytes neu insterlieren muste weil ich es nicht akualisieren konnte.

Hier der link vom alten post

http://www.trojaner-board.de/52981-v...ging-loss.html
.

cosinus 07.04.2012 19:51
Führ bitte auch ESET aus, danach sehen wir weiter:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Jagger192 07.04.2012 20:33
Hi

Bekomme von der eset seite nicht runter.
Wenn ich auf starten klick beomme ich immer die meldung


Diese Webseite wurde geschlossen, um den Computer zu schützen.

avast ist aus.
fierwall auch

Jagger

Hi

Habe es doch noch geschaft. Die add-ons waren schuld.

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=1928483cf8d5144c945ab7d46ae31f44
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-04-08 07:48:34
# local_time=2012-04-08 09:48:34 (+0100, Westeuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=768 16777215 100 0 50677208 50677208 0 0
# compatibility_mode=1280 16777195 100 0 0 0 0 0
# compatibility_mode=2560 16777215 100 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 185 185 0 0
# scanned=81842
# found=9
# cleaned=0
# scan_time=2026
C:\Dokumente und Einstellungen\Jagger\Eigene Dateien\ComboFix.exe probably a variant of Win32/Agent.NMHEITL trojan (unable to clean) 00000000000000000000000000000000 I
C:\QooBox\Quarantine\C\WINDOWS\system32\allcqwcb.ini.vir Win32/Adware.Virtumonde.NEO application (unable to clean) 00000000000000000000000000000000 I
C:\QooBox\Quarantine\C\WINDOWS\system32\hjfuwhym.ini.vir Win32/Adware.Virtumonde.NEO application (unable to clean) 00000000000000000000000000000000 I
C:\QooBox\Quarantine\C\WINDOWS\system32\kRCdNqru.ini.vir Win32/Adware.Virtumonde.NEO application (unable to clean) 00000000000000000000000000000000 I
C:\QooBox\Quarantine\C\WINDOWS\system32\kRCdNqru.ini2.vir Win32/Adware.Virtumonde.NEO application (unable to clean) 00000000000000000000000000000000 I
C:\QooBox\Quarantine\C\WINDOWS\system32\rgvibvwn.ini.vir Win32/Adware.Virtumonde.NEO application (unable to clean) 00000000000000000000000000000000 I
O:\Everest_Poker.exe a variant of Win32/Casino application (unable to clean) 00000000000000000000000000000000 I
O:\SoftonicDownloader14297.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I
O:\SoftonicDownloader85222.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I


Jagger

cosinus 08.04.2012 16:13
Zitat:
C:\QooBox\Quarantine\C\WINDOWS\system32\rgvibvwn.ini.vir
Hattest du damals Combofix zuletzt ausgefürt? Wenn ja, stammt dieser Quarantäneordner noch von dem damligen Lauf mit Combofix

Zitat:
O:\SoftonicDownloader85222.exe
Finger weg von Softonic!!

Softonic ist eine Toolbar- und Adwareschleuder! Finger weg! Software lädt man sich mit oberster Priorität direkt vom Hersteller und nicht von solchen Toolbarklitschen wie Softonic! Im Notfall würde natürlich chip.de gehen


Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log
CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Jagger192 09.04.2012 11:59
Hi

Hier der erste log.

Code:
OTL logfile created on: 09.04.2012 12:53:02 - Run 1
OTL by OldTimer - Version 3.2.39.2    Folder = C:\Dokumente und Einstellungen\Jagger\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,50 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 85,72% Memory free
5,34 Gb Paging File | 5,02 Gb Available in Paging File | 94,14% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 48,83 Gb Total Space | 3,98 Gb Free Space | 8,15% Space Free | Partition Type: NTFS
Drive O: | 195,31 Gb Total Space | 2,16 Gb Free Space | 1,11% Space Free | Partition Type: NTFS
Drive W: | 221,62 Gb Total Space | 1,89 Gb Free Space | 0,85% Space Free | Partition Type: NTFS
 
Computer Name: JAEGER | User Name: Jagger | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\Jagger\desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Programme\Spyware Doctor\pctsAuxs.exe (PC Tools)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Delux\PS2 Keyboard English Edition\Keyboard.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Alwil Software\Avast5\defs\12040900\algo.dll ()
MOD - C:\Programme\Alwil Software\Avast5\defs\12040800\algo.dll ()
MOD - C:\Programme\Delux\PS2 Keyboard English Edition\Keyboard.exe ()
MOD - C:\Programme\Delux\PS2 Keyboard English Edition\Deluxkbd.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (LexBceS) -- C:\WINDOWS\system32\LEXBCES.EXE File not found
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (avast! Antivirus) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (sdAuxService) -- C:\Programme\Spyware Doctor\pctsAuxs.exe (PC Tools)
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (WDICA) --  File not found
DRV - (StarOpen) --  File not found
DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\SASKUTIL.sys File not found
DRV - (SASENUM) -- C:\Programme\SUPERAntiSpyware\SASENUM.SYS File not found
DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\SASDIFSV.SYS File not found
DRV - (PDRFRAME) --  File not found
DRV - (PDRELI) --  File not found
DRV - (PDFRAME) --  File not found
DRV - (PDCOMP) --  File not found
DRV - (PCIDump) --  File not found
DRV - (NETFRITZ) -- System32\DRIVERS\NETFRITZ.SYS File not found
DRV - (motmodem) -- system32\DRIVERS\motmodem.sys File not found
DRV - (LXARScan) -- System32\Drivers\Lxarscan.sys File not found
DRV - (lbrtfdc) --  File not found
DRV - (i2omgmt) --  File not found
DRV - (Changer) --  File not found
DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (AR9271) -- C:\WINDOWS\system32\drivers\athuw.sys (Atheros Communications, Inc.)
DRV - (PCTCore) -- C:\WINDOWS\system32\drivers\PCTCore.sys (PC Tools)
DRV - (tbhsd) -- C:\WINDOWS\system32\drivers\tbhsd.sys (RapidSolution Software AG)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (ezplay) -- C:\WINDOWS\system32\drivers\ezplay.sys (VSO Software)
DRV - (gdrv) -- C:\WINDOWS\gdrv.sys (Windows (R) 2000 DDK provider)
DRV - (DAdderFltr) -- C:\WINDOWS\system32\drivers\dadder.sys (Razer (Asia-Pacific) Pte Ltd)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation                          )
DRV - (JRAID) -- C:\WINDOWS\system32\drivers\jraid.sys (JMicron Technology Corp.)
DRV - (speedfan) -- C:\WINDOWS\system32\speedfan.sys (Windows (R) 2000 DDK provider)
DRV - (usb2vcom) -- C:\WINDOWS\system32\drivers\usb2vcom.sys ()
DRV - (JGOGO) -- C:\WINDOWS\system32\drivers\JGOGO.sys (JMicron )
DRV - (fpcibase) -- C:\WINDOWS\system32\drivers\fpcibase.sys (AVM Berlin)
DRV - (AVMWAN) -- C:\WINDOWS\system32\drivers\avmwan.sys (AVM GmbH)
DRV - (AVMPORT) -- C:\WINDOWS\system32\drivers\avmport.sys (AVM Berlin)
DRV - (DIGIRPS) -- C:\WINDOWS\system32\drivers\digirlpt.sys (Digi International, Inc.)
DRV - (giveio) -- C:\WINDOWS\system32\giveio.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.biut.de/
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://supertoolbar.ask.com/redirect?client=ie&tb=DVDX2&o=14642&src=crm&q={searchTerms}&locale=de_DE
IE - HKCU\..\SearchScopes\{45598712-1ED3-4F4E-9848-132393493C78}: "URL" = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GPEA_de
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\firefox\extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: C:\Programme\RelevantKnowledge
 
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
 
O1 HOSTS File: ([2008.05.25 15:01:44 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Programme\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\System32\JMRaidSetup.exe (Gigabyte Technology Corp.)
O4 - HKLM..\Run: [avast5] C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\PS2 Keyboard English Edition.lnk = C:\Programme\Delux\PS2 Keyboard English Edition\Keyboard.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
O15 - HKCU\..Trusted Domains: eset.com ([www] http in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: internet ([]about in Lokales Intranet)
O16 - DPF: {00000161-0000-0010-8000-00AA00389B71} hxxp://codecs.microsoft.com/codecs/i386/msaudio.cab (Reg Error: Key error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {41564D57-9980-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36EB01F/wmvadvd.cab (Reg Error: Key error.)
O16 - DPF: {5d86ddb5-bdf9-441b-9e9e-d4730f4ee499} hxxp://download.bitdefender.com/resources/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8984FBF3-2C22-4454-A416-8F56993FD9BE}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ABB1E62E-D031-4642-985A-B2F80FC3E540}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Jagger\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Jagger\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.03.19 03:48:17 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{24f57d01-f9f7-11de-a276-806d6172696f}\Shell\AutoRun\command - "" = E:\setupSNK.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2100.02.08 17:03:54 | 000,053,248 | ---- | C] (Silitek Corp.) -- C:\Programme\ACMonitor_X73.exe
[2012.04.09 12:45:17 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Jagger\Desktop\OTL.exe
[2012.04.08 09:11:43 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2012.04.08 09:04:09 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2012.04.08 09:03:38 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2012.04.08 09:02:39 | 000,139,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.04.09 12:49:01 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.04.09 12:45:19 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Jagger\Desktop\OTL.exe
[2012.04.09 12:42:10 | 000,004,940 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012.04.09 12:42:08 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.04.09 12:42:02 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.04.09 12:36:05 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.04.08 10:25:29 | 000,093,480 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.04.08 10:23:17 | 000,451,126 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.04.08 10:23:17 | 000,434,658 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.04.08 10:23:17 | 000,081,656 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.04.08 10:23:17 | 000,068,748 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.04.08 10:19:55 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.03.21 10:32:18 | 000,638,784 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Dokumente und Einstellungen\Jagger\Desktop\autoruns.exe
[2012.03.21 10:32:18 | 000,557,888 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Dokumente und Einstellungen\Jagger\Desktop\autorunsc.exe
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2100.02.23 15:35:34 | 000,000,768 | ---- | C] () -- C:\Programme\x73_lut.dat
[2100.02.08 16:53:34 | 000,001,437 | ---- | C] () -- C:\Programme\gtx73.ini
[2012.04.08 10:11:28 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012.04.08 09:03:37 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.04.08 09:03:37 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2010.08.31 18:07:43 | 000,000,078 | ---- | C] () -- C:\WINDOWS\wiso.ini
 
========== LOP Check ==========
 
[2009.10.03 10:03:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\1Click DVD Copy Pro
[2010.08.30 15:25:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Alwil Software
[2008.12.11 19:39:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ashampoo
[2010.08.31 18:07:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Buhl Data Service GmbH
[2011.03.29 10:02:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canneverbe Limited
[2009.01.01 15:05:51 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2009.01.04 18:25:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ElsterFormular
[2009.01.28 20:40:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\GraphicRemedy
[2009.07.20 17:40:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Installations
[2009.06.18 11:51:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2009.10.05 18:19:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RapidSolution
[2007.10.07 01:22:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecTaskMan
[2007.10.07 07:22:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SlySoft
[2009.07.05 10:03:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2011.02.15 21:07:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TP-LINK
[2008.05.10 11:03:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint
[2008.05.10 11:03:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\acccore
[2008.12.11 19:40:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Ashampoo
[2011.03.29 10:02:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Canneverbe Limited
[2008.11.29 13:05:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Command & Conquer 3 Tiberium Wars
[2011.03.15 12:13:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\DC++
[2008.03.30 14:05:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\DeepBurner
[2009.02.11 20:48:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\FileZilla
[2008.11.14 10:12:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\FRITZ!
[2009.01.28 20:43:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\gDEBugger
[2009.10.03 09:53:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\GetRightToGo
[2007.01.01 00:18:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\GlarySoft
[2008.09.14 13:03:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\gtk-2.0
[2007.03.20 05:09:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Gutscheinmieze
[2008.03.30 13:43:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\InfraRecorder
[2008.11.08 09:52:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Kazaa Lite
[2009.06.18 12:27:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Nokia
[2011.03.09 14:05:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Paltalk
[2009.06.18 12:27:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\PC Suite
[2008.07.20 20:00:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Pegasys Inc
[2009.08.13 18:17:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\PingTesterDataBas
[2011.05.21 13:24:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\PriceGong
[2008.05.15 17:45:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\VirusSchlacht
[2007.10.07 07:23:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Vso
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 111 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2
@Alternate Data Stream - 105 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:D1B5B4F1

< End of report >

Und der zweite log nach dem einfügen.


Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
Und zu Softonic.
Habe es schon versucht zu löschen, leider bekomme ich es nicht hin.
Wenn ich es in der system löschen will reagiert es einfach nicht.

Jagger

cosinus 09.04.2012 17:19
Zitat:
Zitat von cosinus
Hattest du damals Combofix zuletzt ausgefürt? Wenn ja, stammt dieser Quarantäneordner noch von dem damligen Lauf mit Combofix
Zu Combofix häte ich gern auch eine Aussage

Jagger192 10.04.2012 16:38
Zitat:
Zitat von cosinus (Beitrag 811532)
Zu Combofix häte ich gern auch eine Aussage
Hi

Kann dir nicht genau sagen wo der ordner her kommt.
Er wurde aber am 22.5.2008 erstellt, und ich war hier zum erstem mal am 25.5.2008.
Also denke ich das er nicht vom combofix ist.
Hatte damals ADD2008 ausgeführt, kann es sein das der ordener davon stammt :confused:

Auf jeden fall ist er noch auf dem rechner.

