Trojaner-Board
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Computer ist plötzlich extrem langsam (https://www.trojaner-board.de/131485-computer-ploetzlich-extrem-langsam.html)

Tina67 24.02.2013 17:42
Computer ist plötzlich extrem langsam
 
Liebes Trojanerboard,

seit kurzem ist mein Computer extrem langsam geworden. Vor allem das Hochfahren dauert ewig. Ich habe versucht, einige Programme zu löschen und bei anderen Updates zu machen, aber bei einigen funktioniert das nicht.
Ich wollte die Schritte 1-3 absolvieren, aber bei dem "gmer"-Scan startet der Computer sofort von alleine neu. Daher nur die anderen beiden Logfiles.
Für Hilfe wäre ich sehr dankbar.
MfG
Tina67OTL Logfile:
Code:
OTL logfile created on: 24.02.2013 16:12:24 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Tina\Eigene Dateien\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
895,48 Mb Total Physical Memory | 277,19 Mb Available Physical Memory | 30,95% Memory free
2,12 Gb Paging File | 1,58 Gb Available in Paging File | 74,81% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 62,82 Gb Total Space | 28,60 Gb Free Space | 45,52% Space Free | Partition Type: NTFS
Drive D: | 11,73 Gb Total Space | 4,88 Gb Free Space | 41,62% Space Free | Partition Type: FAT32
 
Computer Name: ***| User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.02.24 14:57:46 | 000,170,912 | ---- | M] (Oracle Corporation) -- C:\Programme\Java\jre7\bin\jqs.exe
PRC - [2013.02.24 13:18:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Tina\Eigene Dateien\Downloads\OTL.exe
PRC - [2013.01.26 03:35:08 | 001,248,208 | ---- | M] (Google Inc.) -- C:\Programme\Google\Chrome\Application\chrome.exe
PRC - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.12.14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.11.29 20:33:04 | 000,232,608 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\RealNetworks\RealDownloader\recordingmanager.exe
PRC - [2012.11.29 20:31:04 | 000,038,608 | ---- | M] () -- C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2012.10.30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.09.24 13:46:16 | 001,328,736 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\psia.exe
PRC - [2012.09.24 13:46:14 | 000,573,536 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\psi_tray.exe
PRC - [2012.04.04 06:05:16 | 003,521,424 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\Kies\KiesTrayAgent.exe
PRC - [2010.05.28 07:25:04 | 000,233,472 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.09.06 12:28:18 | 000,110,592 | ---- | M] (Apple, Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2006.01.20 10:20:00 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
PRC - [2005.04.30 15:40:00 | 000,245,760 | ---- | M] (Winbond) -- C:\WINDOWS\system32\wbsecsvc.exe
PRC - [2005.01.10 08:35:16 | 000,073,728 | ---- | M] (Computer Associates International) -- C:\Programme\PestPatrol\CookiePatrol.exe
PRC - [2004.04.02 14:11:54 | 000,148,480 | ---- | M] () -- C:\Programme\PestPatrol\PPMemCheck.exe
PRC - [2003.06.19 22:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.02.24 10:19:21 | 002,063,360 | ---- | M] () -- C:\Programme\AVAST Software\Avast\defs\13022400\algo.dll
MOD - [2013.01.26 03:35:06 | 000,460,240 | ---- | M] () -- C:\Programme\Google\Chrome\Application\24.0.1312.57\ppgooglenaclpluginchrome.dll
MOD - [2013.01.26 03:35:04 | 004,012,496 | ---- | M] () -- C:\Programme\Google\Chrome\Application\24.0.1312.57\pdf.dll
MOD - [2013.01.26 03:34:16 | 001,552,848 | ---- | M] () -- C:\Programme\Google\Chrome\Application\24.0.1312.57\ffmpegsumo.dll
MOD - [2012.11.29 20:31:04 | 000,038,608 | ---- | M] () -- C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe
MOD - [2009.02.27 15:41:26 | 000,311,296 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\pdfshell.DEU
MOD - [2007.08.13 10:39:15 | 000,022,723 | R--- | M] () -- C:\WINDOWS\system32\cl31cl3.dll
MOD - [2004.04.02 14:11:54 | 000,148,480 | ---- | M] () -- C:\Programme\PestPatrol\PPMemCheck.exe
MOD - [2003.01.26 11:07:42 | 000,061,440 | ---- | M] () -- C:\Programme\PestPatrol\PPServer.dll
MOD - [2003.01.26 11:07:40 | 000,212,992 | ---- | M] () -- C:\Programme\PestPatrol\PPEngine.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013.02.24 14:57:46 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013.02.15 19:32:36 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.11.29 20:31:04 | 000,038,608 | ---- | M] () [Auto | Running] -- C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.09.24 13:46:16 | 001,328,736 | ---- | M] (Secunia) [Auto | Running] -- C:\Programme\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2012.09.24 13:46:16 | 000,656,480 | ---- | M] (Secunia) [Auto | Stopped] -- C:\Programme\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2010.05.28 07:25:04 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2007.09.06 12:28:18 | 000,110,592 | ---- | M] (Apple, Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2006.01.20 10:20:00 | 000,073,728 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2005.04.30 15:40:00 | 000,245,760 | ---- | M] (Winbond) [Auto | Running] -- C:\WINDOWS\System32\wbsecsvc.exe -- (wbsecsvc)
SRV - [2005.04.04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003.07.28 11:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003.06.19 22:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wanatw4.sys -- (wanatw)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ULILAN51.SYS -- (ULI5261XP)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\activmouse.sys -- (prmvmouse)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\activhidsermini.sys -- (ActivHidSerMini)
DRV - [2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.10.30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.10.30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.10.30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.10.30 23:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012.10.30 23:51:57 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.10.30 23:51:56 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012.10.30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.01.31 17:15:42 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2011.12.16 15:19:54 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2010.12.21 06:55:02 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscemdm.sys -- (sscemdm)
DRV - [2010.12.21 06:55:02 | 000,100,352 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssceserd.sys -- (ssceserd)
DRV - [2010.12.21 06:55:02 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscebus.sys -- (sscebus)
DRV - [2010.12.21 06:55:02 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscemdfl.sys -- (sscemdfl)
DRV - [2010.10.25 10:03:52 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2005.11.01 13:48:12 | 001,392,128 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005.07.26 18:00:22 | 000,140,064 | ---- | M] (Winbond Electronics Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\W33ND.SYS -- (W33ND)
DRV - [2005.06.14 14:20:28 | 000,017,792 | ---- | M] (Winbond) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\wbsecdrv.sys -- (wbsecdrv)
DRV - [2004.07.22 05:50:16 | 001,268,234 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {E9DB9E7B-A275-41D1-8158-D0423FBEBDEB}
IE - HKCU\..\SearchScopes\{A102A43A-D8FF-4860-AD78-10160F3E1A8B}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DVXE_de
IE - HKCU\..\SearchScopes\{D0B3C627-5F01-457E-9F82-0D8CF7B66F8E}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}
IE - HKCU\..\SearchScopes\{E9DB9E7B-A275-41D1-8158-D0423FBEBDEB}: "URL" = hxxp://www.google.com/cse?cx=partner-pub-3540673482024757:xbhdw8hkfz5&cof=&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.yahoo.de"
FF - prefs.js..extensions.enabledAddons: %7B635abd67-4fe9-1b23-4f01-e679fa7484c1%7D:2.5.1.20121012015120
FF - prefs.js..extensions.enabledAddons: jqs%40sun.com:1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2
FF - prefs.js..extensions.enabledItems: de-DE@dictionaries.addons.mozilla.org:2.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_168.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: c:\programme\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: c:\programme\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Programme\AVAST Software\Avast\WebRep\FF [2013.02.13 22:53:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013.02.14 15:22:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013.02.14 15:22:56 | 000,000,000 | ---D | M]
 
[2010.01.17 12:44:33 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions
[2012.10.28 14:48:37 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\vquo6ri0.default\extensions
[2012.10.19 13:48:52 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\vquo6ri0.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012.10.19 13:48:44 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\vquo6ri0.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2012.08.11 09:23:05 | 000,020,591 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\vquo6ri0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2013.02.14 07:27:15 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013.02.08 17:34:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013.02.14 12:10:00 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF
 
========== Chrome ==========
 
CHR - homepage: hxxp://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://www.google.com
CHR - Extension: avast! WebRep = C:\Dokumente und Einstellungen\Tina\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: RealDownloader = C:\Dokumente und Einstellungen\Tina\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_0\
 