Jagger

cosinus 10.04.2012 18:48
Dann ist der CF-Ordner also schon vier Jahre alt.

Zitat:
Scan Mode: Current user
Die Anleitung zu OTL musst du nicht mal überflogen haben :(
1.) Hast du den Haken bei alle Benutzer vergessen
2.) Das war kein CustomScan

Was soll es bringen haargenau meinen Text in meiner Code-Box nochmal zu zu posten, diesen Text habe ich schon selber :(

Jagger192 10.04.2012 19:29
[QUOTE=cosinus;812179]Dann ist der CF-Ordner also schon vier Jahre alt.

[QUOTE]

Ja genau.

So hier noch mal den 2 log hoffe habe jetzt alles richtig gemacht.


Code:
OTL logfile created on: 10.04.2012 20:02:08 - Run 2
OTL by OldTimer - Version 3.2.39.2    Folder = C:\Dokumente und Einstellungen\Jagger\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,50 Gb Total Physical Memory | 3,03 Gb Available Physical Memory | 86,71% Memory free
5,34 Gb Paging File | 5,06 Gb Available in Paging File | 94,73% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 48,83 Gb Total Space | 3,90 Gb Free Space | 7,99% Space Free | Partition Type: NTFS
Drive E: | 963,46 Mb Total Space | 782,21 Mb Free Space | 81,19% Space Free | Partition Type: FAT32
Drive O: | 195,31 Gb Total Space | 2,16 Gb Free Space | 1,11% Space Free | Partition Type: NTFS
Drive W: | 221,62 Gb Total Space | 1,89 Gb Free Space | 0,85% Space Free | Partition Type: NTFS
 
Computer Name: JAEGER | User Name: Jagger | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\Jagger\desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Programme\Spyware Doctor\pctsAuxs.exe (PC Tools)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Delux\PS2 Keyboard English Edition\Keyboard.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Alwil Software\Avast5\defs\12041001\algo.dll ()
MOD - C:\WINDOWS\system32\nvshell.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Programme\Delux\PS2 Keyboard English Edition\Keyboard.exe ()
MOD - C:\Programme\Delux\PS2 Keyboard English Edition\Deluxkbd.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (LexBceS) -- C:\WINDOWS\system32\LEXBCES.EXE File not found
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (avast! Antivirus) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (sdAuxService) -- C:\Programme\Spyware Doctor\pctsAuxs.exe (PC Tools)
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (WDICA) --  File not found
DRV - (StarOpen) --  File not found
DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\SASKUTIL.sys File not found
DRV - (SASENUM) -- C:\Programme\SUPERAntiSpyware\SASENUM.SYS File not found
DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\SASDIFSV.SYS File not found
DRV - (PDRFRAME) --  File not found
DRV - (PDRELI) --  File not found
DRV - (PDFRAME) --  File not found
DRV - (PDCOMP) --  File not found
DRV - (PCIDump) --  File not found
DRV - (NETFRITZ) -- System32\DRIVERS\NETFRITZ.SYS File not found
DRV - (motmodem) -- system32\DRIVERS\motmodem.sys File not found
DRV - (LXARScan) -- System32\Drivers\Lxarscan.sys File not found
DRV - (lbrtfdc) --  File not found
DRV - (i2omgmt) --  File not found
DRV - (Changer) --  File not found
DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (AR9271) -- C:\WINDOWS\system32\drivers\athuw.sys (Atheros Communications, Inc.)
DRV - (PCTCore) -- C:\WINDOWS\system32\drivers\PCTCore.sys (PC Tools)
DRV - (tbhsd) -- C:\WINDOWS\system32\drivers\tbhsd.sys (RapidSolution Software AG)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (ezplay) -- C:\WINDOWS\system32\drivers\ezplay.sys (VSO Software)
DRV - (gdrv) -- C:\WINDOWS\gdrv.sys (Windows (R) 2000 DDK provider)
DRV - (DAdderFltr) -- C:\WINDOWS\system32\drivers\dadder.sys (Razer (Asia-Pacific) Pte Ltd)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation                          )
DRV - (JRAID) -- C:\WINDOWS\system32\drivers\jraid.sys (JMicron Technology Corp.)
DRV - (speedfan) -- C:\WINDOWS\system32\speedfan.sys (Windows (R) 2000 DDK provider)
DRV - (usb2vcom) -- C:\WINDOWS\system32\drivers\usb2vcom.sys ()
DRV - (JGOGO) -- C:\WINDOWS\system32\drivers\JGOGO.sys (JMicron )
DRV - (fpcibase) -- C:\WINDOWS\system32\drivers\fpcibase.sys (AVM Berlin)
DRV - (AVMWAN) -- C:\WINDOWS\system32\drivers\avmwan.sys (AVM GmbH)
DRV - (AVMPORT) -- C:\WINDOWS\system32\drivers\avmport.sys (AVM Berlin)
DRV - (DIGIRPS) -- C:\WINDOWS\system32\drivers\digirlpt.sys (Digi International, Inc.)
DRV - (giveio) -- C:\WINDOWS\system32\giveio.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-1454471165-343818398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-1454471165-343818398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-1454471165-343818398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.biut.de/
IE - HKU\S-1-5-21-1454471165-343818398-725345543-1003\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1454471165-343818398-725345543-1003\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1454471165-343818398-725345543-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-1454471165-343818398-725345543-1003\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://supertoolbar.ask.com/redirect?client=ie&tb=DVDX2&o=14642&src=crm&q={searchTerms}&locale=de_DE
IE - HKU\S-1-5-21-1454471165-343818398-725345543-1003\..\SearchScopes\{45598712-1ED3-4F4E-9848-132393493C78}: "URL" = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-1454471165-343818398-725345543-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GPEA_de
IE - HKU\S-1-5-21-1454471165-343818398-725345543-1003\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
IE - HKU\S-1-5-21-1454471165-343818398-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\firefox\extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: C:\Programme\RelevantKnowledge
 
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
 
O1 HOSTS File: ([2008.05.25 15:01:44 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.
O3 - HKU\S-1-5-21-1454471165-343818398-725345543-1003\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Programme\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\System32\JMRaidSetup.exe (Gigabyte Technology Corp.)
O4 - HKLM..\Run: [avast5] C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\PS2 Keyboard English Edition.lnk = C:\Programme\Delux\PS2 Keyboard English Edition\Keyboard.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1454471165-343818398-725345543-1003\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-1454471165-343818398-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1454471165-343818398-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1454471165-343818398-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
O15 - HKU\S-1-5-21-1454471165-343818398-725345543-1003\..Trusted Domains: eset.com ([www] http in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-1454471165-343818398-725345543-1003\..Trusted Domains: internet ([]about in Lokales Intranet)
O16 - DPF: {00000161-0000-0010-8000-00AA00389B71} hxxp://codecs.microsoft.com/codecs/i386/msaudio.cab (Reg Error: Key error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {41564D57-9980-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36EB01F/wmvadvd.cab (Reg Error: Key error.)
O16 - DPF: {5d86ddb5-bdf9-441b-9e9e-d4730f4ee499} hxxp://download.bitdefender.com/resources/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8984FBF3-2C22-4454-A416-8F56993FD9BE}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ABB1E62E-D031-4642-985A-B2F80FC3E540}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Jagger\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Jagger\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.03.19 03:48:17 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{24f57d01-f9f7-11de-a276-806d6172696f}\Shell\AutoRun\command - "" = E:\setupSNK.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: 6to4 -  File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
MsConfig - StartUpReg: Adobe ARM - hkey= - key= -  File not found
MsConfig - StartUpReg: AnyDVD - hkey= - key= -  File not found
MsConfig - StartUpReg: NeroCheck - hkey= - key= -  File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
 
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sdauxservice - C:\Programme\Spyware Doctor\pctsAuxs.exe (PC Tools)
SafeBootMin: sdcoreservice - Reg Error: Value error.
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sdauxservice - C:\Programme\Spyware Doctor\pctsAuxs.exe (PC Tools)
SafeBootNet: sdcoreservice - Reg Error: Value error.
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: UploadMgr - Service
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608555} - Internet Explorer Classes for Java
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC} - C:\Programme\PixiePack Codec Pack\InstallerHelper.exe
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C314CE45-3392-3B73-B4E1-139CD41CA933} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
 
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2100.02.08 17:03:54 | 000,053,248 | ---- | C] (Silitek Corp.) -- C:\Programme\ACMonitor_X73.exe
[2012.04.10 17:46:44 | 003,645,656 | ---- | C] (Piriform Ltd) -- C:\Dokumente und Einstellungen\Jagger\Desktop\ccsetup317.exe
[2012.04.09 12:45:17 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Jagger\Desktop\OTL.exe
[2012.04.08 09:11:43 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.04.10 19:49:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.04.10 17:47:44 | 000,000,654 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk
[2012.04.10 17:46:52 | 003,645,656 | ---- | M] (Piriform Ltd) -- C:\Dokumente und Einstellungen\Jagger\Desktop\ccsetup317.exe
[2012.04.10 17:27:15 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.04.10 17:27:14 | 000,004,940 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012.04.10 17:27:10 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.04.10 17:27:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.04.09 12:45:19 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Jagger\Desktop\OTL.exe
[2012.04.08 10:25:29 | 000,093,480 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.04.08 10:23:17 | 000,451,126 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.04.08 10:23:17 | 000,434,658 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.04.08 10:23:17 | 000,081,656 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.04.08 10:23:17 | 000,068,748 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.04.08 10:19:55 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.03.21 10:32:18 | 000,638,784 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Dokumente und Einstellungen\Jagger\Desktop\autoruns.exe
[2012.03.21 10:32:18 | 000,557,888 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Dokumente und Einstellungen\Jagger\Desktop\autorunsc.exe
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2100.02.23 15:35:34 | 000,000,768 | ---- | C] () -- C:\Programme\x73_lut.dat
[2100.02.08 16:53:34 | 000,001,437 | ---- | C] () -- C:\Programme\gtx73.ini
[2012.04.10 17:47:44 | 000,000,654 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk
[2012.04.08 10:11:28 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012.04.08 09:03:37 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.04.08 09:03:37 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2010.08.31 18:07:43 | 000,000,078 | ---- | C] () -- C:\WINDOWS\wiso.ini
 
========== LOP Check ==========
 
[2009.10.03 10:03:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\1Click DVD Copy Pro
[2010.08.30 15:25:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Alwil Software
[2008.12.11 19:39:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ashampoo
[2010.08.31 18:07:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Buhl Data Service GmbH
[2011.03.29 10:02:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canneverbe Limited
[2009.01.01 15:05:51 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2009.01.04 18:25:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ElsterFormular
[2009.01.28 20:40:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\GraphicRemedy
[2009.07.20 17:40:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Installations
[2009.06.18 11:51:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2009.10.05 18:19:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RapidSolution
[2007.10.07 01:22:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecTaskMan
[2007.10.07 07:22:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SlySoft
[2009.07.05 10:03:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2011.02.15 21:07:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TP-LINK
[2008.05.10 11:03:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint
[2008.05.10 11:03:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\acccore
[2008.12.11 19:40:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Ashampoo
[2011.03.29 10:02:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Canneverbe Limited
[2008.11.29 13:05:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Command & Conquer 3 Tiberium Wars
[2011.03.15 12:13:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\DC++
[2008.03.30 14:05:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\DeepBurner
[2009.02.11 20:48:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\FileZilla
[2008.11.14 10:12:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\FRITZ!
[2009.01.28 20:43:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\gDEBugger
[2009.10.03 09:53:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\GetRightToGo
[2007.01.01 00:18:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\GlarySoft
[2008.09.14 13:03:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\gtk-2.0
[2007.03.20 05:09:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Gutscheinmieze
[2008.03.30 13:43:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\InfraRecorder
[2008.11.08 09:52:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Kazaa Lite
[2009.06.18 12:27:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Nokia
[2011.03.09 14:05:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Paltalk
[2009.06.18 12:27:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\PC Suite
[2008.07.20 20:00:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Pegasys Inc
[2009.08.13 18:17:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\PingTesterDataBas
[2011.05.21 13:24:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\PriceGong
[2008.05.15 17:45:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\VirusSchlacht
[2007.10.07 07:23:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Vso
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2008.05.10 11:03:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\acccore
[2009.01.16 18:49:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Adobe
[2008.12.11 19:40:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Ashampoo
[2011.03.29 10:02:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Canneverbe Limited
[2008.11.29 13:05:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Command & Conquer 3 Tiberium Wars
[2011.03.15 12:13:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\DC++
[2008.03.30 14:05:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\DeepBurner
[2009.12.18 12:07:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\dvdcss
[2009.02.11 20:48:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\FileZilla
[2008.11.14 10:12:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\FRITZ!
[2009.01.28 20:43:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\gDEBugger
[2009.10.03 09:53:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\GetRightToGo
[2007.01.01 00:18:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\GlarySoft
[2008.09.06 10:13:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Google
[2008.09.14 13:03:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\gtk-2.0
[2007.03.20 05:09:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Gutscheinmieze
[2008.03.20 19:28:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Help
[2008.03.28 12:24:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Identities
[2008.03.30 13:43:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\InfraRecorder
[2008.03.19 04:14:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\InstallShield
[2008.09.14 18:41:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\InstallShield Installation Information
[2008.11.08 09:52:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Kazaa Lite
[2010.04.01 17:59:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Macromedia
[2009.05.13 18:16:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Malwarebytes
[2008.08.31 10:32:27 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Microsoft
[2011.04.11 20:00:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\mIRC
[2008.10.23 19:03:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\MSN6
[2008.11.20 22:44:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\NCH Software
[2009.11.19 21:35:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Nero
[2009.11.19 21:39:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\NeroDigital(TM)
[2009.06.18 12:27:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Nokia
[2011.03.09 14:05:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Paltalk
[2009.06.18 12:27:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\PC Suite
[2009.06.17 07:28:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\PC Tools
[2008.07.20 20:00:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Pegasys Inc
[2009.08.13 18:17:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\PingTesterDataBas
[2011.05.21 13:24:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\PriceGong
[2008.04.12 17:13:25 | 000,000,000 | RH-D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\SecuROM
[2008.10.23 20:37:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Sun
[2008.05.15 17:45:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\VirusSchlacht
[2011.04.08 16:21:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\vlc
[2007.10.07 07:23:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Vso
[2009.02.13 11:29:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\WinRAR
[2009.05.13 18:06:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Yahoo!
 