O1 HOSTS File: ([2004.08.10 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Programme\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CookiePatrol] C:\Programme\PestPatrol\CookiePatrol.exe (Computer Associates International)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [KiesTrayAgent] C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [Microsoft Works Update Detection] C:\Programme\Microsoft Works\WkDetect.exe (Microsoft® Corporation)
O4 - HKLM..\Run: [PestPatrol Control Center] C-\Programme\PestPatrol\PPControl.exe File not found
O4 - HKLM..\Run: [PestPatrolRegistration] C:\Programme\PestPatrol\Register.exe (SecureIT Solutions)
O4 - HKLM..\Run: [PPMemCheck] C:\Programme\PestPatrol\PPMemCheck.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\programme\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [KiesHelper] C:\Programme\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Secunia PSI Tray.lnk = C:\Programme\Secunia\PSI\psi_tray.exe (Secunia)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} hxxp://office.microsoft.com/officeupdate/content/opuc3.cab (Office Update Installation Engine)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1143122975250 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} https://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1360847132406 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 80.69.100.214 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B219A546-51FC-4914-9A31-89C4631F505C}: DhcpNameServer = 80.69.100.214 192.168.0.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.04.05 05:41:03 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{bee8ca7a-c6a5-11e1-9850-0060b35b1dd1}\Shell - "" = AutoRun
O33 - MountPoints2\{bee8ca7a-c6a5-11e1-9850-0060b35b1dd1}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{bee8ca7a-c6a5-11e1-9850-0060b35b1dd1}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{ffa631fe-e1dd-11e0-97cd-0060b35b1dd1}\Shell - "" = AutoRun
O33 - MountPoints2\{ffa631fe-e1dd-11e0-97cd-0060b35b1dd1}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ffa631fe-e1dd-11e0-97cd-0060b35b1dd1}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.24 13:03:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office Live Add-in
[2013.02.24 13:03:02 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft
[2013.02.24 12:07:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tina\Lokale Einstellungen\Anwendungsdaten\Secunia PSI
[2013.02.17 13:36:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tina\Anwendungsdaten\RealNetworks
[2013.02.17 13:34:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tina\Lokale Einstellungen\Anwendungsdaten\Sun
[2013.02.14 15:22:38 | 000,000,000 | ---D | C] -- C:\Programme\RealNetworks
[2013.02.14 15:22:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks
[2013.02.14 15:20:10 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\xing shared
[2013.02.14 15:13:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\RealNetworks
[2013.02.14 15:13:25 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2013.02.14 14:23:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\QuickTime
[2013.02.14 14:15:34 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime
[2013.02.14 07:57:06 | 000,000,000 | ---D | C] -- C:\Programme\Secunia
[2013.02.13 23:04:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Google Chrome
[2013.02.13 22:56:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\avast! Free Antivirus
[2013.02.13 22:56:26 | 000,021,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013.02.13 22:56:24 | 000,361,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013.02.13 22:56:04 | 000,035,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013.02.13 22:56:01 | 000,054,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013.02.13 22:55:58 | 000,738,504 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013.02.13 22:55:56 | 000,097,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2013.02.13 22:55:56 | 000,089,752 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2013.02.13 22:55:55 | 000,025,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2013.02.13 22:52:01 | 000,041,224 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013.02.13 22:51:50 | 000,227,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013.02.13 22:45:27 | 000,000,000 | ---D | C] -- C:\Programme\AVAST Software
[2013.02.13 22:45:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVAST Software
[2013.02.13 18:41:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Malwarebytes
[2013.02.13 18:41:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2013.02.13 18:41:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2013.02.13 18:40:46 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013.02.13 18:40:46 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2013.02.08 17:34:29 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[2013.02.08 17:24:44 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\***\Recent
[2008.05.27 18:34:22 | 000,397,312 | R--- | C] (Electronic Arts) -- C:\Programme\AutoRun.exe
[2008.05.27 18:34:22 | 000,380,928 | R--- | C] (Electronic Arts) -- C:\Programme\EASetup.exe
[21 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.24 16:13:16 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.02.24 15:56:23 | 000,000,306 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013.02.24 15:55:26 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.24 15:49:03 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.24 15:48:43 | 000,000,270 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3231079407-1651759842-1146664477-1007.job
[2013.02.24 15:47:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.02.24 15:47:48 | 939,048,960 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.24 11:47:35 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.02.17 13:11:41 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013.02.17 12:23:36 | 000,259,840 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.02.16 09:10:33 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3231079407-1651759842-1146664477-1007.job
[2013.02.14 17:54:49 | 000,000,872 | ---- | M] () -- C:\WINDOWS\uninst.ini
[2013.02.14 16:39:59 | 000,000,658 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk
[2013.02.14 15:24:42 | 000,000,727 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\RealPlayer.lnk
[2013.02.14 15:13:25 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2013.02.14 14:23:32 | 000,001,588 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\QuickTime Player.lnk
[2013.02.14 08:37:13 | 000,464,800 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013.02.14 08:37:13 | 000,446,152 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.02.14 08:37:13 | 000,073,358 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.02.14 08:37:12 | 000,087,014 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013.02.14 07:59:29 | 000,000,729 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Secunia PSI Tray.lnk
[2013.02.13 23:04:19 | 000,001,781 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk
[2013.02.13 22:56:41 | 000,001,657 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\avast! Free Antivirus.lnk
[2013.02.13 22:55:57 | 000,003,001 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013.02.13 20:38:10 | 000,001,713 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader 9.lnk
[2013.02.13 18:41:22 | 000,000,760 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013.02.08 17:22:22 | 000,035,647 | ---- | M] () -- C:\Dokumente und Einstellungen\Tina\Desktop\Pressemitteilung Freedom Sounds.pdf
[21 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.02.15 19:07:55 | 000,001,767 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office PowerPoint Viewer 2003.lnk
[2013.02.14 17:54:47 | 000,000,872 | ---- | C] () -- C:\WINDOWS\uninst.ini
[2013.02.14 16:47:17 | 000,001,924 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office PowerPoint Viewer 2007.lnk
[2013.02.14 15:30:48 | 000,000,270 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3231079407-1651759842-1146664477-1007.job
[2013.02.14 15:30:43 | 000,000,278 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3231079407-1651759842-1146664477-1007.job
[2013.02.14 15:24:42 | 000,000,727 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\RealPlayer.lnk
[2013.02.14 14:23:31 | 000,001,588 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\QuickTime Player.lnk
[2013.02.14 07:59:29 | 000,000,729 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Secunia PSI Tray.lnk
[2013.02.14 07:59:04 | 000,000,692 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Secunia PSI.lnk
[2013.02.13 23:04:19 | 000,001,781 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk
[2013.02.13 22:56:41 | 000,001,657 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\avast! Free Antivirus.lnk
[2013.02.13 22:55:58 | 000,000,306 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013.02.13 18:41:22 | 000,000,760 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013.02.08 17:22:44 | 000,035,647 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Pressemitteilung Freedom Sounds.pdf
[2013.01.12 16:58:37 | 000,611,344 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2012.06.03 21:27:16 | 000,002,402 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\K&S GbR_65739754-B7A7-4A9E-BA1B-990F6A477250.swidtag
[2012.05.18 14:09:21 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.04.10 10:49:16 | 000,000,089 | ---- | C] () -- C:\Dokumente und Einstellungen\***\default.pls
[2012.01.31 17:15:44 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2010.12.27 17:16:26 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\$_hpcst$.hpc
[2010.01.13 18:51:37 | 028,534,656 | ---- | C] ( ) -- C:\Programme\AdbeRdr930_de_DE.exe
[2008.05.27 18:34:28 | 088,497,795 | ---- | C] () -- C:\Programme\Group3.cab
[2008.05.27 18:34:26 | 005,423,104 | ---- | C] () -- C:\Programme\EURO08.exe
[2008.05.27 18:34:22 | 001,784,320 | ---- | C] () -- C:\Programme\autorun.dat
[2008.05.27 18:34:22 | 000,021,060 | ---- | C] () -- C:\Programme\config.dat
[2008.05.27 18:34:22 | 000,000,146 | ---- | C] () -- C:\Programme\autorun.inf
[2006.05.07 15:26:01 | 000,000,166 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\wklnhst.dat
[2006.05.07 14:26:29 | 000,016,896 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006.05.07 14:26:29 | 000,000,137 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
 
========== ZeroAccess Check ==========
 
[2006.03.23 14:07:55 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 03:22:25 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 03:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013.02.13 21:13:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Activ Software
[2012.12.11 17:37:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ashampoo
[2013.02.13 22:45:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVAST Software
[2006.05.08 14:42:02 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2006.04.05 05:48:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\fun communications
[2011.04.28 19:29:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MMM
[2006.04.05 06:31:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MSScanAppDataDir
[2006.04.05 05:40:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\muvee Technologies
[2011.11.24 18:32:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Promethean
[2012.04.11 08:25:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung
[2006.04.05 06:46:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SmartSound Software Inc
[2012.06.07 10:06:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TMP_EGKSPatterN_741
[2011.03.21 21:10:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ulead Systems
[2006.03.30 08:36:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint
[2008.05.27 18:28:18 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\.#
[2011.11.24 18:22:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\ACTIV Software
[2010.05.01 11:44:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Amazon
[2011.12.08 21:08:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Canon
[2011.09.18 11:42:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Imaxel
[2006.04.05 06:53:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\InterVideo
[2006.08.15 15:20:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\MAGIX
[2011.11.24 18:31:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Promethean
[2012.04.11 08:29:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Samsung
[2012.04.09 18:41:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Temp
[2006.05.07 15:26:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Template
 
========== Purity Check ==========
 
 
 
< End of report >
--- --- ---
OTL Logfile:
Code:
OTL Extras logfile created on: 24.02.2013 13:23:24 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\***\Eigene Dateien\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
895,48 Mb Total Physical Memory | 220,29 Mb Available Physical Memory | 24,60% Memory free
2,12 Gb Paging File | 1,38 Gb Available in Paging File | 65,35% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 62,82 Gb Total Space | 28,39 Gb Free Space | 45,19% Space Free | Partition Type: NTFS
Drive D: | 11,73 Gb Total Space | 4,88 Gb Free Space | 41,62% Space Free | Partition Type: FAT32
 