< %APPDATA%\*.exe /s >
[2007.10.07 07:23:22 | 000,087,608 | ---- | M] () -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\inst.exe
[2010.06.10 14:19:22 | 000,825,856 | ---- | M] (Synatix GmbH) -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Gutscheinmieze\uninstall.exe
[2008.09.14 18:26:19 | 000,331,776 | ---- | M] () -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\InstallShield Installation Information\{FDBBAF14-5ED8-49B7-A5BE-1C35668B074D}\SetupUT3.exe
[2009.08.13 18:17:15 | 000,040,960 | ---- | M] (ss) -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\PingTesterDataBas\PingIPscan2008112.exe
 
< %SYSTEMDRIVE%\*.exe >
[2001.05.24 12:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE
 
< MD5 for: AGP440.SYS  >
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2002.08.29 03:52:58 | 010,180,476 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2002.08.29 02:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2002.08.29 01:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[2002.08.29 02:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2008.04.14 07:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 07:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
[2002.08.29 03:43:22 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=B9358A1FB66CF656328FD8B792B2CCC4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
 
< MD5 for: NETLOGON.DLL  >
[2008.04.14 07:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 07:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
[2002.08.29 03:43:26 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=BCA549B21E651111CE7BAD0FC8C45F4B -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
 
< MD5 for: SCECLI.DLL  >
[2008.04.14 07:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 07:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
[2002.08.29 03:43:30 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=ADD49C10F5DADFA81912D124FE1C9A99 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.04.14 07:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008.04.14 07:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
[2002.08.29 03:43:32 | 000,561,664 | ---- | M] (Microsoft Corporation) MD5=E3DAFFDB1C86C1AEAC1B205F6CF67009 -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.04.14 07:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 07:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2002.08.29 03:43:42 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=BEBD3F08461F9A88E5ABCE0CB9707000 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2002.08.29 03:43:42 | 000,521,728 | ---- | M] (Microsoft Corporation) MD5=616896B708286DA98D6A099293F181D7 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2012.01.13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 07:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 07:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2001.08.18 21:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2001.08.18 21:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[1 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]
 
< %systemroot%\System32\config\*.sav >
[2008.03.19 04:35:39 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2008.03.19 04:35:39 | 000,630,784 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2008.03.19 04:35:39 | 000,430,080 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 111 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2
@Alternate Data Stream - 105 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:D1B5B4F1

< End of report >

cosinus 11.04.2012 10:49
Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
:OTL
DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\SASKUTIL.sys File not found
DRV - (SASENUM) -- C:\Programme\SUPERAntiSpyware\SASENUM.SYS File not found
DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\SASDIFSV.SYS File not found
DRV - (NETFRITZ) -- System32\DRIVERS\NETFRITZ.SYS File not found
DRV - (motmodem) -- system32\DRIVERS\motmodem.sys File not found
DRV - (LXARScan) -- System32\Drivers\Lxarscan.sys File not found
IE - HKU\S-1-5-21-1454471165-343818398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-1454471165-343818398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-1454471165-343818398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.biut.de/
IE - HKU\S-1-5-21-1454471165-343818398-725345543-1003\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1454471165-343818398-725345543-1003\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1454471165-343818398-725345543-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-1454471165-343818398-725345543-1003\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://supertoolbar.ask.com/redirect?client=ie&tb=DVDX2&o=14642&src=crm&q={searchTerms}&locale=de_DE
IE - HKU\S-1-5-21-1454471165-343818398-725345543-1003\..\SearchScopes\{45598712-1ED3-4F4E-9848-132393493C78}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-1454471165-343818398-725345543-1003\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.
O3 - HKU\S-1-5-21-1454471165-343818398-725345543-1003\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Programme\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1454471165-343818398-725345543-1003\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-1454471165-343818398-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1454471165-343818398-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1454471165-343818398-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.03.19 03:48:17 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{24f57d01-f9f7-11de-a276-806d6172696f}\Shell\AutoRun\command - "" = E:\setupSNK.exe
[2007.03.20 05:09:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Gutscheinmieze
[2011.05.21 13:24:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\PriceGong
[2008.05.15 17:45:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\VirusSchlacht
@Alternate Data Stream - 111 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2
@Alternate Data Stream - 105 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:D1B5B4F1
:Files
C:\Programme\softonic-de3
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Jagger192 11.04.2012 17:54
Hi

Ging alles ohne probleme.

Code:
All processes killed
========== OTL ==========
Service SASKUTIL stopped successfully!
Service SASKUTIL deleted successfully!
File  C:\Programme\SUPERAntiSpyware\SASKUTIL.sys File not found not found.
Service SASENUM stopped successfully!
Service SASENUM deleted successfully!
File  C:\Programme\SUPERAntiSpyware\SASENUM.SYS File not found not found.
Service SASDIFSV stopped successfully!
Service SASDIFSV deleted successfully!
File  C:\Programme\SUPERAntiSpyware\SASDIFSV.SYS File not found not found.
Service NETFRITZ stopped successfully!
Service NETFRITZ deleted successfully!
File  System32\DRIVERS\NETFRITZ.SYS File not found not found.
Service motmodem stopped successfully!
Service motmodem deleted successfully!
File  system32\DRIVERS\motmodem.sys File not found not found.
Service LXARScan stopped successfully!
Service LXARScan deleted successfully!
File  System32\Drivers\Lxarscan.sys File not found not found.
HKU\S-1-5-21-1454471165-343818398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchMigratedDefaultName| /E : value set successfully!
HKU\S-1-5-21-1454471165-343818398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchMigratedDefaultURL| /E : value set successfully!
HKU\S-1-5-21-1454471165-343818398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1454471165-343818398-725345543-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ deleted successfully.
C:\Programme\softonic-de3\prxtbsof0.dll moved successfully.
HKEY_USERS\S-1-5-21-1454471165-343818398-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1454471165-343818398-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1454471165-343818398-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found.
Registry key HKEY_USERS\S-1-5-21-1454471165-343818398-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{45598712-1ED3-4F4E-9848-132393493C78}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{45598712-1ED3-4F4E-9848-132393493C78}\ not found.
Registry key HKEY_USERS\S-1-5-21-1454471165-343818398-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ not found.
File C:\Programme\softonic-de3\prxtbsof0.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DFEFCDEE-CF1A-4FC8-88AD-48514E463B27}\ not found.
Registry value HKEY_USERS\S-1-5-21-1454471165-343818398-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}\ not found.
File de3\prxtbsof0.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\HonorAutoRunSetting deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDrives deleted successfully.
Registry key HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel\ not found.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun deleted successfully.
Registry key HKEY_USERS\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel\ not found.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun not found.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun not found.
Registry key HKEY_USERS\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel\ not found.
Registry value HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel\ not found.
Registry value HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1454471165-343818398-725345543-1003\Software\Policies\Microsoft\Internet Explorer\control panel\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1454471165-343818398-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1454471165-343818398-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1454471165-343818398-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDrives deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\AUTOEXEC.BAT moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{24f57d01-f9f7-11de-a276-806d6172696f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{24f57d01-f9f7-11de-a276-806d6172696f}\ not found.
File E:\setupSNK.exe not found.
C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\Gutscheinmieze folder moved successfully.
C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\PriceGong\Data folder moved successfully.
C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\PriceGong folder moved successfully.
C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\VirusSchlacht\Logs folder moved successfully.
C:\Dokumente und Einstellungen\Jagger\Anwendungsdaten\VirusSchlacht folder moved successfully.
ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2 deleted successfully.
ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:D1B5B4F1 deleted successfully.
========== FILES ==========
C:\Programme\softonic-de3 folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 225820 bytes
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41 bytes
 
User: Jagger
->Temp folder emptied: 582083627 bytes
->Temporary Internet Files folder emptied: 15335139 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 1563 bytes
 
User: LocalService
->Temp folder emptied: 65748 bytes
->Temporary Internet Files folder emptied: 8643206 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 14932652 bytes
%systemroot%\System32 .tmp files removed: 2676103 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 24192 bytes
Windows Temp folder emptied: 1176422 bytes
RecycleBin emptied: 2345340 bytes
 
Total Files Cleaned = 599,00 mb
 
 
[EMPTYFLASH]
 
User: Administrator
 
User: All Users
 
User: Default User
->Flash cache emptied: 0 bytes
 
User: Jagger
->Flash cache emptied: 0 bytes
 
User: LocalService
 
User: NetworkService
 
Total Flash Files Cleaned = 0,00 mb
 
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.39.2 log created on 04112012_184941

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Jagger

cosinus 11.04.2012 18:44
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

Jagger192 15.04.2012 11:16
Hi

Wie kann ich den die fehler mit skip behanden?

Hier das log

Code:
12:00:37.0633 1936        TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
12:00:38.0039 1936        ============================================================
12:00:38.0039 1936        Current date / time: 2012/04/15 12:00:38.0039
12:00:38.0039 1936        SystemInfo:
12:00:38.0039 1936       
12:00:38.0039 1936        OS Version: 5.1.2600 ServicePack: 3.0
12:00:38.0039 1936        Product type: Workstation
12:00:38.0039 1936        ComputerName: JAEGER
12:00:38.0039 1936        UserName: Jagger
12:00:38.0039 1936        Windows directory: C:\WINDOWS
12:00:38.0039 1936        System windows directory: C:\WINDOWS
12:00:38.0039 1936        Processor architecture: Intel x86
12:00:38.0039 1936        Number of processors: 2
12:00:38.0039 1936        Page size: 0x1000
12:00:38.0039 1936        Boot type: Normal boot
12:00:38.0039 1936        ============================================================
12:00:39.0321 1936        Drive \Device\Harddisk0\DR0 - Size: 0x7470AFDE00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:00:39.0321 1936        Drive \Device\Harddisk1\DR4 - Size: 0x3C780000 (0.94 Gb), SectorSize: 0x200, Cylinders: 0x7B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:00:39.0321 1936        \Device\Harddisk0\DR0:
12:00:39.0321 1936        MBR used
12:00:39.0321 1936        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A7927
12:00:39.0336 1936        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x61A79A5, BlocksNum 0x1869E559
12:00:39.0336 1936        \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E845EFE, BlocksNum 0x1BB3ED43
12:00:39.0336 1936        \Device\Harddisk1\DR4:
12:00:39.0336 1936        MBR used
12:00:39.0336 1936        \Device\Harddisk1\DR4\Partition0: MBR, Type 0xB, StartLBA 0x58, BlocksNum 0x1E3BA8
12:00:39.0774 1936        Initialize success
12:00:39.0774 1936        ============================================================
12:03:29.0586 3100        ============================================================
12:03:29.0586 3100        Scan started
12:03:29.0586 3100        Mode: Manual; SigCheck; TDLFS;
12:03:29.0586 3100        ============================================================
12:03:29.0868 3100        Aavmker4        (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
12:03:29.0946 3100        Aavmker4 - ok
12:03:29.0961 3100        Abiosdsk - ok
12:03:29.0961 3100        abp480n5 - ok
12:03:29.0993 3100        ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:03:30.0102 3100        ACPI - ok
12:03:30.0118 3100        ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
12:03:30.0196 3100        ACPIEC - ok
12:03:30.0196 3100        adpu160m - ok
12:03:30.0211 3100        aec            (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
12:03:30.0274 3100        aec - ok
12:03:30.0305 3100        AFD            (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
12:03:30.0321 3100        AFD - ok
12:03:30.0321 3100        Aha154x - ok
12:03:30.0336 3100        aic78u2 - ok
12:03:30.0336 3100        aic78xx - ok
12:03:30.0368 3100        Alerter        (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
12:03:30.0430 3100        Alerter - ok
12:03:30.0430 3100        ALG            (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
12:03:30.0461 3100        ALG - ok
12:03:30.0477 3100        AliIde - ok
12:03:30.0477 3100        amsint - ok
12:03:30.0508 3100        AppMgmt        (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
12:03:30.0539 3100        AppMgmt - ok
12:03:30.0586 3100        AR9271          (8e2257584b2c52d44b4cb1949947d885) C:\WINDOWS\system32\DRIVERS\athuw.sys
12:03:30.0649 3100        AR9271 - ok
12:03:30.0649 3100        asc - ok
12:03:30.0664 3100        asc3350p - ok
12:03:30.0664 3100        asc3550 - ok
12:03:30.0727 3100        aspnet_state    (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
12:03:30.0727 3100        aspnet_state - ok
12:03:30.0743 3100        aswFsBlk        (0ae43c6c411254049279c2ee55630f95) C:\WINDOWS\system32\drivers\aswFsBlk.sys
12:03:30.0743 3100        aswFsBlk - ok
12:03:30.0774 3100        aswMon2        (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINDOWS\system32\drivers\aswMon2.sys
12:03:30.0774 3100        aswMon2 - ok
12:03:30.0789 3100        aswRdr          (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINDOWS\system32\drivers\aswRdr.sys
12:03:30.0805 3100        aswRdr - ok
12:03:30.0836 3100        aswSnx          (dcb199b967375753b5019ec15f008f53) C:\WINDOWS\system32\drivers\aswSnx.sys
12:03:30.0852 3100        aswSnx - ok
12:03:30.0883 3100        aswSP          (b32873e5a1443c0a1e322266e203bf10) C:\WINDOWS\system32\drivers\aswSP.sys
12:03:30.0883 3100        aswSP - ok
12:03:30.0899 3100        aswTdi          (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINDOWS\system32\drivers\aswTdi.sys
12:03:30.0899 3100        aswTdi - ok
12:03:30.0930 3100        AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:03:30.0993 3100        AsyncMac - ok
12:03:30.0993 3100        atapi          (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
12:03:31.0071 3100        atapi - ok
12:03:31.0071 3100        Atdisk - ok
12:03:31.0102 3100        Atmarpc        (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:03:31.0164 3100        Atmarpc - ok
12:03:31.0180 3100        AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
12:03:31.0258 3100        AudioSrv - ok
12:03:31.0274 3100        audstub        (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
12:03:31.0336 3100        audstub - ok
12:03:31.0399 3100        avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Programme\Alwil Software\Avast5\AvastSvc.exe
12:03:31.0414 3100        avast! Antivirus - ok
12:03:31.0430 3100        AVMPORT        (02568a764ef2c37cfa6f9c471e67d475) C:\WINDOWS\System32\drivers\avmport.sys
12:03:31.0430 3100        AVMPORT ( UnsignedFile.Multi.Generic ) - warning
12:03:31.0430 3100        AVMPORT - detected UnsignedFile.Multi.Generic (1)
12:03:31.0461 3100        AVMWAN          (c997af59c54d69232fb7bbea4dad86e2) C:\WINDOWS\system32\DRIVERS\avmwan.sys
12:03:31.0524 3100        AVMWAN - ok
12:03:31.0539 3100        Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
12:03:31.0618 3100        Beep - ok
12:03:31.0649 3100        BITS            (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
12:03:31.0727 3100        BITS - ok
12:03:31.0743 3100        Bridge          (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
12:03:31.0774 3100        Bridge - ok
12:03:31.0774 3100        BridgeMP        (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
12:03:31.0805 3100        BridgeMP - ok
12:03:31.0836 3100        Browser        (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
12:03:31.0899 3100        Browser - ok
12:03:31.0930 3100        BTHPORT        (592e1cedbe314d0ef184dc6f46141e76) C:\WINDOWS\system32\Drivers\BTHport.sys
12:03:31.0961 3100        BTHPORT - ok
12:03:31.0977 3100        BthServ        (26c601ef7525e31379744abfc6f35a1b) C:\WINDOWS\System32\bthserv.dll
12:03:32.0039 3100        BthServ - ok
12:03:32.0055 3100        BTHUSB          (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
12:03:32.0118 3100        BTHUSB - ok
12:03:32.0133 3100        cbidf2k        (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
12:03:32.0196 3100        cbidf2k - ok
12:03:32.0211 3100        cd20xrnt - ok
12:03:32.0227 3100        Cdaudio        (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
12:03:32.0289 3100        Cdaudio - ok
12:03:32.0321 3100        Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
12:03:32.0383 3100        Cdfs - ok
12:03:32.0414 3100        Cdrom          (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:03:32.0477 3100        Cdrom - ok
12:03:32.0477 3100        Changer - ok
12:03:32.0508 3100        CiSvc          (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
12:03:32.0571 3100        CiSvc - ok
12:03:32.0602 3100        ClipSrv        (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
12:03:32.0664 3100        ClipSrv - ok
12:03:32.0727 3100        clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:03:32.0743 3100        clr_optimization_v2.0.50727_32 - ok
12:03:32.0743 3100        CmdIde - ok
12:03:32.0743 3100        COMSysApp - ok
12:03:32.0758 3100        Cpqarray - ok
12:03:32.0774 3100        CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
12:03:32.0836 3100        CryptSvc - ok
12:03:32.0852 3100        dac2w2k - ok
12:03:32.0852 3100        dac960nt - ok
12:03:32.0883 3100        DAdderFltr      (cb90f77e21109ccfd114a17bd87a42a7) C:\WINDOWS\system32\drivers\dadder.sys
12:03:32.0883 3100        DAdderFltr - ok
12:03:32.0914 3100        DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
12:03:32.0930 3100        DcomLaunch - ok
12:03:32.0977 3100        Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
12:03:33.0039 3100        Dhcp - ok
12:03:33.0071 3100        DIGIRPS        (ac831d7c56b5c30a7b0987c4d8dd7608) C:\WINDOWS\system32\DRIVERS\digirlpt.sys
12:03:33.0133 3100        DIGIRPS - ok
12:03:33.0149 3100        Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
12:03:33.0211 3100        Disk - ok
12:03:33.0227 3100        dmadmin - ok
12:03:33.0258 3100        dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
12:03:33.0368 3100        dmboot - ok
12:03:33.0383 3100        dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
12:03:33.0446 3100        dmio - ok
12:03:33.0461 3100        dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
12:03:33.0539 3100        dmload - ok
12:03:33.0555 3100        dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
12:03:33.0618 3100        dmserver - ok
12:03:33.0633 3100        DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
12:03:33.0696 3100        DMusic - ok
12:03:33.0711 3100        Dnscache        (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
12:03:33.0727 3100        Dnscache - ok
12:03:33.0758 3100        Dot3svc        (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
12:03:33.0821 3100        Dot3svc - ok
12:03:33.0821 3100        dpti2o - ok
12:03:33.0836 3100        drmkaud        (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
12:03:33.0899 3100        drmkaud - ok
12:03:33.0930 3100        EapHost        (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
12:03:33.0993 3100        EapHost - ok
12:03:34.0024 3100        ERSvc          (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
12:03:34.0086 3100        ERSvc - ok
12:03:34.0102 3100        Eventlog        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
12:03:34.0133 3100        Eventlog - ok
12:03:34.0149 3100        EventSystem    (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\System32\es.dll
12:03:34.0180 3100        EventSystem - ok
12:03:34.0196 3100        ezplay          (73e701e0fa4d2fc7d22efceff276c50a) C:\WINDOWS\system32\Drivers\ezplay.sys
12:03:34.0196 3100        ezplay ( UnsignedFile.Multi.Generic ) - warning
12:03:34.0196 3100        ezplay - detected UnsignedFile.Multi.Generic (1)
12:03:34.0211 3100        Fastfat        (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
12:03:34.0274 3100        Fastfat - ok
12:03:34.0305 3100        FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
12:03:34.0336 3100        FastUserSwitchingCompatibility - ok
12:03:34.0336 3100        Fdc            (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
12:03:34.0399 3100        Fdc - ok
12:03:34.0430 3100        Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
12:03:34.0493 3100        Fips - ok
12:03:34.0508 3100        Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:03:34.0571 3100        Flpydisk - ok
12:03:34.0602 3100        FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
12:03:34.0664 3100        FltMgr - ok
12:03:34.0711 3100        FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
12:03:34.0727 3100        FontCache3.0.0.0 - ok
12:03:34.0743 3100        fpcibase        (03ddba31f856936baddd2d66e111faed) C:\WINDOWS\system32\DRIVERS\fpcibase.sys
12:03:34.0789 3100        fpcibase - ok
12:03:34.0805 3100        Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:03:34.0868 3100        Fs_Rec - ok
12:03:34.0883 3100        Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:03:34.0946 3100        Ftdisk - ok
12:03:34.0961 3100        gdrv            (54789f9ba0d59072cdd4e7c200e122c4) C:\WINDOWS\gdrv.sys
12:03:35.0493 3100        gdrv - ok
12:03:35.0524 3100        giveio          (77ebf3e9386daa51551af429052d88d0) C:\WINDOWS\system32\giveio.sys
12:03:35.0539 3100        giveio ( UnsignedFile.Multi.Generic ) - warning
12:03:35.0539 3100        giveio - detected UnsignedFile.Multi.Generic (1)
12:03:35.0571 3100        Gpc            (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:03:35.0649 3100        Gpc - ok
12:03:35.0696 3100        gupdate        (f02a533f517eb38333cb12a9e8963773) C:\Programme\Google\Update\GoogleUpdate.exe
12:03:35.0696 3100        gupdate - ok
12:03:35.0711 3100        gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Programme\Google\Update\GoogleUpdate.exe
12:03:35.0711 3100        gupdatem - ok
12:03:35.0727 3100        HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:03:35.0805 3100        HDAudBus - ok
12:03:35.0836 3100        helpsvc        (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:03:35.0899 3100        helpsvc - ok
12:03:35.0914 3100        HidServ - ok
12:03:35.0930 3100        hidusb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:03:36.0008 3100        hidusb - ok
12:03:36.0024 3100        hkmsvc          (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
12:03:36.0086 3100        hkmsvc - ok
12:03:36.0102 3100        hpn - ok
12:03:36.0118 3100        HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
12:03:36.0133 3100        HTTP - ok
12:03:36.0164 3100        HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
12:03:36.0227 3100        HTTPFilter - ok
12:03:36.0243 3100        i2omgmt - ok
12:03:36.0243 3100        i2omp - ok
12:03:36.0258 3100        i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:03:36.0321 3100        i8042prt - ok
12:03:36.0383 3100        IDriverT        (1cf03c69b49acb70c722df92755c0c8c) C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
12:03:36.0383 3100        IDriverT ( UnsignedFile.Multi.Generic ) - warning
12:03:36.0383 3100        IDriverT - detected UnsignedFile.Multi.Generic (1)
12:03:36.0461 3100        idsvc          (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:03:36.0493 3100        idsvc - ok
12:03:36.0508 3100        Imapi          (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
12:03:36.0586 3100        Imapi - ok
12:03:36.0618 3100        ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
12:03:36.0696 3100        ImapiService - ok
12:03:36.0696 3100        ini910u - ok
12:03:36.0789 3100        IntcAzAudAddService (e37589414437a60797e94c0f57c546db) C:\WINDOWS\system32\drivers\RtkHDAud.sys
12:03:36.0899 3100        IntcAzAudAddService - ok
12:03:36.0914 3100        IntelIde - ok
12:03:36.0930 3100        intelppm        (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:03:36.0993 3100        intelppm - ok
12:03:37.0008 3100        ip6fw          (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
12:03:37.0071 3100        ip6fw - ok
12:03:37.0102 3100        IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:03:37.0164 3100        IpFilterDriver - ok
12:03:37.0164 3100        IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:03:37.0243 3100        IpInIp - ok
12:03:37.0258 3100        IpNat          (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:03:37.0336 3100        IpNat - ok