Computer Name: *** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Programme\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- "C:\Programme\Mozilla Firefox\firefox.exe" -osint -url "%1"
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Programme\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Programme\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe:*:enabled:Remoteunterstützung -- (Microsoft Corporation)
"C:\Programme\Messenger\msmsgs.exe" = C:\Programme\Messenger\msmsgs.exe:*:enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Programme\AOL 9.0\AOL.exe" = C:\Programme\AOL 9.0\AOL.exe:*:enabled:AOL 9.0
"C:\Programme\AOL 9.0\WAOL.exe" = C:\Programme\AOL 9.0\WAOL.exe:*:enabled:AOL 9.0
"C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLACSD.exe" = C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLACSD.exe:*:enabled:AOL 9.0 (Connectivity Service)
"C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDIAL.exe" = C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDIAL.exe:*:enabled:AOL 9.0 (Connectivity Service Dialer)
"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:enabled:Microsoft Fax -- (Microsoft Corporation)
"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:enabled:Skype
"C:\Programme\CA\eTrust Antivirus\InocIT.exe" = C:\Programme\CA\eTrust Antivirus\InocIT.exe:*:enabled:eTrust Antivirus - Local Scanner
"C:\Programme\CA\eTrust Antivirus\Realmon.exe" = C:\Programme\CA\eTrust Antivirus\Realmon.exe:*:enabled:eTrust Antivirus - Realtime monitor
"C:\Programme\CA\eTrust Antivirus\InoRpc.exe" = C:\Programme\CA\eTrust Antivirus\InoRpc.exe:*:enabled:eTrust Antivirus - RPC Server
"C:\Programme\NetMeeting\Conf.exe" = C:\Programme\NetMeeting\Conf.exe:*:enabled:NetMeeting -- (Microsoft Corporation)
"C:\Programme\Ahead\Nero MediaHome\NeroMediaHome.exe" = C:\Programme\Ahead\Nero MediaHome\NeroMediaHome.exe:*:enabled:Nero MediaHome -- (Ahead Software AG)
"C:\Programme\InterVideo\DVD7\WinDVD.exe" = C:\Programme\InterVideo\DVD7\WinDVD.exe:*:enabled:InterVideo WinDVD 7 -- (InterVideo Inc.)
"C:\Programme\InterVideo\MediaOne Gallery\mediaone.exe" = C:\Programme\InterVideo\MediaOne Gallery\mediaone.exe:*:enabled:InterVideo MediaOne Gallery -- ()
"C:\Programme\MSN Messenger\msnmsgr.exe" = C:\Programme\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.5 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe:*:enabled:Remoteunterstützung -- (Microsoft Corporation)
"C:\Programme\Messenger\msmsgs.exe" = C:\Programme\Messenger\msmsgs.exe:*:enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Programme\AOL 9.0\AOL.exe" = C:\Programme\AOL 9.0\AOL.exe:*:enabled:AOL 9.0
"C:\Programme\AOL 9.0\WAOL.exe" = C:\Programme\AOL 9.0\WAOL.exe:*:enabled:AOL 9.0
"C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLACSD.exe" = C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLACSD.exe:*:enabled:AOL 9.0 (Connectivity Service)
"C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDIAL.exe" = C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDIAL.exe:*:enabled:AOL 9.0 (Connectivity Service Dialer)
"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:enabled:Microsoft Fax -- (Microsoft Corporation)
"C:\Programme\CA\eTrust Antivirus\InocIT.exe" = C:\Programme\CA\eTrust Antivirus\InocIT.exe:*:enabled:eTrust Antivirus - Local Scanner
"C:\Programme\CA\eTrust Antivirus\Realmon.exe" = C:\Programme\CA\eTrust Antivirus\Realmon.exe:*:enabled:eTrust Antivirus - Realtime monitor
"C:\Programme\CA\eTrust Antivirus\InoRpc.exe" = C:\Programme\CA\eTrust Antivirus\InoRpc.exe:*:enabled:eTrust Antivirus - RPC Server
"C:\Programme\NetMeeting\Conf.exe" = C:\Programme\NetMeeting\Conf.exe:*:enabled:NetMeeting -- (Microsoft Corporation)
"C:\Programme\Ahead\Nero MediaHome\NeroMediaHome.exe" = C:\Programme\Ahead\Nero MediaHome\NeroMediaHome.exe:*:enabled:Nero MediaHome -- (Ahead Software AG)
"C:\Programme\InterVideo\DVD7\WinDVD.exe" = C:\Programme\InterVideo\DVD7\WinDVD.exe:*:enabled:InterVideo WinDVD 7 -- (InterVideo Inc.)
"C:\Programme\InterVideo\MediaOne Gallery\mediaone.exe" = C:\Programme\InterVideo\MediaOne Gallery\mediaone.exe:*:enabled:InterVideo MediaOne Gallery -- ()
"C:\Programme\MSN Messenger\msnmsgr.exe" = C:\Programme\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.5 -- (Microsoft Corporation)
"C:\Programme\DSC Software\DL10XP.exe" = C:\Programme\DSC Software\DL10XP.exe:*:Enabled:DL-10 for DSC -- ()
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Disabled:Skype
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{055EA790-FBC0-4C01-A6D5-17C77F0E9E92}" = EasyGrade - Update 7.4.1
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Systemsteuerung
"{0D93041A-03EC-11DA-BFBD-00065BBDC0B5}" = MSN Messenger 7.5
"{17811AE7-6445-4A38-9792-60B227C9F48D}" = PestPatrol Registration
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20FD5B04-CE35-4F5B-A2F3-6D9FD644EB70}" = WISO Mein Geld 2006 Professional
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{261D0486-9127-4071-BA1D-FE784310752E}" = videon
"{26A24AE4-039D-4CA4-87B4-2F83216039FF}" = Java(TM) 6 Update 39
"{26A24AE4-039D-4CA4-87B4-2F83217015FF}" = Java 7 Update 15
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{31E1050B-F69F-4A16-8F5A-E44D31901250}" = Ulead DVD DiskRecorder 2.1.1
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{34F0D55F-C386-4195-9A5B-961D3F6ACD46}" = InterVideo MediaOne Gallery
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3EBD3749-304E-4A4C-9575-C00E5F015217}" = Apple Mobile Device Support
"{43DCF766-6838-4F9A-8C91-D92DA586DFA7}" = Microsoft Windows-Journal-Viewer
"{47D2103B-FD51-4017-9C20-DD408B17D726}" = Office 2003 Trial Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 5.2.0
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90885A82-9673-49EA-AB39-AF776639C67C}" = InterVideo WinDVD 7
"{91120407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.3 - Deutsch
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}" = RealDownloader
"{B5924CA6-24A7-48F5-BC9C-8BFA94ED4564}" = LightScribe 1.4.67.1
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{C5DB5FBF-F037-4BEE-A110-257E89EDD8BB}" = Microsoft Word in Works Suite-Add-In
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C7B8E06E-EBBC-4210-93AB-DFC8760E3FC9}" = Works Suite-Betriebssystem-Pack
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D0AC6844-79D4-11D4-AFEE-00C04F443448}" = Microsoft Works 6.0
"{D8EEDC94-EE82-46A0-A7DB-812E3C6A0A6E}_is1" = PSD Viewer
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2260E94-80F2-4CB1-B6B1-6043D9BFFA47}" = Works-Synchronisierung
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{FE4C73C6-5EA3-4C4D-AAF8-5D6E2BCB3211}" = DSC Software
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"ALDI Online Druck Service (Sued)" = ALDI Online Druck Service (Sued)
"ALDI Sued Foto Manager D" = ALDI Sued Foto Manager (D)
"ALDI Sued Foto Service D" = ALDI Sued Foto Service (D)
"All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"Ashampoo Burning Studio 2012_is1" = Ashampoo Burning Studio 2012 v.10.0.15
"ATI Display Driver" = ATI Display Driver
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"Creatix 2.0 AC'97 Soft Modem" = Creatix 2.0 AC'97 Modem
"dm Digi Foto" = dm Digi Foto
"EasyGrade" = EasyGrade v7.1.3
"FoneSync" = FoneSync
"Google Chrome" = Google Chrome
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"MEDION Fotos auf CD Sued D" = MEDION Fotos auf CD Sued (D)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyFreeCodec" = MyFreeCodec
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"RealPlayer 16.0" = RealPlayer
"Secunia PSI" = Secunia PSI (3.0.0.4001)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"ViewpointMediaPlayer" = Viewpoint Media Player
"WIC" = Windows Imaging Component
"Winbond WLAN" = Winbond WLAN
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Media Center Edition Screen Saver Screen Saver" = Windows XP Media Center Edition Screen Saver Screen Saver
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMCSetup" = Windows Media Connect
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Works2001Setup" = Microsoft Works 2001-Setup-Start
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"YTdetect" = Yahoo! Detect
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 14.02.2013 02:45:12 | Computer Name = CHRISTINA | Source = MsiInstaller | ID = 11404
Description = Produkt: WISO Mein Geld 2006 Professional -- Fehler 1404. Schlüssel
konnte nicht gelöscht werden: \Software\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\EnableFullPage\.mfp.
Systemfehler . Überprüfen Sie, ob Sie ausreichende Zugriffsrechte auf diesen Schlüssel
besitzen, oder setzen Sie sich mit Ihrem Supportpersonal in Verbindung.
 
Error - 14.02.2013 02:45:14 | Computer Name = CHRISTINA | Source = MsiInstaller | ID = 11404
Description = Produkt: WISO Mein Geld 2006 Professional -- Fehler 1404. Schlüssel
konnte nicht gelöscht werden: \Software\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\EnableFullPage\.mfp.
Systemfehler . Überprüfen Sie, ob Sie ausreichende Zugriffsrechte auf diesen Schlüssel
besitzen, oder setzen Sie sich mit Ihrem Supportpersonal in Verbindung.
 
Error - 14.02.2013 02:45:15 | Computer Name = CHRISTINA | Source = MsiInstaller | ID = 11404
Description = Produkt: WISO Mein Geld 2006 Professional -- Fehler 1404. Schlüssel
konnte nicht gelöscht werden: \Software\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\EnableFullPage\.spl.
Systemfehler . Überprüfen Sie, ob Sie ausreichende Zugriffsrechte auf diesen Schlüssel
besitzen, oder setzen Sie sich mit Ihrem Supportpersonal in Verbindung.
 
Error - 14.02.2013 02:45:16 | Computer Name = *** | Source = MsiInstaller | ID = 11404
Description = Produkt: WISO Mein Geld 2006 Professional -- Fehler 1404. Schlüssel
konnte nicht gelöscht werden: \Software\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\EnableFullPage\.spl.
Systemfehler . Überprüfen Sie, ob Sie ausreichende Zugriffsrechte auf diesen Schlüssel
besitzen, oder setzen Sie sich mit Ihrem Supportpersonal in Verbindung.
 
Error - 14.02.2013 02:45:16 | Computer Name = *** | Source = MsiInstaller | ID = 11404
Description = Produkt: WISO Mein Geld 2006 Professional -- Fehler 1404. Schlüssel
konnte nicht gelöscht werden: \Software\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\EnableFullPage\.swf.
Systemfehler . Überprüfen Sie, ob Sie ausreichende Zugriffsrechte auf diesen Schlüssel
besitzen, oder setzen Sie sich mit Ihrem Supportpersonal in Verbindung.
 
Error - 14.02.2013 02:45:19 | Computer Name = *** | Source = MsiInstaller | ID = 11404
Description = Produkt: WISO Mein Geld 2006 Professional -- Fehler 1404. Schlüssel
konnte nicht gelöscht werden: \Software\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\EnableFullPage\.swf.
Systemfehler . Überprüfen Sie, ob Sie ausreichende Zugriffsrechte auf diesen Schlüssel
besitzen, oder setzen Sie sich mit Ihrem Supportpersonal in Verbindung.
 
Error - 14.02.2013 06:08:20 | Computer Name = *** | Source = .NET Runtime Optimization Service | ID = 1111
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Service reached limit of transient errors. Will shut down. Last error returned
from Service Manager: 0x80004004.
 
Error - 15.02.2013 12:42:54 | Computer Name = *** | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
 
Error - 17.02.2013 07:28:57 | Computer Name = *** | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
 
Error - 17.02.2013 07:31:07 | Computer Name = *** | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
 
[ System Events ]
Error - 17.02.2013 07:41:22 | Computer Name = *** | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "upnphost"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {204810B9-73B2-11D4-BF42-00B0D0118B56}
 
Error - 17.02.2013 08:12:54 | Computer Name = *** | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Windows
Presentation Foundation Font Cache 3.0.0.0.
 
Error - 17.02.2013 08:12:54 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Presentation Foundation Font Cache 3.0.0.0" wurde
aufgrund folgenden Fehlers nicht gestartet: %%1053
 
Error - 24.02.2013 06:50:00 | Computer Name = *** | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst
"Universeller Plug & Play-Gerätehost" abhängig, der aufgrund folgenden Fehlers
nicht gestartet wurde: %%1058
 
Error - 24.02.2013 06:53:11 | Computer Name = *** | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Gatewaydienst
auf Anwendungsebene.
 
Error - 24.02.2013 06:53:26 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Gatewaydienst auf Anwendungsebene" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1053
 
Error - 24.02.2013 06:54:12 | Computer Name = *** | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst
"Universeller Plug & Play-Gerätehost" abhängig, der aufgrund folgenden Fehlers
nicht gestartet wurde: %%1058
 
Error - 24.02.2013 06:54:13 | Computer Name = *** | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "upnphost"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {204810B9-73B2-11D4-BF42-00B0D0118B56}
 
Error - 24.02.2013 07:15:36 | Computer Name = *** | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Windows
Presentation Foundation Font Cache 3.0.0.0.
 
Error - 24.02.2013 07:15:37 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Presentation Foundation Font Cache 3.0.0.0" wurde
aufgrund folgenden Fehlers nicht gestartet: %%1053
 
 
< End of report >
--- --- ---

markusg 24.02.2013 19:25
Hi,
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Tina67 24.02.2013 21:10
Danke, für die schnelle Antwort. Hier das logfile:
20:58:33.0906 1988 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:58:34.0140 1988 ============================================================
20:58:34.0140 1988 Current date / time: 2013/02/24 20:58:34.0140
20:58:34.0140 1988 SystemInfo:
20:58:34.0140 1988
20:58:34.0140 1988 OS Version: 5.1.2600 ServicePack: 3.0
20:58:34.0140 1988 Product type: Workstation
20:58:34.0140 1988 ComputerName: ***
20:58:34.0140 1988 UserName: ***
20:58:34.0140 1988 Windows directory: C:\WINDOWS
20:58:34.0140 1988 System windows directory: C:\WINDOWS
20:58:34.0140 1988 Processor architecture: Intel x86
20:58:34.0140 1988 Number of processors: 1
20:58:34.0140 1988 Page size: 0x1000
20:58:34.0140 1988 Boot type: Normal boot
20:58:34.0140 1988 ============================================================
20:59:00.0265 1988 Drive \Device\Harddisk0\DR0 - Size: 0x12A3F92000 (74.56 Gb), SectorSize: 0x200, Cylinders: 0x2605, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:59:00.0703 1988 ============================================================
20:59:00.0703 1988 \Device\Harddisk0\DR0:
20:59:01.0343 1988 MBR partitions:
20:59:01.0343 1988 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x7DA15C9
20:59:01.0375 1988 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xB, StartLBA 0x7DA1647, BlocksNum 0x177C97E
20:59:01.0390 1988 ============================================================
20:59:02.0078 1988 C: <-> \Device\Harddisk0\DR0\Partition1
20:59:03.0156 1988 D: <-> \Device\Harddisk0\DR0\Partition2
20:59:03.0656 1988 ============================================================
20:59:03.0656 1988 Initialize success
20:59:03.0656 1988 ============================================================
21:00:08.0671 2968 ============================================================
21:00:08.0671 2968 Scan started
21:00:08.0671 2968 Mode: Manual;
21:00:08.0671 2968 ============================================================
21:00:10.0187 2968 ================ Scan system memory ========================
21:00:10.0218 2968 System memory - ok
21:00:10.0234 2968 ================ Scan services =============================
21:00:11.0265 2968 [ 149A8F7ADF9742554DC323E290551E3E ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
21:00:11.0359 2968 Aavmker4 - ok
21:00:11.0390 2968 Abiosdsk - ok
21:00:11.0406 2968 abp480n5 - ok
21:00:11.0640 2968 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:00:11.0781 2968 ACPI - ok
21:00:11.0906 2968 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
21:00:11.0937 2968 ACPIEC - ok
21:00:11.0937 2968 ActivHidSerMini - ok
21:00:12.0609 2968 [ 563CDCFEEAEF97163E206AF71A61AA6E ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:00:12.0921 2968 AdobeFlashPlayerUpdateSvc - ok
21:00:12.0968 2968 adpu160m - ok
21:00:13.0109 2968 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
21:00:13.0234 2968 aec - ok
21:00:13.0390 2968 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
21:00:13.0500 2968 AFD - ok
21:00:14.0500 2968 [ B894A08F2A01E27C1989C31C96FDDE83 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
21:00:15.0531 2968 AgereSoftModem - ok
21:00:15.0546 2968 Aha154x - ok
21:00:15.0562 2968 aic78u2 - ok
21:00:15.0578 2968 aic78xx - ok
21:00:15.0593 2968 ALCXWDM - ok
21:00:15.0703 2968 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
21:00:15.0843 2968 Alerter - ok
21:00:15.0906 2968 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
21:00:16.0031 2968 ALG - ok
21:00:16.0125 2968 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
21:00:16.0140 2968 AliIde - ok
21:00:16.0328 2968 [ B9DBAAE3219661F4D0C5E8DC0C2F987D ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
21:00:16.0390 2968 AmdK8 - ok
21:00:16.0406 2968 amsint - ok
21:00:16.0937 2968 [ 3A4982DF893F198A2DFBCCD4CE10F93A ] Apple Mobile Device C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
21:00:17.0218 2968 Apple Mobile Device - ok
21:00:17.0437 2968 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
21:00:17.0625 2968 AppMgmt - ok
21:00:17.0718 2968 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
21:00:17.0765 2968 Arp1394 - ok
21:00:17.0781 2968 asc - ok
21:00:17.0796 2968 asc3350p - ok
21:00:17.0812 2968 asc3550 - ok
21:00:18.0187 2968 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
21:00:18.0406 2968 aspnet_state - ok
21:00:18.0484 2968 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
21:00:18.0562 2968 aswFsBlk - ok
21:00:18.0765 2968 [ 84F0BE324EE111338589F448C3E8BAB2 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
21:00:18.0859 2968 aswMon2 - ok
21:00:18.0968 2968 [ 7C9F0A2AB17D52261A9252A2EB320884 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
21:00:19.0015 2968 AswRdr - ok
21:00:19.0750 2968 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
21:00:20.0328 2968 aswSnx - ok
21:00:20.0625 2968 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
21:00:20.0906 2968 aswSP - ok
21:00:21.0000 2968 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
21:00:21.0046 2968 aswTdi - ok
21:00:21.0109 2968 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:00:21.0140 2968 AsyncMac - ok
21:00:21.0234 2968 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
21:00:21.0250 2968 atapi - ok
21:00:21.0265 2968 Atdisk - ok
21:00:21.0625 2968 [ 43E945DC2A642539E2B07633CDC9C30E ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
21:00:22.0390 2968 Ati HotKey Poller - ok
21:00:23.0484 2968 [ C762F8FCA8F7023E3D405AB915E8ACD7 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
21:00:24.0921 2968 ati2mtag - ok
21:00:25.0015 2968 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:00:25.0062 2968 Atmarpc - ok
21:00:25.0187 2968 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
21:00:25.0218 2968 AudioSrv - ok
21:00:25.0296 2968 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
21:00:25.0296 2968 audstub - ok
21:00:25.0437 2968 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Programme\AVAST Software\Avast\AvastSvc.exe
21:00:25.0484 2968 avast! Antivirus - ok
21:00:25.0546 2968 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
21:00:25.0656 2968 Beep - ok
21:00:26.0093 2968 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
21:00:26.0734 2968 BITS - ok
21:00:26.0875 2968 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
21:00:27.0015 2968 Browser - ok
21:00:27.0062 2968 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
21:00:27.0156 2968 cbidf2k - ok
21:00:27.0187 2968 cd20xrnt - ok
21:00:27.0250 2968 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
21:00:27.0406 2968 Cdaudio - ok
21:00:27.0562 2968 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
21:00:27.0656 2968 Cdfs - ok
21:00:27.0843 2968 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:00:27.0984 2968 Cdrom - ok
21:00:28.0046 2968 Changer - ok
21:00:28.0140 2968 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
21:00:28.0187 2968 CiSvc - ok
21:00:28.0250 2968 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
21:00:28.0312 2968 ClipSrv - ok
21:00:28.0421 2968 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:00:29.0531 2968 clr_optimization_v2.0.50727_32 - ok
21:00:29.0609 2968 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
21:00:29.0625 2968 CmBatt - ok
21:00:29.0640 2968 CmdIde - ok
21:00:29.0687 2968 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
21:00:29.0703 2968 Compbatt - ok
21:00:29.0718 2968 COMSysApp - ok
21:00:29.0765 2968 Cpqarray - ok
21:00:29.0890 2968 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
21:00:29.0937 2968 CryptSvc - ok
21:00:29.0953 2968 dac2w2k - ok
21:00:29.0968 2968 dac960nt - ok
21:00:30.0484 2968 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
21:00:31.0093 2968 DcomLaunch - ok
21:00:31.0281 2968 [ 6216FD7FD227DE454238A702B218CEC7 ] dgderdrv C:\WINDOWS\system32\drivers\dgderdrv.sys
21:00:31.0375 2968 dgderdrv - ok
21:00:31.0593 2968 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
21:00:31.0765 2968 Dhcp - ok
21:00:31.0875 2968 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
21:00:31.0906 2968 Disk - ok
21:00:31.0921 2968 dmadmin - ok
21:00:32.0593 2968 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
21:00:33.0265 2968 dmboot - ok
21:00:33.0406 2968 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
21:00:33.0515 2968 dmio - ok
21:00:33.0609 2968 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
21:00:33.0640 2968 dmload - ok
21:00:33.0703 2968 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
21:00:33.0734 2968 dmserver - ok
21:00:33.0796 2968 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
21:00:33.0843 2968 DMusic - ok
21:00:33.0937 2968 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
21:00:33.0984 2968 Dnscache - ok
21:00:34.0171 2968 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
21:00:34.0296 2968 Dot3svc - ok
21:00:34.0296 2968 dpti2o - ok
21:00:34.0375 2968 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
21:00:34.0531 2968 drmkaud - ok
21:00:34.0687 2968 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
21:00:34.0765 2968 EapHost - ok
21:00:34.0921 2968 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
21:00:35.0015 2968 ERSvc - ok
21:00:35.0187 2968 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
21:00:35.0390 2968 Eventlog - ok
21:00:35.0656 2968 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
21:00:35.0859 2968 EventSystem - ok
21:00:36.0078 2968 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
21:00:36.0250 2968 Fastfat - ok
21:00:36.0500 2968 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
21:00:36.0640 2968 FastUserSwitchingCompatibility - ok
21:00:37.0000 2968 [ 08B8B302AF0D1B3B8543429BBAC8F21F ] Fax C:\WINDOWS\system32\fxssvc.exe
21:00:37.0265 2968 Fax - ok
21:00:37.0390 2968 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
21:00:37.0437 2968 Fdc - ok
21:00:37.0500 2968 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
21:00:37.0531 2968 Fips - ok
21:00:37.0578 2968 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
21:00:37.0593 2968 Flpydisk - ok
21:00:37.0781 2968 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
21:00:37.0953 2968 FltMgr - ok
21:00:38.0218 2968 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
21:00:38.0281 2968 FontCache3.0.0.0 - ok
21:00:38.0406 2968 [ B07663A810E861EEBFD0EAC7E82CA62D ] FsUsbExDisk C:\WINDOWS\system32\FsUsbExDisk.SYS
21:00:38.0515 2968 FsUsbExDisk - ok
21:00:38.0843 2968 [ 15AB846886C225FFF0376F3CEF21188F ] FsUsbExService C:\WINDOWS\system32\FsUsbExService.Exe
21:00:39.0140 2968 FsUsbExService - ok