12:03:37.0352 3100        IPSec          (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:03:37.0414 3100        IPSec - ok
12:03:37.0430 3100        IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
12:03:37.0461 3100        IRENUM - ok
12:03:37.0477 3100        isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:03:37.0539 3100        isapnp - ok
12:03:37.0555 3100        JGOGO          (c995c0e8b4503fac38793bb0236ad246) C:\WINDOWS\system32\DRIVERS\JGOGO.sys
12:03:37.0555 3100        JGOGO - ok
12:03:37.0571 3100        JRAID          (f90a4e8657319a652e04c5362926cfea) C:\WINDOWS\system32\DRIVERS\jraid.sys
12:03:37.0586 3100        JRAID - ok
12:03:37.0602 3100        Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:03:37.0664 3100        Kbdclass - ok
12:03:37.0664 3100        kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
12:03:37.0743 3100        kmixer - ok
12:03:37.0758 3100        KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
12:03:37.0758 3100        KSecDD - ok
12:03:37.0789 3100        lanmanserver    (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
12:03:37.0805 3100        lanmanserver - ok
12:03:37.0821 3100        lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
12:03:37.0852 3100        lanmanworkstation - ok
12:03:37.0852 3100        lbrtfdc - ok
12:03:37.0852 3100        LexBceS - ok
12:03:37.0883 3100        LmHosts        (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
12:03:37.0946 3100        LmHosts - ok
12:03:37.0977 3100        Messenger      (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
12:03:38.0039 3100        Messenger - ok
12:03:38.0055 3100        mnmdd          (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
12:03:38.0133 3100        mnmdd - ok
12:03:38.0149 3100        mnmsrvc        (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\System32\mnmsrvc.exe
12:03:38.0211 3100        mnmsrvc - ok
12:03:38.0227 3100        Modem          (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
12:03:38.0289 3100        Modem - ok
12:03:38.0305 3100        Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:03:38.0383 3100        Mouclass - ok
12:03:38.0399 3100        mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:03:38.0461 3100        mouhid - ok
12:03:38.0477 3100        MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
12:03:38.0539 3100        MountMgr - ok
12:03:38.0539 3100        mraid35x - ok
12:03:38.0555 3100        MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:03:38.0618 3100        MRxDAV - ok
12:03:38.0649 3100        MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:03:38.0664 3100        MRxSmb - ok
12:03:38.0680 3100        MSDTC          (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\System32\msdtc.exe
12:03:38.0758 3100        MSDTC - ok
12:03:38.0758 3100        Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
12:03:38.0821 3100        Msfs - ok
12:03:38.0836 3100        MSIServer - ok
12:03:38.0852 3100        MSKSSRV        (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:03:38.0914 3100        MSKSSRV - ok
12:03:38.0930 3100        MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:03:38.0993 3100        MSPCLOCK - ok
12:03:39.0008 3100        MSPQM          (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
12:03:39.0071 3100        MSPQM - ok
12:03:39.0086 3100        mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:03:39.0149 3100        mssmbios - ok
12:03:39.0164 3100        Mup            (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
12:03:39.0180 3100        Mup - ok
12:03:39.0196 3100        napagent        (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
12:03:39.0289 3100        napagent - ok
12:03:39.0321 3100        NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
12:03:39.0383 3100        NDIS - ok
12:03:39.0414 3100        NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:03:39.0414 3100        NdisTapi - ok
12:03:39.0446 3100        Ndisuio        (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:03:39.0508 3100        Ndisuio - ok
12:03:39.0539 3100        NdisWan        (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:03:39.0602 3100        NdisWan - ok
12:03:39.0633 3100        NDProxy        (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
12:03:39.0649 3100        NDProxy - ok
12:03:39.0696 3100        Nero BackItUp Scheduler 4.0 (7d2633295eb6ff2b938185874884059d) C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe
12:03:39.0727 3100        Nero BackItUp Scheduler 4.0 - ok
12:03:39.0743 3100        NetBIOS        (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
12:03:39.0805 3100        NetBIOS - ok
12:03:39.0821 3100        NetBT          (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
12:03:39.0883 3100        NetBT - ok
12:03:39.0914 3100        NetDDE          (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
12:03:39.0993 3100        NetDDE - ok
12:03:39.0993 3100        NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
12:03:40.0071 3100        NetDDEdsdm - ok
12:03:40.0086 3100        Netlogon        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
12:03:40.0149 3100        Netlogon - ok
12:03:40.0180 3100        Netman          (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
12:03:40.0258 3100        Netman - ok
12:03:40.0321 3100        NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:03:40.0321 3100        NetTcpPortSharing - ok
12:03:40.0352 3100        Nla            (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
12:03:40.0368 3100        Nla - ok
12:03:40.0383 3100        Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
12:03:40.0446 3100        Npfs - ok
12:03:40.0477 3100        Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
12:03:40.0555 3100        Ntfs - ok
12:03:40.0555 3100        NtLmSsp        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\System32\lsass.exe
12:03:40.0633 3100        NtLmSsp - ok
12:03:40.0649 3100        NtmsSvc        (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
12:03:40.0743 3100        NtmsSvc - ok
12:03:40.0758 3100        Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
12:03:40.0821 3100        Null - ok
12:03:40.0946 3100        nv              (b518ab25714821ae21677a8ada1fdf86) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
12:03:41.0164 3100        nv ( UnsignedFile.Multi.Generic ) - warning
12:03:41.0164 3100        nv - detected UnsignedFile.Multi.Generic (1)
12:03:41.0180 3100        NVSvc          (77ecdf9e3d43d4e86e85b73886992625) C:\WINDOWS\system32\nvsvc32.exe
12:03:41.0196 3100        NVSvc ( UnsignedFile.Multi.Generic ) - warning
12:03:41.0196 3100        NVSvc - detected UnsignedFile.Multi.Generic (1)
12:03:41.0211 3100        NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:03:41.0274 3100        NwlnkFlt - ok
12:03:41.0289 3100        NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:03:41.0352 3100        NwlnkFwd - ok
12:03:41.0383 3100        Parport        (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
12:03:41.0446 3100        Parport - ok
12:03:41.0446 3100        PartMgr        (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
12:03:41.0508 3100        PartMgr - ok
12:03:41.0539 3100        ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
12:03:41.0602 3100        ParVdm - ok
12:03:41.0633 3100        pccsmcfd        (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
12:03:41.0633 3100        pccsmcfd - ok
12:03:41.0649 3100        PCI            (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
12:03:41.0727 3100        PCI - ok
12:03:41.0727 3100        PCIDump - ok
12:03:41.0743 3100        PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
12:03:41.0805 3100        PCIIde - ok
12:03:41.0836 3100        Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
12:03:41.0899 3100        Pcmcia - ok
12:03:41.0930 3100        pcouffin        (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
12:03:41.0930 3100        pcouffin ( UnsignedFile.Multi.Generic ) - warning
12:03:41.0930 3100        pcouffin - detected UnsignedFile.Multi.Generic (1)
12:03:41.0961 3100        PCTCore        (aa9cfa67850893fbb168b9c4e4c86952) C:\WINDOWS\system32\drivers\PCTCore.sys
12:03:41.0961 3100        PCTCore - ok
12:03:41.0977 3100        PDCOMP - ok
12:03:41.0977 3100        PDFRAME - ok
12:03:41.0977 3100        PDRELI - ok
12:03:41.0993 3100        PDRFRAME - ok
12:03:41.0993 3100        perc2 - ok
12:03:42.0008 3100        perc2hib - ok
12:03:42.0024 3100        PlugPlay        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
12:03:42.0039 3100        PlugPlay - ok
12:03:42.0055 3100        PnkBstrA        (3a2bdd76e7d2a5f40a7174793d1ba794) C:\WINDOWS\system32\PnkBstrA.exe
12:03:42.0071 3100        PnkBstrA - ok
12:03:42.0086 3100        PolicyAgent    (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
12:03:42.0149 3100        PolicyAgent - ok
12:03:42.0164 3100        PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:03:42.0227 3100        PptpMiniport - ok
12:03:42.0258 3100        Processor      (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys
12:03:42.0321 3100        Processor - ok
12:03:42.0321 3100        ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
12:03:42.0399 3100        ProtectedStorage - ok
12:03:42.0414 3100        PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
12:03:42.0477 3100        PSched - ok
12:03:42.0493 3100        Ptilink        (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:03:42.0571 3100        Ptilink - ok
12:03:42.0586 3100        PxHelp20        (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
12:03:42.0602 3100        PxHelp20 - ok
12:03:42.0602 3100        ql1080 - ok
12:03:42.0602 3100        Ql10wnt - ok
12:03:42.0618 3100        ql12160 - ok
12:03:42.0618 3100        ql1240 - ok
12:03:42.0633 3100        ql1280 - ok
12:03:42.0649 3100        RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:03:42.0696 3100        RasAcd - ok
12:03:42.0727 3100        RasAuto        (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
12:03:42.0805 3100        RasAuto - ok
12:03:42.0805 3100        Rasl2tp        (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:03:42.0868 3100        Rasl2tp - ok
12:03:42.0899 3100        RasMan          (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
12:03:42.0961 3100        RasMan - ok
12:03:42.0977 3100        RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:03:43.0039 3100        RasPppoe - ok
12:03:43.0055 3100        Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
12:03:43.0118 3100        Raspti - ok
12:03:43.0133 3100        Rdbss          (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:03:43.0196 3100        Rdbss - ok
12:03:43.0196 3100        RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:03:43.0274 3100        RDPCDD - ok
12:03:43.0274 3100        rdpdr          (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:03:43.0336 3100        rdpdr - ok
12:03:43.0368 3100        RDPWD          (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
12:03:43.0383 3100        RDPWD - ok
12:03:43.0399 3100        RDSessMgr      (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
12:03:43.0477 3100        RDSessMgr - ok
12:03:43.0493 3100        redbook        (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
12:03:43.0571 3100        redbook - ok
12:03:43.0586 3100        RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
12:03:43.0664 3100        RemoteAccess - ok
12:03:43.0696 3100        RemoteRegistry  (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
12:03:43.0758 3100        RemoteRegistry - ok
12:03:43.0774 3100        ROOTMODEM      (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
12:03:43.0852 3100        ROOTMODEM - ok
12:03:43.0993 3100        RpcLocator      (2a02e21867497df20b8fc95631395169) C:\WINDOWS\System32\locator.exe
12:03:44.0289 3100        RpcLocator - ok
12:03:44.0305 3100        RpcSs          (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\System32\rpcss.dll
12:03:44.0321 3100        RpcSs - ok
12:03:44.0336 3100        RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\System32\rsvp.exe
12:03:44.0414 3100        RSVP - ok
12:03:44.0430 3100        RTLE8023xp      (098de621085d7f922871a99b0ec7ddd6) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
12:03:44.0446 3100        RTLE8023xp - ok
12:03:44.0477 3100        SamSs          (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
12:03:44.0539 3100        SamSs - ok
12:03:44.0555 3100        SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
12:03:44.0618 3100        SCardSvr - ok
12:03:44.0649 3100        Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
12:03:44.0727 3100        Schedule - ok
12:03:44.0789 3100        sdAuxService    (2881d5c135d076bcf52b0f5ad3d8dc0b) C:\Programme\Spyware Doctor\pctsAuxs.exe
12:03:44.0805 3100        sdAuxService - ok
12:03:44.0836 3100        Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:03:44.0868 3100        Secdrv - ok
12:03:44.0899 3100        seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
12:03:44.0977 3100        seclogon - ok
12:03:44.0993 3100        SENS            (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
12:03:45.0055 3100        SENS - ok
12:03:45.0071 3100        serenum        (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
12:03:45.0133 3100        serenum - ok
12:03:45.0149 3100        Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
12:03:45.0211 3100        Serial - ok
12:03:45.0227 3100        Sfloppy        (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
12:03:45.0289 3100        Sfloppy - ok
12:03:45.0305 3100        SharedAccess    (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
12:03:45.0383 3100        SharedAccess - ok
12:03:45.0414 3100        ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
12:03:45.0430 3100        ShellHWDetection - ok
12:03:45.0430 3100        Simbad - ok
12:03:45.0446 3100        SONYPVU1        (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
12:03:45.0524 3100        SONYPVU1 - ok
12:03:45.0524 3100        Sparrow - ok
12:03:45.0539 3100        speedfan        (5d6401db90ec81b71f8e2c5c8f0fef23) C:\WINDOWS\system32\speedfan.sys
12:03:45.0555 3100        speedfan ( UnsignedFile.Multi.Generic ) - warning
12:03:45.0555 3100        speedfan - detected UnsignedFile.Multi.Generic (1)
12:03:45.0555 3100        splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
12:03:45.0618 3100        splitter - ok
12:03:45.0649 3100        Spooler        (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
12:03:45.0664 3100        Spooler - ok
12:03:45.0696 3100        sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
12:03:45.0727 3100        sr - ok
12:03:45.0758 3100        srservice      (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\System32\srsvc.dll
12:03:45.0789 3100        srservice - ok
12:03:45.0821 3100        Srv            (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
12:03:45.0836 3100        Srv - ok
12:03:45.0852 3100        SSDPSRV        (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
12:03:45.0899 3100        SSDPSRV - ok
12:03:45.0899 3100        StarOpen - ok
12:03:45.0930 3100        stisvc          (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
12:03:46.0008 3100        stisvc - ok
12:03:46.0024 3100        swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
12:03:46.0086 3100        swenum - ok
12:03:46.0102 3100        swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
12:03:46.0164 3100        swmidi - ok
12:03:46.0164 3100        SwPrv - ok
12:03:46.0180 3100        symc810 - ok
12:03:46.0180 3100        symc8xx - ok
12:03:46.0180 3100        sym_hi - ok
12:03:46.0196 3100        sym_u3 - ok
12:03:46.0196 3100        sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
12:03:46.0274 3100        sysaudio - ok
12:03:46.0289 3100        SysmonLog      (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
12:03:46.0352 3100        SysmonLog - ok
12:03:46.0368 3100        TapiSrv        (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
12:03:46.0446 3100        TapiSrv - ok
12:03:46.0477 3100        tbhsd          (c26c6dff638d9e51dc5cc60a7785d057) C:\WINDOWS\system32\drivers\tbhsd.sys
12:03:46.0477 3100        tbhsd - ok
12:03:46.0508 3100        Tcpip          (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:03:46.0524 3100        Tcpip - ok
12:03:46.0539 3100        TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
12:03:46.0618 3100        TDPIPE - ok
12:03:46.0618 3100        TDTCP          (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
12:03:46.0696 3100        TDTCP - ok
12:03:46.0711 3100        TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
12:03:46.0774 3100        TermDD - ok
12:03:46.0789 3100        TermService    (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
12:03:46.0868 3100        TermService - ok
12:03:46.0899 3100        Themes          (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
12:03:46.0914 3100        Themes - ok
12:03:46.0961 3100        TlntSvr        (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\System32\tlntsvr.exe
12:03:46.0993 3100        TlntSvr - ok
12:03:47.0008 3100        TosIde - ok
12:03:47.0024 3100        TrkWks          (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
12:03:47.0102 3100        TrkWks - ok
12:03:47.0118 3100        Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
12:03:47.0180 3100        Udfs - ok
12:03:47.0180 3100        ultra - ok
12:03:47.0211 3100        Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
12:03:47.0289 3100        Update - ok
12:03:47.0305 3100        upnphost        (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
12:03:47.0352 3100        upnphost - ok
12:03:47.0368 3100        UPS            (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
12:03:47.0430 3100        UPS - ok
12:03:47.0461 3100        usb2vcom        (66276112dc7089d2d9e58c7cbf0855c1) C:\WINDOWS\system32\Drivers\usb2vcom.sys
12:03:47.0461 3100        usb2vcom ( UnsignedFile.Multi.Generic ) - warning
12:03:47.0461 3100        usb2vcom - detected UnsignedFile.Multi.Generic (1)
12:03:47.0477 3100        usbehci        (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:03:47.0539 3100        usbehci - ok
12:03:47.0555 3100        usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:03:47.0618 3100        usbhub - ok
12:03:47.0633 3100        usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:03:47.0696 3100        usbprint - ok
12:03:47.0711 3100        usbser          (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\DRIVERS\usbser.sys
12:03:47.0774 3100        usbser - ok
12:03:47.0805 3100        USBSTOR        (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:03:47.0868 3100        USBSTOR - ok
12:03:47.0883 3100        usbuhci        (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:03:47.0946 3100        usbuhci - ok
12:03:48.0149 3100        VgaSave        (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
12:03:48.0227 3100        VgaSave - ok
12:03:48.0227 3100        ViaIde - ok
12:03:48.0243 3100        VolSnap        (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
12:03:48.0305 3100        VolSnap - ok
12:03:48.0321 3100        VSS            (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
12:03:48.0368 3100        VSS - ok
12:03:48.0383 3100        W32Time        (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
12:03:48.0477 3100        W32Time - ok
12:03:48.0493 3100        Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:03:48.0555 3100        Wanarp - ok
12:03:48.0586 3100        Wdf01000        (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
12:03:48.0618 3100        Wdf01000 - ok
12:03:48.0618 3100        WDICA - ok
12:03:48.0633 3100        wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
12:03:48.0696 3100        wdmaud - ok
12:03:48.0711 3100        WebClient      (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
12:03:48.0774 3100        WebClient - ok
12:03:48.0805 3100        winmgmt        (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
12:03:48.0868 3100        winmgmt - ok
12:03:48.0914 3100        WmdmPmSN        (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
12:03:48.0914 3100        WmdmPmSN - ok
12:03:48.0961 3100        Wmi            (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
12:03:48.0977 3100        Wmi - ok
12:03:49.0008 3100        WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\System32\wbem\wmiapsrv.exe
12:03:49.0071 3100        WmiApSrv - ok
12:03:49.0133 3100        WMPNetworkSvc  (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
12:03:49.0180 3100        WMPNetworkSvc - ok
12:03:49.0211 3100        wscsvc          (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
12:03:49.0274 3100        wscsvc - ok
12:03:49.0305 3100        wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
12:03:49.0368 3100        wuauserv - ok
12:03:49.0399 3100        WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:03:49.0399 3100        WudfPf - ok
12:03:49.0414 3100        WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:03:49.0430 3100        WudfRd - ok
12:03:49.0461 3100        WudfSvc        (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
12:03:49.0477 3100        WudfSvc - ok
12:03:49.0493 3100        WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
12:03:49.0586 3100        WZCSVC - ok
12:03:49.0618 3100        xmlprov        (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
12:03:49.0696 3100        xmlprov - ok
12:03:49.0696 3100        MBR (0x1B8)    (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
12:03:49.0899 3100        \Device\Harddisk0\DR0 - ok
12:03:49.0899 3100        MBR (0x1B8)    (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR4
12:03:52.0118 3100        \Device\Harddisk1\DR4 - ok
12:03:52.0118 3100        Boot (0x1200)  (3c316c7365933d10b3f14d87e352c4ef) \Device\Harddisk0\DR0\Partition0
12:03:52.0118 3100        \Device\Harddisk0\DR0\Partition0 - ok
12:03:52.0118 3100        Boot (0x1200)  (578f372d75f249e7dfd117ed7af69a0c) \Device\Harddisk0\DR0\Partition1
12:03:52.0118 3100        \Device\Harddisk0\DR0\Partition1 - ok
12:03:52.0133 3100        Boot (0x1200)  (9b06fd4c096a3fe3014b2087152cf244) \Device\Harddisk0\DR0\Partition2
12:03:52.0133 3100        \Device\Harddisk0\DR0\Partition2 - ok
12:03:52.0133 3100        Boot (0x1200)  (03c484ebf374f7d01828758619ebb1f6) \Device\Harddisk1\DR4\Partition0
12:03:52.0133 3100        \Device\Harddisk1\DR4\Partition0 - ok
12:03:52.0133 3100        ============================================================
12:03:52.0133 3100        Scan finished
12:03:52.0133 3100        ============================================================
12:03:52.0243 3048        Detected object count: 9
12:03:52.0243 3048        Actual detected object count: 9
12:04:45.0446 3048        AVMPORT ( UnsignedFile.Multi.Generic ) - skipped by user
12:04:45.0446 3048        AVMPORT ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:04:45.0446 3048        ezplay ( UnsignedFile.Multi.Generic ) - skipped by user
12:04:45.0446 3048        ezplay ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:04:45.0446 3048        giveio ( UnsignedFile.Multi.Generic ) - skipped by user
12:04:45.0446 3048        giveio ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:04:45.0446 3048        IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
12:04:45.0446 3048        IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:04:45.0446 3048        nv ( UnsignedFile.Multi.Generic ) - skipped by user
12:04:45.0446 3048        nv ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:04:45.0446 3048        NVSvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:04:45.0446 3048        NVSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:04:45.0446 3048        pcouffin ( UnsignedFile.Multi.Generic ) - skipped by user
12:04:45.0446 3048        pcouffin ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:04:45.0446 3048        speedfan ( UnsignedFile.Multi.Generic ) - skipped by user
12:04:45.0446 3048        speedfan ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:04:45.0446 3048        usb2vcom ( UnsignedFile.Multi.Generic ) - skipped by user
12:04:45.0446 3048        usb2vcom ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:07:54.0602 3920        ============================================================
12:07:54.0602 3920        Scan started
12:07:54.0602 3920        Mode: Manual; SigCheck; TDLFS;
12:07:54.0602 3920        ============================================================
12:07:54.0914 3920        Aavmker4        (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
12:07:54.0930 3920        Aavmker4 - ok
12:07:54.0930 3920        Abiosdsk - ok
12:07:54.0946 3920        abp480n5 - ok
12:07:54.0961 3920        ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:07:55.0071 3920        ACPI - ok
12:07:55.0086 3920        ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
12:07:55.0180 3920        ACPIEC - ok
12:07:55.0180 3920        adpu160m - ok
12:07:55.0196 3920        aec            (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
12:07:55.0258 3920        aec - ok
12:07:55.0289 3920        AFD            (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
12:07:55.0305 3920        AFD - ok
12:07:55.0305 3920        Aha154x - ok
12:07:55.0321 3920        aic78u2 - ok
12:07:55.0321 3920        aic78xx - ok
12:07:55.0352 3920        Alerter        (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
12:07:55.0414 3920        Alerter - ok
12:07:55.0430 3920        ALG            (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
12:07:55.0461 3920        ALG - ok
12:07:55.0477 3920        AliIde - ok
12:07:55.0477 3920        amsint - ok
12:07:55.0508 3920        AppMgmt        (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
12:07:55.0539 3920        AppMgmt - ok
12:07:55.0586 3920        AR9271          (8e2257584b2c52d44b4cb1949947d885) C:\WINDOWS\system32\DRIVERS\athuw.sys
12:07:55.0618 3920        AR9271 - ok
12:07:55.0633 3920        asc - ok
12:07:55.0633 3920        asc3350p - ok
12:07:55.0633 3920        asc3550 - ok
12:07:55.0680 3920        aspnet_state    (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
12:07:55.0696 3920        aspnet_state - ok
12:07:55.0696 3920        aswFsBlk        (0ae43c6c411254049279c2ee55630f95) C:\WINDOWS\system32\drivers\aswFsBlk.sys
12:07:55.0696 3920        aswFsBlk - ok
12:07:55.0727 3920        aswMon2        (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINDOWS\system32\drivers\aswMon2.sys
12:07:55.0743 3920        aswMon2 - ok
12:07:55.0743 3920        aswRdr          (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINDOWS\system32\drivers\aswRdr.sys
12:07:55.0758 3920        aswRdr - ok
12:07:55.0789 3920        aswSnx          (dcb199b967375753b5019ec15f008f53) C:\WINDOWS\system32\drivers\aswSnx.sys
12:07:55.0805 3920        aswSnx - ok
12:07:55.0836 3920        aswSP          (b32873e5a1443c0a1e322266e203bf10) C:\WINDOWS\system32\drivers\aswSP.sys
12:07:55.0852 3920        aswSP - ok
12:07:55.0852 3920        aswTdi          (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINDOWS\system32\drivers\aswTdi.sys
12:07:55.0852 3920        aswTdi - ok
12:07:55.0883 3920        AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:07:55.0946 3920        AsyncMac - ok
12:07:55.0961 3920        atapi          (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
12:07:56.0024 3920        atapi - ok
12:07:56.0024 3920        Atdisk - ok
12:07:56.0055 3920        Atmarpc        (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:07:56.0118 3920        Atmarpc - ok
12:07:56.0133 3920        AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
12:07:56.0196 3920        AudioSrv - ok
12:07:56.0227 3920        audstub        (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
12:07:56.0289 3920        audstub - ok
12:07:56.0352 3920        avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Programme\Alwil Software\Avast5\AvastSvc.exe
12:07:56.0352 3920        avast! Antivirus - ok
12:07:56.0368 3920        AVMPORT        (02568a764ef2c37cfa6f9c471e67d475) C:\WINDOWS\System32\drivers\avmport.sys
12:07:56.0383 3920        AVMPORT ( UnsignedFile.Multi.Generic ) - warning
12:07:56.0383 3920        AVMPORT - detected UnsignedFile.Multi.Generic (1)
12:07:56.0414 3920        AVMWAN          (c997af59c54d69232fb7bbea4dad86e2) C:\WINDOWS\system32\DRIVERS\avmwan.sys
12:07:56.0477 3920        AVMWAN - ok
12:07:56.0508 3920        Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
12:07:56.0571 3920        Beep - ok
12:07:56.0586 3920        BITS            (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
12:07:56.0664 3920        BITS - ok
12:07:56.0680 3920        Bridge          (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
12:07:56.0711 3920        Bridge - ok
12:07:56.0711 3920        BridgeMP        (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
12:07:56.0758 3920        BridgeMP - ok
12:07:56.0774 3920        Browser        (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
12:07:56.0836 3920        Browser - ok
12:07:56.0883 3920        BTHPORT        (592e1cedbe314d0ef184dc6f46141e76) C:\WINDOWS\system32\Drivers\BTHport.sys
12:07:56.0899 3920        BTHPORT - ok
12:07:56.0914 3920        BthServ        (26c601ef7525e31379744abfc6f35a1b) C:\WINDOWS\System32\bthserv.dll
12:07:56.0977 3920        BthServ - ok
12:07:56.0993 3920        BTHUSB          (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
12:07:57.0055 3920        BTHUSB - ok
12:07:57.0071 3920        cbidf2k        (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
12:07:57.0133 3920        cbidf2k - ok
12:07:57.0149 3920        cd20xrnt - ok
12:07:57.0164 3920        Cdaudio        (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
12:07:57.0227 3920        Cdaudio - ok
12:07:57.0258 3920        Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
12:07:57.0336 3920        Cdfs - ok
12:07:57.0352 3920        Cdrom          (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:07:57.0430 3920        Cdrom - ok
12:07:57.0430 3920        Changer - ok
12:07:57.0446 3920        CiSvc          (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
12:07:57.0508 3920        CiSvc - ok
12:07:57.0524 3920        ClipSrv        (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
12:07:57.0602 3920        ClipSrv - ok
12:07:57.0649 3920        clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:07:57.0649 3920        clr_optimization_v2.0.50727_32 - ok
12:07:57.0664 3920        CmdIde - ok
12:07:57.0664 3920        COMSysApp - ok
12:07:57.0664 3920        Cpqarray - ok
12:07:57.0696 3920        CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
12:07:57.0758 3920        CryptSvc - ok
12:07:57.0758 3920        dac2w2k - ok
12:07:57.0774 3920        dac960nt - ok
12:07:57.0789 3920        DAdderFltr      (cb90f77e21109ccfd114a17bd87a42a7) C:\WINDOWS\system32\drivers\dadder.sys
12:07:57.0805 3920        DAdderFltr - ok
12:07:57.0821 3920        DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
12:07:57.0836 3920        DcomLaunch - ok
12:07:57.0868 3920        Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