21:00:39.0171 2968 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:00:39.0187 2968 Fs_Rec - ok
21:00:39.0343 2968 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:00:39.0453 2968 Ftdisk - ok
21:00:39.0625 2968 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:00:39.0718 2968 Gpc - ok
21:00:40.0109 2968 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
21:00:40.0218 2968 gupdate - ok
21:00:40.0375 2968 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
21:00:40.0390 2968 gupdatem - ok
21:00:40.0671 2968 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
21:00:40.0812 2968 gusvc - ok
21:00:41.0046 2968 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:00:41.0140 2968 helpsvc - ok
21:00:41.0140 2968 HidServ - ok
21:00:41.0265 2968 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:00:41.0375 2968 HidUsb - ok
21:00:41.0703 2968 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
21:00:41.0812 2968 hkmsvc - ok
21:00:41.0828 2968 hpn - ok
21:00:43.0031 2968 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
21:00:43.0296 2968 HTTP - ok
21:00:43.0828 2968 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
21:00:43.0875 2968 HTTPFilter - ok
21:00:44.0156 2968 i2omgmt - ok
21:00:44.0171 2968 i2omp - ok
21:00:44.0359 2968 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:00:44.0421 2968 i8042prt - ok
21:00:45.0843 2968 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:00:46.0156 2968 IDriverT - ok
21:00:49.0343 2968 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:00:52.0453 2968 idsvc - ok
21:00:52.0718 2968 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
21:00:52.0843 2968 Imapi - ok
21:00:53.0421 2968 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
21:00:53.0875 2968 ImapiService - ok
21:00:53.0906 2968 ini910u - ok
21:00:53.0937 2968 IntelIde - ok
21:00:55.0109 2968 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
21:00:56.0078 2968 Ip6Fw - ok
21:00:56.0734 2968 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:00:56.0890 2968 IpFilterDriver - ok
21:00:58.0187 2968 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:00:58.0265 2968 IpInIp - ok
21:00:58.0828 2968 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:01:00.0640 2968 IpNat - ok
21:01:00.0843 2968 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:01:00.0953 2968 IPSec - ok
21:01:01.0296 2968 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
21:01:01.0453 2968 IRENUM - ok
21:01:03.0046 2968 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:01:03.0125 2968 isapnp - ok
21:01:03.0218 2968 [ 94A8C9436C36CD9657CFED0043066B9C ] Iviaspi C:\WINDOWS\system32\drivers\iviaspi.sys
21:01:03.0687 2968 Iviaspi - ok
21:01:10.0093 2968 [ 1758AF653723679E3746FC7DDD93C69B ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
21:01:11.0375 2968 JavaQuickStarterService - ok
21:01:11.0468 2968 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:01:11.0750 2968 Kbdclass - ok
21:01:13.0187 2968 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
21:01:14.0906 2968 kmixer - ok
21:01:15.0187 2968 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
21:01:16.0734 2968 KSecDD - ok
21:01:17.0000 2968 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
21:01:17.0234 2968 lanmanserver - ok
21:01:20.0078 2968 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
21:01:20.0500 2968 lanmanworkstation - ok
21:01:20.0515 2968 lbrtfdc - ok
21:01:20.0937 2968 [ D30D9547C02ECEE13E259970F71503D7 ] LightScribeService C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
21:01:21.0328 2968 LightScribeService - ok
21:01:21.0859 2968 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
21:01:21.0921 2968 LmHosts - ok
21:01:22.0437 2968 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
21:01:23.0203 2968 MBAMProtector - ok
21:01:25.0375 2968 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:01:27.0468 2968 MBAMScheduler - ok
21:01:28.0828 2968 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
21:01:29.0953 2968 MBAMService - ok
21:01:32.0937 2968 [ 52404CC76E9D53843BDF97564BB16BED ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe
21:01:33.0578 2968 McrdSvc - ok
21:01:35.0859 2968 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
21:01:37.0218 2968 MDM - ok
21:01:37.0796 2968 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
21:01:38.0078 2968 Messenger - ok
21:01:38.0734 2968 [ DED60230E3019C508769EC3C15BCDA44 ] MHN C:\WINDOWS\System32\mhn.dll
21:01:39.0078 2968 MHN - ok
21:01:39.0343 2968 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
21:01:39.0531 2968 MHNDRV - ok
21:01:40.0437 2968 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
21:01:40.0703 2968 mnmdd - ok
21:01:42.0234 2968 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
21:01:42.0359 2968 mnmsrvc - ok
21:01:42.0515 2968 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
21:01:42.0609 2968 Modem - ok
21:01:42.0750 2968 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:01:42.0890 2968 Mouclass - ok
21:01:43.0375 2968 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:01:43.0468 2968 mouhid - ok
21:01:44.0000 2968 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
21:01:44.0312 2968 MountMgr - ok
21:01:44.0406 2968 mraid35x - ok
21:01:44.0625 2968 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:01:44.0843 2968 MRxDAV - ok
21:01:45.0921 2968 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:01:46.0562 2968 MRxSmb - ok
21:01:47.0093 2968 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
21:01:47.0281 2968 MSDTC - ok
21:01:47.0343 2968 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
21:01:47.0937 2968 Msfs - ok
21:01:47.0953 2968 MSIServer - ok
21:01:48.0000 2968 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:01:48.0062 2968 MSKSSRV - ok
21:01:48.0250 2968 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:01:48.0437 2968 MSPCLOCK - ok
21:01:48.0671 2968 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
21:01:48.0984 2968 MSPQM - ok
21:01:49.0093 2968 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:01:49.0296 2968 mssmbios - ok
21:01:49.0859 2968 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
21:01:50.0250 2968 Mup - ok
21:01:51.0265 2968 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
21:01:52.0140 2968 napagent - ok
21:01:52.0453 2968 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
21:01:52.0875 2968 NDIS - ok
21:01:53.0343 2968 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:01:53.0515 2968 NdisTapi - ok
21:01:53.0937 2968 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:01:54.0015 2968 Ndisuio - ok
21:01:54.0656 2968 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:01:55.0375 2968 NdisWan - ok
21:01:55.0562 2968 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
21:01:55.0781 2968 NDProxy - ok
21:01:55.0968 2968 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
21:01:56.0125 2968 NetBIOS - ok
21:01:56.0578 2968 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
21:01:57.0312 2968 NetBT - ok
21:01:57.0640 2968 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
21:01:58.0140 2968 NetDDE - ok
21:01:58.0250 2968 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
21:01:58.0265 2968 NetDDEdsdm - ok
21:01:58.0750 2968 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
21:01:58.0750 2968 Netlogon - ok
21:01:59.0015 2968 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
21:01:59.0531 2968 Netman - ok
21:01:59.0781 2968 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:02:00.0015 2968 NetTcpPortSharing - ok
21:02:00.0734 2968 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
21:02:01.0609 2968 NIC1394 - ok
21:02:01.0968 2968 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
21:02:02.0218 2968 Nla - ok
21:02:02.0437 2968 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
21:02:02.0546 2968 Npfs - ok
21:02:03.0406 2968 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
21:02:04.0812 2968 Ntfs - ok
21:02:05.0062 2968 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
21:02:05.0093 2968 NtLmSsp - ok
21:02:06.0359 2968 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
21:02:07.0078 2968 NtmsSvc - ok
21:02:07.0203 2968 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
21:02:07.0343 2968 Null - ok
21:02:08.0125 2968 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:02:08.0406 2968 NwlnkFlt - ok
21:02:08.0578 2968 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:02:08.0671 2968 NwlnkFwd - ok
21:02:08.0968 2968 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
21:02:09.0093 2968 ohci1394 - ok
21:02:09.0625 2968 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
21:02:10.0187 2968 ose - ok
21:02:10.0890 2968 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\drivers\Parport.sys
21:02:11.0375 2968 Parport - ok
21:02:12.0390 2968 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
21:02:12.0468 2968 PartMgr - ok
21:02:12.0890 2968 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
21:02:13.0015 2968 ParVdm - ok
21:02:14.0750 2968 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
21:02:14.0968 2968 PCI - ok
21:02:14.0984 2968 PCIDump - ok
21:02:15.0031 2968 PCIIde - ok
21:02:15.0265 2968 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
21:02:15.0546 2968 Pcmcia - ok
21:02:15.0593 2968 PDCOMP - ok
21:02:15.0625 2968 PDFRAME - ok
21:02:15.0640 2968 PDRELI - ok
21:02:15.0718 2968 PDRFRAME - ok
21:02:15.0750 2968 perc2 - ok
21:02:15.0765 2968 perc2hib - ok
21:02:16.0015 2968 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
21:02:16.0031 2968 PlugPlay - ok
21:02:17.0468 2968 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
21:02:17.0484 2968 PolicyAgent - ok
21:02:17.0640 2968 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:02:17.0828 2968 PptpMiniport - ok
21:02:17.0828 2968 prmvmouse - ok
21:02:17.0906 2968 [ 2CB55427C58679F49AD600FCCBA76360 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
21:02:18.0671 2968 Processor - ok
21:02:20.0250 2968 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
21:02:20.0265 2968 ProtectedStorage - ok
21:02:20.0500 2968 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
21:02:20.0734 2968 PSched - ok
21:02:20.0953 2968 [ D24DFD16A1E2A76034DF5AA18125C35D ] PSI C:\WINDOWS\system32\DRIVERS\psi_mf.sys
21:02:21.0046 2968 PSI - ok
21:02:21.0453 2968 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:02:21.0562 2968 Ptilink - ok
21:02:22.0312 2968 [ 617ACCADA2E0A0F43EC6030BBAC49513 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
21:02:22.0359 2968 PxHelp20 - ok
21:02:22.0375 2968 ql1080 - ok
21:02:22.0390 2968 Ql10wnt - ok
21:02:22.0437 2968 ql12160 - ok
21:02:22.0437 2968 ql1240 - ok
21:02:22.0484 2968 ql1280 - ok
21:02:22.0578 2968 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:02:22.0640 2968 RasAcd - ok
21:02:22.0828 2968 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
21:02:23.0625 2968 RasAuto - ok