12:07:57.0930 3920        Dhcp - ok
12:07:57.0961 3920        DIGIRPS        (ac831d7c56b5c30a7b0987c4d8dd7608) C:\WINDOWS\system32\DRIVERS\digirlpt.sys
12:07:58.0024 3920        DIGIRPS - ok
12:07:58.0039 3920        Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
12:07:58.0102 3920        Disk - ok
12:07:58.0118 3920        dmadmin - ok
12:07:58.0149 3920        dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
12:07:58.0258 3920        dmboot - ok
12:07:58.0258 3920        dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
12:07:58.0321 3920        dmio - ok
12:07:58.0352 3920        dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
12:07:58.0430 3920        dmload - ok
12:07:58.0446 3920        dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
12:07:58.0508 3920        dmserver - ok
12:07:58.0524 3920        DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
12:07:58.0586 3920        DMusic - ok
12:07:58.0602 3920        Dnscache        (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
12:07:58.0618 3920        Dnscache - ok
12:07:58.0649 3920        Dot3svc        (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
12:07:58.0711 3920        Dot3svc - ok
12:07:58.0711 3920        dpti2o - ok
12:07:58.0727 3920        drmkaud        (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
12:07:58.0789 3920        drmkaud - ok
12:07:58.0821 3920        EapHost        (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
12:07:58.0883 3920        EapHost - ok
12:07:58.0899 3920        ERSvc          (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
12:07:58.0961 3920        ERSvc - ok
12:07:58.0993 3920        Eventlog        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
12:07:59.0008 3920        Eventlog - ok
12:07:59.0039 3920        EventSystem    (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\System32\es.dll
12:07:59.0055 3920        EventSystem - ok
12:07:59.0071 3920        ezplay          (73e701e0fa4d2fc7d22efceff276c50a) C:\WINDOWS\system32\Drivers\ezplay.sys
12:07:59.0086 3920        ezplay ( UnsignedFile.Multi.Generic ) - warning
12:07:59.0086 3920        ezplay - detected UnsignedFile.Multi.Generic (1)
12:07:59.0102 3920        Fastfat        (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
12:07:59.0164 3920        Fastfat - ok
12:07:59.0180 3920        FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
12:07:59.0196 3920        FastUserSwitchingCompatibility - ok
12:07:59.0211 3920        Fdc            (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
12:07:59.0274 3920        Fdc - ok
12:07:59.0305 3920        Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
12:07:59.0368 3920        Fips - ok
12:07:59.0383 3920        Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:07:59.0446 3920        Flpydisk - ok
12:07:59.0461 3920        FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
12:07:59.0524 3920        FltMgr - ok
12:07:59.0586 3920        FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
12:07:59.0586 3920        FontCache3.0.0.0 - ok
12:07:59.0618 3920        fpcibase        (03ddba31f856936baddd2d66e111faed) C:\WINDOWS\system32\DRIVERS\fpcibase.sys
12:07:59.0649 3920        fpcibase - ok
12:07:59.0664 3920        Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:07:59.0727 3920        Fs_Rec - ok
12:07:59.0743 3920        Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:07:59.0805 3920        Ftdisk - ok
12:07:59.0821 3920        gdrv            (54789f9ba0d59072cdd4e7c200e122c4) C:\WINDOWS\gdrv.sys
12:07:59.0821 3920        gdrv - ok
12:07:59.0836 3920        giveio          (77ebf3e9386daa51551af429052d88d0) C:\WINDOWS\system32\giveio.sys
12:07:59.0852 3920        giveio ( UnsignedFile.Multi.Generic ) - warning
12:07:59.0852 3920        giveio - detected UnsignedFile.Multi.Generic (1)
12:07:59.0852 3920        Gpc            (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:07:59.0930 3920        Gpc - ok
12:07:59.0977 3920        gupdate        (f02a533f517eb38333cb12a9e8963773) C:\Programme\Google\Update\GoogleUpdate.exe
12:07:59.0993 3920        gupdate - ok
12:07:59.0993 3920        gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Programme\Google\Update\GoogleUpdate.exe
12:08:00.0008 3920        gupdatem - ok
12:08:00.0024 3920        HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:08:00.0086 3920        HDAudBus - ok
12:08:00.0118 3920        helpsvc        (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:08:00.0180 3920        helpsvc - ok
12:08:00.0180 3920        HidServ - ok
12:08:00.0211 3920        hidusb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:08:00.0274 3920        hidusb - ok
12:08:00.0305 3920        hkmsvc          (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
12:08:00.0368 3920        hkmsvc - ok
12:08:00.0368 3920        hpn - ok
12:08:00.0399 3920        HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
12:08:00.0414 3920        HTTP - ok
12:08:00.0430 3920        HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
12:08:00.0508 3920        HTTPFilter - ok
12:08:00.0508 3920        i2omgmt - ok
12:08:00.0524 3920        i2omp - ok
12:08:00.0524 3920        i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:08:00.0586 3920        i8042prt - ok
12:08:00.0649 3920        IDriverT        (1cf03c69b49acb70c722df92755c0c8c) C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
12:08:00.0649 3920        IDriverT ( UnsignedFile.Multi.Generic ) - warning
12:08:00.0649 3920        IDriverT - detected UnsignedFile.Multi.Generic (1)
12:08:00.0727 3920        idsvc          (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:08:00.0743 3920        idsvc - ok
12:08:00.0774 3920        Imapi          (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
12:08:00.0836 3920        Imapi - ok
12:08:00.0868 3920        ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
12:08:00.0946 3920        ImapiService - ok
12:08:00.0946 3920        ini910u - ok
12:08:01.0039 3920        IntcAzAudAddService (e37589414437a60797e94c0f57c546db) C:\WINDOWS\system32\drivers\RtkHDAud.sys
12:08:01.0164 3920        IntcAzAudAddService - ok
12:08:01.0164 3920        IntelIde - ok
12:08:01.0180 3920        intelppm        (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:08:01.0243 3920        intelppm - ok
12:08:01.0258 3920        ip6fw          (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
12:08:01.0321 3920        ip6fw - ok
12:08:01.0368 3920        IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:08:01.0430 3920        IpFilterDriver - ok
12:08:01.0446 3920        IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:08:01.0508 3920        IpInIp - ok
12:08:01.0524 3920        IpNat          (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:08:01.0602 3920        IpNat - ok
12:08:01.0618 3920        IPSec          (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:08:01.0680 3920        IPSec - ok
12:08:01.0696 3920        IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
12:08:01.0727 3920        IRENUM - ok
12:08:01.0743 3920        isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:08:01.0805 3920        isapnp - ok
12:08:01.0821 3920        JGOGO          (c995c0e8b4503fac38793bb0236ad246) C:\WINDOWS\system32\DRIVERS\JGOGO.sys
12:08:01.0821 3920        JGOGO - ok
12:08:01.0836 3920        JRAID          (f90a4e8657319a652e04c5362926cfea) C:\WINDOWS\system32\DRIVERS\jraid.sys
12:08:01.0852 3920        JRAID - ok
12:08:01.0868 3920        Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:08:01.0930 3920        Kbdclass - ok
12:08:01.0930 3920        kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
12:08:01.0993 3920        kmixer - ok
12:08:02.0008 3920        KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
12:08:02.0024 3920        KSecDD - ok
12:08:02.0055 3920        lanmanserver    (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
12:08:02.0071 3920        lanmanserver - ok
12:08:02.0086 3920        lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
12:08:02.0118 3920        lanmanworkstation - ok
12:08:02.0118 3920        lbrtfdc - ok
12:08:02.0118 3920        LexBceS - ok
12:08:02.0149 3920        LmHosts        (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
12:08:02.0211 3920        LmHosts - ok
12:08:02.0243 3920        Messenger      (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
12:08:02.0305 3920        Messenger - ok
12:08:02.0321 3920        mnmdd          (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
12:08:02.0383 3920        mnmdd - ok
12:08:02.0414 3920        mnmsrvc        (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\System32\mnmsrvc.exe
12:08:02.0477 3920        mnmsrvc - ok
12:08:02.0477 3920        Modem          (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
12:08:02.0539 3920        Modem - ok
12:08:02.0555 3920        Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:08:02.0618 3920        Mouclass - ok
12:08:02.0633 3920        mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:08:02.0696 3920        mouhid - ok
12:08:02.0696 3920        MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
12:08:02.0774 3920        MountMgr - ok
12:08:02.0774 3920        mraid35x - ok
12:08:02.0774 3920        MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:08:02.0836 3920        MRxDAV - ok
12:08:02.0883 3920        MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:08:02.0899 3920        MRxSmb - ok
12:08:02.0914 3920        MSDTC          (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\System32\msdtc.exe
12:08:02.0993 3920        MSDTC - ok
12:08:02.0993 3920        Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
12:08:03.0055 3920        Msfs - ok
12:08:03.0055 3920        MSIServer - ok
12:08:03.0071 3920        MSKSSRV        (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:08:03.0133 3920        MSKSSRV - ok
12:08:03.0164 3920        MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:08:03.0211 3920        MSPCLOCK - ok
12:08:03.0227 3920        MSPQM          (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
12:08:03.0289 3920        MSPQM - ok
12:08:03.0305 3920        mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:08:03.0368 3920        mssmbios - ok
12:08:03.0399 3920        Mup            (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
12:08:03.0414 3920        Mup - ok
12:08:03.0430 3920        napagent        (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
12:08:03.0508 3920        napagent - ok
12:08:03.0524 3920        NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
12:08:03.0586 3920        NDIS - ok
12:08:03.0602 3920        NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:08:03.0618 3920        NdisTapi - ok
12:08:03.0618 3920        Ndisuio        (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:08:03.0696 3920        Ndisuio - ok
12:08:03.0711 3920        NdisWan        (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:08:03.0774 3920        NdisWan - ok
12:08:03.0789 3920        NDProxy        (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
12:08:03.0805 3920        NDProxy - ok
12:08:03.0868 3920        Nero BackItUp Scheduler 4.0 (7d2633295eb6ff2b938185874884059d) C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe
12:08:03.0883 3920        Nero BackItUp Scheduler 4.0 - ok
12:08:03.0899 3920        NetBIOS        (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
12:08:03.0961 3920        NetBIOS - ok
12:08:03.0977 3920        NetBT          (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
12:08:04.0039 3920        NetBT - ok
12:08:04.0071 3920        NetDDE          (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
12:08:04.0149 3920        NetDDE - ok
12:08:04.0149 3920        NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
12:08:04.0211 3920        NetDDEdsdm - ok
12:08:04.0243 3920        Netlogon        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
12:08:04.0305 3920        Netlogon - ok
12:08:04.0336 3920        Netman          (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
12:08:04.0399 3920        Netman - ok
12:08:04.0461 3920        NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:08:04.0461 3920        NetTcpPortSharing - ok
12:08:04.0493 3920        Nla            (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
12:08:04.0508 3920        Nla - ok
12:08:04.0508 3920        Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
12:08:04.0571 3920        Npfs - ok
12:08:04.0602 3920        Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
12:08:04.0664 3920        Ntfs - ok
12:08:04.0664 3920        NtLmSsp        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\System32\lsass.exe
12:08:04.0743 3920        NtLmSsp - ok
12:08:04.0758 3920        NtmsSvc        (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
12:08:04.0836 3920        NtmsSvc - ok
12:08:04.0852 3920        Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
12:08:04.0914 3920        Null - ok
12:08:05.0039 3920        nv              (b518ab25714821ae21677a8ada1fdf86) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
12:08:05.0164 3920        nv ( UnsignedFile.Multi.Generic ) - warning
12:08:05.0164 3920        nv - detected UnsignedFile.Multi.Generic (1)
12:08:05.0196 3920        NVSvc          (77ecdf9e3d43d4e86e85b73886992625) C:\WINDOWS\system32\nvsvc32.exe
12:08:05.0196 3920        NVSvc ( UnsignedFile.Multi.Generic ) - warning
12:08:05.0196 3920        NVSvc - detected UnsignedFile.Multi.Generic (1)
12:08:05.0211 3920        NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:08:05.0289 3920        NwlnkFlt - ok
12:08:05.0289 3920        NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:08:05.0352 3920        NwlnkFwd - ok
12:08:05.0368 3920        Parport        (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
12:08:05.0430 3920        Parport - ok
12:08:05.0446 3920        PartMgr        (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
12:08:05.0508 3920        PartMgr - ok
12:08:05.0539 3920        ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
12:08:05.0602 3920        ParVdm - ok
12:08:05.0618 3920        pccsmcfd        (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
12:08:05.0633 3920        pccsmcfd - ok
12:08:05.0649 3920        PCI            (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
12:08:05.0711 3920        PCI - ok
12:08:05.0711 3920        PCIDump - ok
12:08:05.0743 3920        PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
12:08:05.0805 3920        PCIIde - ok
12:08:05.0821 3920        Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
12:08:05.0883 3920        Pcmcia - ok
12:08:05.0914 3920        pcouffin        (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
12:08:05.0914 3920        pcouffin ( UnsignedFile.Multi.Generic ) - warning
12:08:05.0914 3920        pcouffin - detected UnsignedFile.Multi.Generic (1)
12:08:05.0930 3920        PCTCore        (aa9cfa67850893fbb168b9c4e4c86952) C:\WINDOWS\system32\drivers\PCTCore.sys
12:08:05.0946 3920        PCTCore - ok
12:08:05.0946 3920        PDCOMP - ok
12:08:05.0946 3920        PDFRAME - ok
12:08:05.0961 3920        PDRELI - ok
12:08:05.0961 3920        PDRFRAME - ok
12:08:05.0961 3920        perc2 - ok
12:08:05.0977 3920        perc2hib - ok
12:08:05.0993 3920        PlugPlay        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
12:08:06.0008 3920        PlugPlay - ok
12:08:06.0024 3920        PnkBstrA        (3a2bdd76e7d2a5f40a7174793d1ba794) C:\WINDOWS\system32\PnkBstrA.exe
12:08:06.0039 3920        PnkBstrA - ok
12:08:06.0055 3920        PolicyAgent    (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