21:02:23.0687 2968 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:02:25.0234 2968 Rasl2tp - ok
21:02:25.0921 2968 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
21:02:26.0265 2968 RasMan - ok
21:02:26.0500 2968 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:02:26.0640 2968 RasPppoe - ok
21:02:26.0890 2968 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
21:02:26.0968 2968 Raspti - ok
21:02:28.0234 2968 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:02:28.0515 2968 Rdbss - ok
21:02:28.0640 2968 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:02:28.0875 2968 RDPCDD - ok
21:02:29.0281 2968 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:02:29.0609 2968 rdpdr - ok
21:02:30.0031 2968 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
21:02:30.0437 2968 RDPWD - ok
21:02:31.0406 2968 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
21:02:31.0625 2968 RDSessMgr - ok
21:02:33.0031 2968 [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] RealNetworks Downloader Resolver Service C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe
21:02:33.0187 2968 RealNetworks Downloader Resolver Service - ok
21:02:34.0078 2968 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
21:02:34.0171 2968 redbook - ok
21:02:34.0296 2968 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
21:02:34.0406 2968 RemoteAccess - ok
21:02:35.0203 2968 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
21:02:35.0343 2968 RemoteRegistry - ok
21:02:35.0484 2968 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
21:02:35.0625 2968 RpcLocator - ok
21:02:36.0453 2968 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll
21:02:36.0484 2968 RpcSs - ok
21:02:37.0187 2968 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
21:02:37.0781 2968 RSVP - ok
21:02:38.0750 2968 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
21:02:38.0812 2968 SamSs - ok
21:02:39.0156 2968 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
21:02:39.0296 2968 SCardSvr - ok
21:02:39.0875 2968 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
21:02:40.0187 2968 Schedule - ok
21:02:40.0531 2968 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:02:40.0843 2968 Secdrv - ok
21:02:41.0765 2968 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
21:02:41.0781 2968 seclogon - ok
21:02:42.0156 2968 Secunia PSI Agent - ok
21:02:42.0156 2968 Secunia Update Agent - ok
21:02:45.0062 2968 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
21:02:45.0125 2968 SENS - ok
21:02:46.0093 2968 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\drivers\Serial.sys
21:02:46.0250 2968 Serial - ok
21:02:46.0968 2968 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\DRIVERS\sfloppy.sys
21:02:49.0906 2968 Sfloppy - ok
21:02:51.0015 2968 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
21:02:51.0312 2968 SharedAccess - ok
21:02:51.0500 2968 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:02:52.0015 2968 ShellHWDetection - ok
21:02:52.0234 2968 Simbad - ok
21:02:52.0265 2968 Sparrow - ok
21:02:52.0390 2968 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
21:02:52.0562 2968 splitter - ok
21:02:55.0265 2968 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
21:02:55.0375 2968 Spooler - ok
21:02:55.0812 2968 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
21:02:56.0031 2968 sr - ok
21:02:57.0703 2968 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
21:02:58.0140 2968 srservice - ok
21:03:00.0218 2968 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
21:03:00.0687 2968 Srv - ok
21:03:01.0203 2968 [ B2063CE662AF3AB20045121A5B716DF6 ] sscebus C:\WINDOWS\system32\DRIVERS\sscebus.sys
21:03:01.0453 2968 sscebus - ok
21:03:02.0203 2968 [ 66799DC0AFE3DCAF8368CAE17394A762 ] sscemdfl C:\WINDOWS\system32\DRIVERS\sscemdfl.sys
21:03:02.0578 2968 sscemdfl - ok
21:03:02.0968 2968 [ CBF03FFC08F8DB547BAB2F79AA663D16 ] sscemdm C:\WINDOWS\system32\DRIVERS\sscemdm.sys
21:03:03.0765 2968 sscemdm - ok
21:03:03.0890 2968 [ 60CD4AD33AA52E58FAAC3ABAD18CF8EF ] ssceserd C:\WINDOWS\system32\DRIVERS\ssceserd.sys
21:03:04.0062 2968 ssceserd - ok
21:03:04.0421 2968 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
21:03:04.0718 2968 SSDPSRV - ok
21:03:04.0968 2968 [ A2DBCC4C8860449DF1AB758EA28B4DE0 ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
21:03:05.0671 2968 StillCam - ok
21:03:06.0140 2968 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
21:03:06.0500 2968 stisvc - ok
21:03:06.0562 2968 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
21:03:06.0625 2968 swenum - ok
21:03:07.0484 2968 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
21:03:07.0640 2968 swmidi - ok
21:03:07.0656 2968 SwPrv - ok
21:03:07.0671 2968 symc810 - ok
21:03:07.0687 2968 symc8xx - ok
21:03:07.0718 2968 sym_hi - ok
21:03:07.0718 2968 sym_u3 - ok
21:03:08.0468 2968 [ E76E0A9A30A4F2809A3356AF32D06F0B ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
21:03:08.0859 2968 SynTP - ok
21:03:09.0328 2968 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
21:03:09.0750 2968 sysaudio - ok
21:03:10.0484 2968 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
21:03:10.0968 2968 SysmonLog - ok
21:03:11.0671 2968 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
21:03:13.0437 2968 TapiSrv - ok
21:03:13.0828 2968 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:03:14.0875 2968 Tcpip - ok
21:03:15.0062 2968 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
21:03:15.0640 2968 TDPIPE - ok
21:03:21.0890 2968 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
21:03:26.0687 2968 TDTCP - ok
21:03:33.0765 2968 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
21:03:34.0468 2968 TermDD - ok
21:03:35.0515 2968 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
21:03:36.0828 2968 TermService - ok
21:03:37.0812 2968 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
21:03:38.0812 2968 Themes - ok
21:03:39.0093 2968 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
21:03:39.0265 2968 TlntSvr - ok
21:03:39.0750 2968 TosIde - ok
21:03:40.0093 2968 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
21:03:40.0281 2968 TrkWks - ok
21:03:40.0437 2968 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
21:03:42.0328 2968 Udfs - ok
21:03:42.0343 2968 ULI5261XP - ok
21:03:42.0390 2968 ultra - ok
21:03:43.0234 2968 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
21:03:44.0484 2968 Update - ok
21:03:45.0296 2968 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
21:03:46.0640 2968 upnphost - ok
21:03:46.0875 2968 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
21:03:47.0062 2968 UPS - ok
21:03:47.0765 2968 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:03:48.0125 2968 usbehci - ok
21:03:48.0859 2968 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:03:49.0046 2968 usbhub - ok
21:03:49.0125 2968 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
21:03:49.0781 2968 usbohci - ok
21:03:49.0859 2968 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:03:50.0000 2968 usbprint - ok
21:03:50.0578 2968 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:03:50.0875 2968 usbscan - ok
21:03:50.0953 2968 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:03:52.0031 2968 USBSTOR - ok
21:03:52.0156 2968 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
21:03:52.0781 2968 VgaSave - ok
21:03:52.0796 2968 ViaIde - ok
21:03:53.0000 2968 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
21:03:53.0203 2968 VolSnap - ok
21:03:54.0062 2968 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
21:03:55.0031 2968 VSS - ok
21:03:55.0812 2968 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
21:03:56.0437 2968 W32Time - ok
21:03:57.0562 2968 [ 0BAA4C13CCD2CAFE1E121121F1C1611D ] W33ND C:\WINDOWS\system32\DRIVERS\W33ND.SYS
21:03:59.0953 2968 W33ND - ok
21:04:00.0531 2968 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:04:00.0859 2968 Wanarp - ok
21:04:00.0953 2968 wanatw - ok
21:04:01.0546 2968 [ 553E38A0E5C8FEB94CC228F3AF700AC2 ] wbsecdrv C:\WINDOWS\system32\DRIVERS\wbsecdrv.sys
21:04:02.0062 2968 wbsecdrv - ok
21:04:02.0078 2968 wbsecsvc - ok
21:04:02.0109 2968 WDICA - ok
21:04:02.0609 2968 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
21:04:02.0937 2968 wdmaud - ok
21:04:03.0187 2968 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
21:04:03.0390 2968 WebClient - ok
21:04:04.0500 2968 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
21:04:05.0671 2968 winmgmt - ok
21:04:06.0343 2968 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
21:04:06.0640 2968 WmdmPmSN - ok
21:04:07.0750 2968 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll
21:04:09.0578 2968 Wmi - ok
21:04:09.0875 2968 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
21:04:10.0265 2968 WmiApSrv - ok
21:04:12.0078 2968 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
21:04:14.0109 2968 WMPNetworkSvc - ok
21:04:14.0421 2968 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
21:04:14.0937 2968 WpdUsb - ok
21:04:15.0171 2968 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
21:04:15.0437 2968 wscsvc - ok
21:04:15.0875 2968 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
21:04:16.0890 2968 wuauserv - ok
21:04:17.0125 2968 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
21:04:17.0437 2968 WudfPf - ok
21:04:18.0062 2968 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
21:04:18.0734 2968 WudfRd - ok
21:04:18.0906 2968 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
21:04:19.0046 2968 WudfSvc - ok
21:04:20.0015 2968 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
21:04:20.0859 2968 WZCSVC - ok
21:04:21.0562 2968 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
21:04:21.0843 2968 xmlprov - ok
21:04:21.0875 2968 ================ Scan global ===============================
21:04:22.0156 2968 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
21:04:23.0000 2968 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
21:04:24.0687 2968 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
21:04:25.0296 2968 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
21:04:26.0015 2968 [Global] - ok
21:04:26.0046 2968 ================ Scan MBR ==================================
21:04:26.0109 2968 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
21:04:33.0734 2968 \Device\Harddisk0\DR0 - ok
21:04:33.0734 2968 ================ Scan VBR ==================================
21:04:33.0765 2968 [ 3512296C03EBE65E2D567EBF627925BE ] \Device\Harddisk0\DR0\Partition1
21:04:33.0796 2968 \Device\Harddisk0\DR0\Partition1 - ok
21:04:33.0843 2968 [ 6AD4F36E9FB040E494BA742ED2E3F1B4 ] \Device\Harddisk0\DR0\Partition2
21:04:34.0031 2968 \Device\Harddisk0\DR0\Partition2 - ok
21:04:34.0031 2968 ============================================================
21:04:34.0031 2968 Scan finished
21:04:34.0031 2968 ============================================================
21:04:35.0171 0192 Detected object count: 0
21:04:35.0171 0192 Actual detected object count: 0

markusg 25.02.2013 18:11
Hi
prüfe die Bilder, die in der Anleitung stehen, und konfiguriere TDSS-Killer dementsprechend, scanne erneut.

Tina67 25.02.2013 20:20
Sorry, jetzt müsste es passen:
19:37:23.0437 3476 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:37:25.0828 3476 ============================================================
19:37:25.0859 3476 Current date / time: 2013/02/25 19:37:25.0828
19:37:25.0859 3476 SystemInfo:
19:37:25.0859 3476
19:37:25.0859 3476 OS Version: 5.1.2600 ServicePack: 3.0
19:37:25.0906 3476 Product type: Workstation
19:37:25.0937 3476 ComputerName: ***
19:37:28.0015 3476 UserName: ***
19:37:28.0015 3476 Windows directory: C:\WINDOWS
19:37:28.0046 3476 System windows directory: C:\WINDOWS
19:37:29.0375 3476 Processor architecture: Intel x86
19:37:29.0390 3476 Number of processors: 1
19:37:29.0390 3476 Page size: 0x1000
19:37:29.0390 3476 Boot type: Normal boot
19:37:29.0406 3476 ============================================================
19:38:47.0312 3476 Drive \Device\Harddisk0\DR0 - Size: 0x12A3F92000 (74.56 Gb), SectorSize: 0x200, Cylinders: 0x2605, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:38:47.0843 3476 ============================================================
19:38:47.0875 3476 \Device\Harddisk0\DR0:
19:38:47.0875 3476 MBR partitions:
19:38:47.0875 3476 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x7DA15C9
19:38:47.0921 3476 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xB, StartLBA 0x7DA1647, BlocksNum 0x177C97E
19:38:47.0937 3476 ============================================================
19:38:48.0000 3476 C: <-> \Device\Harddisk0\DR0\Partition1
19:38:48.0000 3476 D: <-> \Device\Harddisk0\DR0\Partition2
19:38:48.0359 3476 ============================================================
19:38:48.0390 3476 Initialize success
19:38:48.0390 3476 ============================================================
19:42:47.0609 3104 ============================================================
19:42:47.0609 3104 Scan started
19:42:47.0609 3104 Mode: Manual; SigCheck; TDLFS;
19:42:47.0609 3104 ============================================================
19:42:49.0859 3104 ================ Scan system memory ========================
19:42:49.0875 3104 System memory - ok
19:42:49.0875 3104 ================ Scan services =============================
19:42:50.0703 3104 [ 149A8F7ADF9742554DC323E290551E3E ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
19:42:58.0250 3104 Aavmker4 - ok
19:42:58.0281 3104 Abiosdsk - ok
19:42:58.0296 3104 abp480n5 - ok
19:42:58.0531 3104 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:44:00.0671 3104 ACPI - ok
19:44:01.0140 3104 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
19:44:12.0156 3104 ACPIEC - ok
19:44:12.0203 3104 ActivHidSerMini - ok
19:44:13.0718 3104 [ 563CDCFEEAEF97163E206AF71A61AA6E ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:44:16.0171 3104 AdobeFlashPlayerUpdateSvc - ok
19:44:16.0187 3104 adpu160m - ok
19:44:18.0562 3104 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
19:44:20.0109 3104 aec - ok
19:44:20.0703 3104 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
19:44:21.0125 3104 AFD - ok
19:44:22.0109 3104 [ B894A08F2A01E27C1989C31C96FDDE83 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
19:44:26.0750 3104 AgereSoftModem - ok
19:44:26.0843 3104 Aha154x - ok
19:44:26.0906 3104 aic78u2 - ok
19:44:26.0968 3104 aic78xx - ok
19:44:26.0984 3104 ALCXWDM - ok
19:44:27.0062 3104 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
19:44:32.0765 3104 Alerter - ok
19:44:32.0859 3104 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
19:44:34.0015 3104 ALG - ok
19:44:34.0125 3104 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
19:44:34.0718 3104 AliIde - ok
19:44:34.0953 3104 [ B9DBAAE3219661F4D0C5E8DC0C2F987D ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
19:44:36.0109 3104 AmdK8 - ok
19:44:36.0109 3104 amsint - ok
19:44:37.0109 3104 [ 3A4982DF893F198A2DFBCCD4CE10F93A ] Apple Mobile Device C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
19:44:37.0500 3104 Apple Mobile Device ( UnsignedFile.Multi.Generic ) - warning
19:44:37.0500 3104 Apple Mobile Device - detected UnsignedFile.Multi.Generic (1)
19:44:37.0703 3104 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
19:44:38.0500 3104 AppMgmt - ok
19:44:38.0593 3104 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
19:44:39.0359 3104 Arp1394 - ok
19:44:39.0421 3104 asc - ok
19:44:39.0437 3104 asc3350p - ok
19:44:39.0468 3104 asc3550 - ok
19:44:39.0875 3104 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
19:44:40.0234 3104 aspnet_state - ok
19:44:40.0328 3104 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
19:44:40.0437 3104 aswFsBlk - ok
19:44:40.0546 3104 [ 84F0BE324EE111338589F448C3E8BAB2 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
19:44:40.0750 3104 aswMon2 - ok
19:44:40.0843 3104 [ 7C9F0A2AB17D52261A9252A2EB320884 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
19:44:41.0312 3104 AswRdr - ok
19:44:41.0890 3104 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
19:44:43.0312 3104 aswSnx - ok
19:44:43.0625 3104 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
19:44:47.0171 3104 aswSP - ok
19:44:47.0390 3104 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
19:44:47.0500 3104 aswTdi - ok
19:44:47.0625 3104 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:44:49.0375 3104 AsyncMac - ok
19:44:49.0906 3104 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
19:44:51.0359 3104 atapi - ok
19:44:51.0359 3104 Atdisk - ok
19:44:51.0765 3104 [ 43E945DC2A642539E2B07633CDC9C30E ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
19:44:54.0171 3104 Ati HotKey Poller - ok
19:44:55.0765 3104 [ C762F8FCA8F7023E3D405AB915E8ACD7 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
19:45:02.0703 3104 ati2mtag - ok
19:45:02.0812 3104 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:45:04.0156 3104 Atmarpc - ok
19:45:04.0234 3104 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
19:45:05.0906 3104 AudioSrv - ok
19:45:06.0000 3104 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
19:45:12.0796 3104 audstub - ok
19:45:12.0937 3104 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Programme\AVAST Software\Avast\AvastSvc.exe
19:45:13.0125 3104 avast! Antivirus - ok
19:45:13.0187 3104 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:45:14.0859 3104 Beep - ok
19:45:15.0265 3104 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
19:45:18.0921 3104 BITS - ok
19:45:19.0031 3104 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
19:45:21.0734 3104 Browser - ok
19:45:21.0781 3104 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
19:45:23.0718 3104 cbidf2k - ok
19:45:23.0718 3104 cd20xrnt - ok
19:45:23.0781 3104 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
19:45:25.0671 3104 Cdaudio - ok
19:45:25.0765 3104 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
19:45:28.0531 3104 Cdfs - ok
19:45:28.0781 3104 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:45:30.0390 3104 Cdrom - ok
19:45:30.0406 3104 Changer - ok
19:45:30.0468 3104 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
19:45:31.0609 3104 CiSvc - ok
19:45:31.0671 3104 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
19:45:33.0734 3104 ClipSrv - ok
19:45:33.0828 3104 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:45:34.0500 3104 clr_optimization_v2.0.50727_32 - ok
19:45:34.0531 3104 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
19:45:35.0843 3104 CmBatt - ok
19:45:35.0906 3104 CmdIde - ok
19:45:35.0953 3104 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
19:45:41.0281 3104 Compbatt - ok
19:45:41.0484 3104 COMSysApp - ok
19:45:42.0156 3104 Cpqarray - ok
19:45:42.0406 3104 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
19:45:50.0062 3104 CryptSvc - ok
19:45:50.0515 3104 dac2w2k - ok
19:45:50.0828 3104 dac960nt - ok
19:45:51.0796 3104 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:45:55.0203 3104 DcomLaunch - ok
19:45:55.0265 3104 [ 6216FD7FD227DE454238A702B218CEC7 ] dgderdrv C:\WINDOWS\system32\drivers\dgderdrv.sys
19:45:55.0843 3104 dgderdrv - ok
19:45:55.0984 3104 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
19:46:00.0218 3104 Dhcp - ok
19:46:00.0281 3104 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
19:46:01.0421 3104 Disk - ok
19:46:01.0437 3104 dmadmin - ok
19:46:02.0218 3104 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
19:46:04.0828 3104 dmboot - ok
19:46:05.0140 3104 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
19:46:06.0531 3104 dmio - ok
19:46:06.0562 3104 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
19:46:08.0250 3104 dmload - ok
19:46:08.0312 3104 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
19:46:14.0375 3104 dmserver - ok
19:46:14.0562 3104 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
19:46:18.0250 3104 DMusic - ok
19:46:18.0718 3104 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:46:20.0500 3104 Dnscache - ok
19:46:20.0875 3104 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
19:46:26.0906 3104 Dot3svc - ok
19:46:26.0921 3104 dpti2o - ok
19:46:27.0015 3104 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
19:46:27.0406 3104 drmkaud - ok
19:46:27.0593 3104 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
19:46:27.0890 3104 EapHost - ok
19:46:27.0953 3104 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
19:46:28.0187 3104 ERSvc - ok
19:46:28.0328 3104 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
19:46:28.0484 3104 Eventlog - ok
19:46:28.0734 3104 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
19:46:29.0093 3104 EventSystem - ok
19:46:29.0328 3104 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
19:46:29.0671 3104 Fastfat - ok
19:46:29.0828 3104 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:46:30.0031 3104 FastUserSwitchingCompatibility - ok
19:46:30.0484 3104 [ 08B8B302AF0D1B3B8543429BBAC8F21F ] Fax C:\WINDOWS\system32\fxssvc.exe
19:46:30.0937 3104 Fax - ok
19:46:31.0078 3104 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
19:46:31.0453 3104 Fdc - ok
19:46:31.0515 3104 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
19:46:31.0953 3104 Fips - ok
19:46:31.0984 3104 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
19:46:32.0515 3104 Flpydisk - ok
19:46:32.0671 3104 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:46:32.0984 3104 FltMgr - ok
19:46:33.0156 3104 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:46:33.0234 3104 FontCache3.0.0.0 - ok
19:46:33.0328 3104 [ B07663A810E861EEBFD0EAC7E82CA62D ] FsUsbExDisk C:\WINDOWS\system32\FsUsbExDisk.SYS
19:46:33.0453 3104 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
19:46:33.0453 3104 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
19:46:33.0734 3104 [ 15AB846886C225FFF0376F3CEF21188F ] FsUsbExService C:\WINDOWS\system32\FsUsbExService.Exe
19:46:34.0015 3104 FsUsbExService ( UnsignedFile.Multi.Generic ) - warning
19:46:34.0015 3104 FsUsbExService - detected UnsignedFile.Multi.Generic (1)
19:46:34.0062 3104 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:46:34.0468 3104 Fs_Rec - ok
19:46:34.0593 3104 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:46:35.0062 3104 Ftdisk - ok
19:46:35.0140 3104 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:46:35.0421 3104 Gpc - ok
19:46:35.0640 3104 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
19:46:35.0781 3104 gupdate - ok
19:46:35.0921 3104 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
19:46:36.0000 3104 gupdatem - ok
19:46:36.0265 3104 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
19:46:36.0500 3104 gusvc - ok
19:46:36.0640 3104 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:46:36.0953 3104 helpsvc - ok
19:46:36.0968 3104 HidServ - ok
19:46:37.0031 3104 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:46:37.0375 3104 HidUsb - ok
19:46:37.0984 3104 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
19:46:38.0953 3104 hkmsvc - ok
19:46:38.0968 3104 hpn - ok
19:46:39.0218 3104 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
19:46:41.0906 3104 HTTP - ok
19:46:42.0218 3104 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
19:46:43.0562 3104 HTTPFilter - ok
19:46:43.0578 3104 i2omgmt - ok
19:46:43.0578 3104 i2omp - ok
19:46:43.0671 3104 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:46:44.0000 3104 i8042prt - ok
19:46:44.0203 3104 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
19:46:51.0265 3104 IDriverT ( UnsignedFile.Multi.Generic ) - warning
19:46:51.0265 3104 IDriverT - detected UnsignedFile.Multi.Generic (1)
19:46:52.0312 3104 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:46:54.0828 3104 idsvc - ok
19:46:55.0000 3104 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
19:46:56.0015 3104 Imapi - ok
19:46:56.0437 3104 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
19:46:57.0218 3104 ImapiService - ok
19:46:57.0234 3104 ini910u - ok
19:46:57.0265 3104 IntelIde - ok
19:46:57.0375 3104 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
19:46:57.0671 3104 Ip6Fw - ok
19:46:57.0781 3104 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:46:58.0140 3104 IpFilterDriver - ok
19:46:58.0187 3104 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:46:58.0468 3104 IpInIp - ok
19:46:58.0734 3104 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:46:59.0109 3104 IpNat - ok
19:46:59.0281 3104 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:46:59.0687 3104 IPSec - ok
19:46:59.0968 3104 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
19:47:00.0359 3104 IRENUM - ok
19:47:00.0468 3104 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:47:00.0781 3104 isapnp - ok
19:47:02.0000 3104 [ 94A8C9436C36CD9657CFED0043066B9C ] Iviaspi C:\WINDOWS\system32\drivers\iviaspi.sys
19:47:02.0093 3104 Iviaspi ( UnsignedFile.Multi.Generic ) - warning