12:08:06.0133 3920        PolicyAgent - ok
12:08:06.0133 3920        PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:08:06.0196 3920        PptpMiniport - ok
12:08:06.0211 3920        Processor      (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys
12:08:06.0289 3920        Processor - ok
12:08:06.0289 3920        ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
12:08:06.0352 3920        ProtectedStorage - ok
12:08:06.0383 3920        PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
12:08:06.0446 3920        PSched - ok
12:08:06.0477 3920        Ptilink        (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:08:06.0539 3920        Ptilink - ok
12:08:06.0571 3920        PxHelp20        (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
12:08:06.0571 3920        PxHelp20 - ok
12:08:06.0571 3920        ql1080 - ok
12:08:06.0586 3920        Ql10wnt - ok
12:08:06.0586 3920        ql12160 - ok
12:08:06.0602 3920        ql1240 - ok
12:08:06.0602 3920        ql1280 - ok
12:08:06.0618 3920        RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:08:06.0680 3920        RasAcd - ok
12:08:06.0696 3920        RasAuto        (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
12:08:06.0774 3920        RasAuto - ok
12:08:06.0774 3920        Rasl2tp        (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:08:06.0836 3920        Rasl2tp - ok
12:08:06.0868 3920        RasMan          (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
12:08:06.0930 3920        RasMan - ok
12:08:06.0930 3920        RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:08:06.0993 3920        RasPppoe - ok
12:08:07.0008 3920        Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
12:08:07.0071 3920        Raspti - ok
12:08:07.0086 3920        Rdbss          (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:08:07.0149 3920        Rdbss - ok
12:08:07.0149 3920        RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:08:07.0211 3920        RDPCDD - ok
12:08:07.0227 3920        rdpdr          (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:08:07.0289 3920        rdpdr - ok
12:08:07.0321 3920        RDPWD          (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
12:08:07.0336 3920        RDPWD - ok
12:08:07.0368 3920        RDSessMgr      (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
12:08:07.0430 3920        RDSessMgr - ok
12:08:07.0446 3920        redbook        (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
12:08:07.0524 3920        redbook - ok
12:08:07.0539 3920        RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
12:08:07.0618 3920        RemoteAccess - ok
12:08:07.0649 3920        RemoteRegistry  (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
12:08:07.0727 3920        RemoteRegistry - ok
12:08:07.0743 3920        ROOTMODEM      (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
12:08:07.0805 3920        ROOTMODEM - ok
12:08:07.0821 3920        RpcLocator      (2a02e21867497df20b8fc95631395169) C:\WINDOWS\System32\locator.exe
12:08:07.0899 3920        RpcLocator - ok
12:08:07.0914 3920        RpcSs          (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\System32\rpcss.dll
12:08:07.0930 3920        RpcSs - ok
12:08:07.0946 3920        RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\System32\rsvp.exe
12:08:08.0008 3920        RSVP - ok
12:08:08.0024 3920        RTLE8023xp      (098de621085d7f922871a99b0ec7ddd6) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
12:08:08.0039 3920        RTLE8023xp - ok
12:08:08.0055 3920        SamSs          (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
12:08:08.0133 3920        SamSs - ok
12:08:08.0149 3920        SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
12:08:08.0211 3920        SCardSvr - ok
12:08:08.0227 3920        Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
12:08:08.0305 3920        Schedule - ok
12:08:08.0368 3920        sdAuxService    (2881d5c135d076bcf52b0f5ad3d8dc0b) C:\Programme\Spyware Doctor\pctsAuxs.exe
12:08:08.0383 3920        sdAuxService - ok
12:08:08.0414 3920        Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:08:08.0446 3920        Secdrv - ok
12:08:08.0477 3920        seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
12:08:08.0539 3920        seclogon - ok
12:08:08.0571 3920        SENS            (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
12:08:08.0633 3920        SENS - ok
12:08:08.0649 3920        serenum        (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
12:08:08.0711 3920        serenum - ok
12:08:08.0727 3920        Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
12:08:08.0789 3920        Serial - ok
12:08:08.0821 3920        Sfloppy        (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
12:08:08.0883 3920        Sfloppy - ok
12:08:08.0899 3920        SharedAccess    (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
12:08:08.0961 3920        SharedAccess - ok
12:08:08.0993 3920        ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
12:08:09.0008 3920        ShellHWDetection - ok
12:08:09.0008 3920        Simbad - ok
12:08:09.0039 3920        SONYPVU1        (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
12:08:09.0102 3920        SONYPVU1 - ok
12:08:09.0102 3920        Sparrow - ok
12:08:09.0133 3920        speedfan        (5d6401db90ec81b71f8e2c5c8f0fef23) C:\WINDOWS\system32\speedfan.sys
12:08:09.0133 3920        speedfan ( UnsignedFile.Multi.Generic ) - warning
12:08:09.0133 3920        speedfan - detected UnsignedFile.Multi.Generic (1)
12:08:09.0149 3920        splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
12:08:09.0196 3920        splitter - ok
12:08:09.0227 3920        Spooler        (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
12:08:09.0227 3920        Spooler - ok
12:08:09.0258 3920        sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
12:08:09.0289 3920        sr - ok
12:08:09.0321 3920        srservice      (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\System32\srsvc.dll
12:08:09.0368 3920        srservice - ok
12:08:09.0399 3920        Srv            (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
12:08:09.0414 3920        Srv - ok
12:08:09.0446 3920        SSDPSRV        (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
12:08:09.0477 3920        SSDPSRV - ok
12:08:09.0493 3920        StarOpen - ok
12:08:09.0524 3920        stisvc          (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
12:08:09.0586 3920        stisvc - ok
12:08:09.0602 3920        swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
12:08:09.0664 3920        swenum - ok
12:08:09.0680 3920        swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
12:08:09.0743 3920        swmidi - ok
12:08:09.0743 3920        SwPrv - ok
12:08:09.0758 3920        symc810 - ok
12:08:09.0758 3920        symc8xx - ok
12:08:09.0758 3920        sym_hi - ok
12:08:09.0774 3920        sym_u3 - ok
12:08:09.0789 3920        sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
12:08:09.0852 3920        sysaudio - ok
12:08:09.0868 3920        SysmonLog      (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
12:08:09.0946 3920        SysmonLog - ok
12:08:09.0961 3920        TapiSrv        (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
12:08:10.0024 3920        TapiSrv - ok
12:08:10.0071 3920        tbhsd          (c26c6dff638d9e51dc5cc60a7785d057) C:\WINDOWS\system32\drivers\tbhsd.sys
12:08:10.0071 3920        tbhsd - ok
12:08:10.0102 3920        Tcpip          (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:08:10.0118 3920        Tcpip - ok
12:08:10.0133 3920        TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
12:08:10.0196 3920        TDPIPE - ok
12:08:10.0211 3920        TDTCP          (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
12:08:10.0274 3920        TDTCP - ok
12:08:10.0289 3920        TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
12:08:10.0352 3920        TermDD - ok
12:08:10.0383 3920        TermService    (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
12:08:10.0446 3920        TermService - ok
12:08:10.0461 3920        Themes          (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
12:08:10.0477 3920        Themes - ok
12:08:10.0508 3920        TlntSvr        (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\System32\tlntsvr.exe
12:08:10.0539 3920        TlntSvr - ok
12:08:10.0555 3920        TosIde - ok
12:08:10.0571 3920        TrkWks          (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
12:08:10.0633 3920        TrkWks - ok
12:08:10.0664 3920        Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
12:08:10.0727 3920        Udfs - ok
12:08:10.0727 3920        ultra - ok
12:08:10.0758 3920        Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
12:08:10.0836 3920        Update - ok
12:08:10.0852 3920        upnphost        (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
12:08:10.0883 3920        upnphost - ok
12:08:10.0899 3920        UPS            (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
12:08:10.0977 3920        UPS - ok
12:08:10.0993 3920        usb2vcom        (66276112dc7089d2d9e58c7cbf0855c1) C:\WINDOWS\system32\Drivers\usb2vcom.sys
12:08:11.0008 3920        usb2vcom ( UnsignedFile.Multi.Generic ) - warning
12:08:11.0008 3920        usb2vcom - detected UnsignedFile.Multi.Generic (1)
12:08:11.0024 3920        usbehci        (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:08:11.0086 3920        usbehci - ok
12:08:11.0086 3920        usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:08:11.0149 3920        usbhub - ok
12:08:11.0164 3920        usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:08:11.0227 3920        usbprint - ok
12:08:11.0243 3920        usbser          (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\DRIVERS\usbser.sys
12:08:11.0305 3920        usbser - ok
12:08:11.0321 3920        USBSTOR        (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:08:11.0383 3920        USBSTOR - ok
12:08:11.0399 3920        usbuhci        (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:08:11.0461 3920        usbuhci - ok
12:08:11.0461 3920        VgaSave        (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
12:08:11.0524 3920        VgaSave - ok
12:08:11.0539 3920        ViaIde - ok
12:08:11.0555 3920        VolSnap        (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
12:08:11.0618 3920        VolSnap - ok
12:08:11.0633 3920        VSS            (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
12:08:11.0680 3920        VSS - ok
12:08:11.0696 3920        W32Time        (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
12:08:11.0758 3920        W32Time - ok
12:08:11.0789 3920        Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:08:11.0868 3920        Wanarp - ok
12:08:11.0883 3920        Wdf01000        (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
12:08:11.0899 3920        Wdf01000 - ok
12:08:11.0914 3920        WDICA - ok
12:08:11.0930 3920        wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
12:08:11.0993 3920        wdmaud - ok
12:08:12.0008 3920        WebClient      (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
12:08:12.0071 3920        WebClient - ok
12:08:12.0118 3920        winmgmt        (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
12:08:12.0180 3920        winmgmt - ok
12:08:12.0211 3920        WmdmPmSN        (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
12:08:12.0211 3920        WmdmPmSN - ok
12:08:12.0243 3920        Wmi            (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
12:08:12.0258 3920        Wmi - ok
12:08:12.0274 3920        WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\System32\wbem\wmiapsrv.exe
12:08:12.0336 3920        WmiApSrv - ok
12:08:12.0399 3920        WMPNetworkSvc  (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
12:08:12.0430 3920        WMPNetworkSvc - ok
12:08:12.0461 3920        wscsvc          (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
12:08:12.0539 3920        wscsvc - ok
12:08:12.0555 3920        wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
12:08:12.0633 3920        wuauserv - ok
12:08:12.0649 3920        WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:08:12.0664 3920        WudfPf - ok
12:08:12.0696 3920        WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:08:12.0696 3920        WudfRd - ok
12:08:12.0727 3920        WudfSvc        (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
12:08:12.0743 3920        WudfSvc - ok
12:08:12.0774 3920        WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
12:08:12.0852 3920        WZCSVC - ok
12:08:12.0868 3920        xmlprov        (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
12:08:12.0946 3920        xmlprov - ok
12:08:12.0946 3920        MBR (0x1B8)    (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
12:08:13.0164 3920        \Device\Harddisk0\DR0 - ok
12:08:13.0164 3920        MBR (0x1B8)    (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR4
12:08:15.0305 3920        \Device\Harddisk1\DR4 - ok
12:08:15.0305 3920        Boot (0x1200)  (3c316c7365933d10b3f14d87e352c4ef) \Device\Harddisk0\DR0\Partition0
12:08:15.0305 3920        \Device\Harddisk0\DR0\Partition0 - ok
12:08:15.0305 3920        Boot (0x1200)  (578f372d75f249e7dfd117ed7af69a0c) \Device\Harddisk0\DR0\Partition1
12:08:15.0305 3920        \Device\Harddisk0\DR0\Partition1 - ok
12:08:15.0321 3920        Boot (0x1200)  (9b06fd4c096a3fe3014b2087152cf244) \Device\Harddisk0\DR0\Partition2
12:08:15.0321 3920        \Device\Harddisk0\DR0\Partition2 - ok
12:08:15.0321 3920        Boot (0x1200)  (03c484ebf374f7d01828758619ebb1f6) \Device\Harddisk1\DR4\Partition0
12:08:15.0321 3920        \Device\Harddisk1\DR4\Partition0 - ok
12:08:15.0321 3920        ============================================================
12:08:15.0321 3920        Scan finished
12:08:15.0321 3920        ============================================================
12:08:15.0321 4052        Detected object count: 9
12:08:15.0321 4052        Actual detected object count: 9
12:08:45.0571 4052        AVMPORT ( UnsignedFile.Multi.Generic ) - skipped by user
12:08:45.0571 4052        AVMPORT ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:08:45.0571 4052        ezplay ( UnsignedFile.Multi.Generic ) - skipped by user
12:08:45.0571 4052        ezplay ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:08:45.0571 4052        giveio ( UnsignedFile.Multi.Generic ) - skipped by user
12:08:45.0571 4052        giveio ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:08:45.0571 4052        IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
12:08:45.0571 4052        IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:08:45.0571 4052        nv ( UnsignedFile.Multi.Generic ) - skipped by user
12:08:45.0571 4052        nv ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:08:45.0571 4052        NVSvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:08:45.0571 4052        NVSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:08:45.0571 4052        pcouffin ( UnsignedFile.Multi.Generic ) - skipped by user
12:08:45.0571 4052        pcouffin ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:08:45.0571 4052        speedfan ( UnsignedFile.Multi.Generic ) - skipped by user
12:08:45.0571 4052        speedfan ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:08:45.0571 4052        usb2vcom ( UnsignedFile.Multi.Generic ) - skipped by user
12:08:45.0571 4052        usb2vcom ( UnsignedFile.Multi.Generic ) - User select action: Skip


Alle Zeitangaben in WEZ +1. Es ist jetzt 15:46 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131