19:47:02.0093 3104 Iviaspi - detected UnsignedFile.Multi.Generic (1)
19:47:03.0968 3104 [ 1758AF653723679E3746FC7DDD93C69B ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
19:47:04.0171 3104 JavaQuickStarterService - ok
19:47:04.0265 3104 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:47:04.0609 3104 Kbdclass - ok
19:47:04.0843 3104 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
19:47:05.0062 3104 kmixer - ok
19:47:05.0218 3104 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
19:47:05.0625 3104 KSecDD - ok
19:47:06.0218 3104 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
19:47:06.0437 3104 lanmanserver - ok
19:47:07.0031 3104 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:47:08.0187 3104 lanmanworkstation - ok
19:47:08.0203 3104 lbrtfdc - ok
19:47:10.0296 3104 [ D30D9547C02ECEE13E259970F71503D7 ] LightScribeService C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
19:47:11.0062 3104 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
19:47:11.0062 3104 LightScribeService - detected UnsignedFile.Multi.Generic (1)
19:47:11.0703 3104 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
19:47:12.0484 3104 LmHosts - ok
19:47:12.0750 3104 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
19:47:13.0031 3104 MBAMProtector - ok
19:47:15.0140 3104 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:47:16.0765 3104 MBAMScheduler - ok
19:47:17.0906 3104 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
19:47:20.0296 3104 MBAMService - ok
19:47:23.0281 3104 [ 52404CC76E9D53843BDF97564BB16BED ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe
19:47:23.0687 3104 McrdSvc - ok
19:47:25.0984 3104 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
19:47:26.0531 3104 MDM - ok
19:47:26.0781 3104 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
19:47:27.0421 3104 Messenger - ok
19:47:27.0875 3104 [ DED60230E3019C508769EC3C15BCDA44 ] MHN C:\WINDOWS\System32\mhn.dll
19:47:31.0031 3104 MHN ( UnsignedFile.Multi.Generic ) - warning
19:47:31.0031 3104 MHN - detected UnsignedFile.Multi.Generic (1)
19:47:31.0140 3104 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
19:47:31.0484 3104 MHNDRV ( UnsignedFile.Multi.Generic ) - warning
19:47:31.0484 3104 MHNDRV - detected UnsignedFile.Multi.Generic (1)
19:47:31.0812 3104 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
19:47:32.0812 3104 mnmdd - ok
19:47:33.0109 3104 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
19:47:33.0656 3104 mnmsrvc - ok
19:47:34.0000 3104 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
19:47:34.0968 3104 Modem - ok
19:47:35.0187 3104 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:47:35.0984 3104 Mouclass - ok
19:47:36.0156 3104 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:47:36.0687 3104 mouhid - ok
19:47:36.0906 3104 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
19:47:37.0390 3104 MountMgr - ok
19:47:37.0406 3104 mraid35x - ok
19:47:37.0656 3104 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:47:38.0484 3104 MRxDAV - ok
19:47:39.0218 3104 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:47:40.0921 3104 MRxSmb - ok
19:47:41.0109 3104 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
19:47:41.0734 3104 MSDTC - ok
19:47:41.0812 3104 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:47:42.0453 3104 Msfs - ok
19:47:42.0484 3104 MSIServer - ok
19:47:42.0562 3104 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:47:43.0375 3104 MSKSSRV - ok
19:47:43.0906 3104 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:47:44.0640 3104 MSPCLOCK - ok
19:47:44.0687 3104 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
19:47:45.0109 3104 MSPQM - ok
19:47:45.0437 3104 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:47:45.0781 3104 mssmbios - ok
19:47:46.0421 3104 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
19:47:47.0093 3104 Mup - ok
19:47:47.0859 3104 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
19:47:48.0796 3104 napagent - ok
19:47:49.0109 3104 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
19:47:50.0125 3104 NDIS - ok
19:47:50.0343 3104 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:47:51.0125 3104 NdisTapi - ok
19:47:51.0375 3104 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:47:52.0250 3104 Ndisuio - ok
19:47:52.0484 3104 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:48:03.0015 3104 NdisWan - ok
19:48:03.0140 3104 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
19:48:04.0625 3104 NDProxy - ok
19:48:04.0718 3104 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
19:48:13.0031 3104 NetBIOS - ok
19:48:13.0328 3104 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:48:14.0140 3104 NetBT - ok
19:48:14.0296 3104 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
19:48:15.0484 3104 NetDDE - ok
19:48:15.0593 3104 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
19:48:16.0703 3104 NetDDEdsdm - ok
19:48:17.0109 3104 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:48:17.0609 3104 Netlogon - ok
19:48:18.0734 3104 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
19:48:19.0593 3104 Netman - ok
19:48:20.0359 3104 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:48:21.0468 3104 NetTcpPortSharing - ok
19:48:21.0640 3104 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
19:48:25.0390 3104 NIC1394 - ok
19:48:26.0500 3104 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
19:48:30.0062 3104 Nla - ok
19:48:31.0140 3104 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:48:32.0234 3104 Npfs - ok
19:48:33.0687 3104 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
19:48:35.0750 3104 Ntfs - ok
19:48:36.0093 3104 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
19:48:36.0453 3104 NtLmSsp - ok
19:48:36.0953 3104 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
19:48:38.0281 3104 NtmsSvc - ok
19:48:38.0359 3104 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
19:48:39.0468 3104 Null - ok
19:48:39.0546 3104 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:48:40.0203 3104 NwlnkFlt - ok
19:48:40.0468 3104 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:48:41.0484 3104 NwlnkFwd - ok
19:48:41.0718 3104 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
19:48:42.0875 3104 ohci1394 - ok
19:48:43.0453 3104 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
19:48:43.0593 3104 ose - ok
19:48:43.0812 3104 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\drivers\Parport.sys
19:48:44.0828 3104 Parport - ok
19:48:44.0953 3104 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
19:48:46.0187 3104 PartMgr - ok
19:48:46.0453 3104 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
19:48:48.0062 3104 ParVdm - ok
19:48:48.0328 3104 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
19:48:48.0734 3104 PCI - ok
19:48:48.0796 3104 PCIDump - ok
19:48:48.0812 3104 PCIIde - ok
19:48:49.0187 3104 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
19:48:50.0000 3104 Pcmcia - ok
19:48:50.0015 3104 PDCOMP - ok
19:48:50.0046 3104 PDFRAME - ok
19:48:50.0078 3104 PDRELI - ok
19:48:50.0093 3104 PDRFRAME - ok
19:48:50.0109 3104 perc2 - ok
19:48:50.0125 3104 perc2hib - ok
19:48:50.0281 3104 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
19:48:50.0703 3104 PlugPlay - ok
19:48:50.0734 3104 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
19:48:51.0796 3104 PolicyAgent - ok
19:48:52.0453 3104 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:48:52.0968 3104 PptpMiniport - ok
19:48:52.0984 3104 prmvmouse - ok
19:48:53.0500 3104 [ 2CB55427C58679F49AD600FCCBA76360 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
19:48:53.0953 3104 Processor - ok
19:48:54.0015 3104 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:48:54.0828 3104 ProtectedStorage - ok
19:48:54.0937 3104 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
19:48:55.0593 3104 PSched - ok
19:48:57.0156 3104 [ D24DFD16A1E2A76034DF5AA18125C35D ] PSI C:\WINDOWS\system32\DRIVERS\psi_mf.sys
19:48:57.0484 3104 PSI - ok
19:48:57.0546 3104 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:48:58.0921 3104 Ptilink - ok
19:48:59.0453 3104 [ 617ACCADA2E0A0F43EC6030BBAC49513 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
19:49:00.0156 3104 PxHelp20 - ok
19:49:00.0156 3104 ql1080 - ok
19:49:00.0187 3104 Ql10wnt - ok
19:49:00.0203 3104 ql12160 - ok
19:49:00.0218 3104 ql1240 - ok
19:49:00.0234 3104 ql1280 - ok
19:49:00.0500 3104 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:49:01.0812 3104 RasAcd - ok
19:49:01.0937 3104 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:49:02.0781 3104 RasAuto - ok
19:49:03.0078 3104 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:49:04.0390 3104 Rasl2tp - ok
19:49:05.0640 3104 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:49:06.0406 3104 RasMan - ok
19:49:06.0484 3104 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:49:06.0937 3104 RasPppoe - ok
19:49:07.0093 3104 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
19:49:07.0843 3104 Raspti - ok
19:49:08.0015 3104 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:49:09.0593 3104 Rdbss - ok
19:49:09.0906 3104 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:49:10.0296 3104 RDPCDD - ok
19:49:11.0203 3104 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:49:12.0250 3104 rdpdr - ok
19:49:13.0187 3104 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
19:49:18.0515 3104 RDPWD - ok
19:49:18.0968 3104 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
19:49:20.0968 3104 RDSessMgr - ok
19:49:22.0078 3104 [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] RealNetworks Downloader Resolver Service C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe
19:49:22.0671 3104 RealNetworks Downloader Resolver Service - ok
19:49:22.0734 3104 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
19:49:23.0875 3104 redbook - ok
19:49:24.0890 3104 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:49:25.0203 3104 RemoteAccess - ok
19:49:25.0468 3104 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
19:49:25.0921 3104 RemoteRegistry - ok
19:49:26.0031 3104 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
19:49:26.0500 3104 RpcLocator - ok
19:49:27.0171 3104 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll
19:49:29.0281 3104 RpcSs - ok
19:49:29.0468 3104 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
19:49:30.0531 3104 RSVP - ok
19:49:30.0656 3104 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
19:49:31.0125 3104 SamSs - ok
19:49:31.0265 3104 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
19:49:32.0187 3104 SCardSvr - ok
19:49:32.0937 3104 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:49:34.0187 3104 Schedule - ok
19:49:34.0390 3104 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:49:36.0531 3104 Secdrv - ok
19:49:36.0671 3104 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
19:49:37.0203 3104 seclogon - ok
19:49:37.0421 3104 Secunia PSI Agent - ok
19:49:37.0437 3104 Secunia Update Agent - ok
19:49:38.0078 3104 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
19:49:38.0765 3104 SENS - ok
19:49:38.0906 3104 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\drivers\Serial.sys
19:49:39.0640 3104 Serial - ok
19:49:39.0781 3104 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\DRIVERS\sfloppy.sys
19:49:40.0171 3104 Sfloppy - ok
19:49:40.0562 3104 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:49:41.0468 3104 SharedAccess - ok
19:49:41.0687 3104 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:49:41.0890 3104 ShellHWDetection - ok
19:49:41.0906 3104 Simbad - ok
19:49:41.0921 3104 Sparrow - ok
19:49:41.0984 3104 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
19:49:42.0734 3104 splitter - ok
19:49:42.0890 3104 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
19:49:43.0234 3104 Spooler - ok
19:49:43.0359 3104 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
19:49:43.0781 3104 sr - ok
19:49:44.0078 3104 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
19:49:45.0031 3104 srservice - ok
19:49:45.0453 3104 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:49:46.0875 3104 Srv - ok
19:49:47.0078 3104 [ B2063CE662AF3AB20045121A5B716DF6 ] sscebus C:\WINDOWS\system32\DRIVERS\sscebus.sys
19:49:47.0281 3104 sscebus - ok
19:49:47.0359 3104 [ 66799DC0AFE3DCAF8368CAE17394A762 ] sscemdfl C:\WINDOWS\system32\DRIVERS\sscemdfl.sys
19:49:47.0937 3104 sscemdfl - ok
19:49:48.0062 3104 [ CBF03FFC08F8DB547BAB2F79AA663D16 ] sscemdm C:\WINDOWS\system32\DRIVERS\sscemdm.sys
19:49:48.0343 3104 sscemdm - ok
19:49:48.0437 3104 [ 60CD4AD33AA52E58FAAC3ABAD18CF8EF ] ssceserd C:\WINDOWS\system32\DRIVERS\ssceserd.sys
19:49:48.0656 3104 ssceserd - ok
19:49:49.0421 3104 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:49:51.0921 3104 SSDPSRV - ok
19:49:52.0015 3104 [ A2DBCC4C8860449DF1AB758EA28B4DE0 ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
19:49:52.0968 3104 StillCam - ok
19:49:53.0500 3104 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
19:49:55.0156 3104 stisvc - ok
19:49:55.0312 3104 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
19:49:55.0906 3104 swenum - ok
19:49:56.0015 3104 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
19:49:56.0875 3104 swmidi - ok
19:49:57.0109 3104 SwPrv - ok
19:49:57.0187 3104 symc810 - ok
19:49:57.0203 3104 symc8xx - ok
19:49:57.0218 3104 sym_hi - ok
19:49:57.0250 3104 sym_u3 - ok
19:49:57.0515 3104 [ E76E0A9A30A4F2809A3356AF32D06F0B ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
19:49:58.0046 3104 SynTP - ok
19:49:58.0546 3104 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
19:49:59.0390 3104 sysaudio - ok
19:49:59.0531 3104 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
19:50:01.0203 3104 SysmonLog - ok
19:50:01.0453 3104 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:50:03.0062 3104 TapiSrv - ok
19:50:03.0406 3104 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:50:04.0203 3104 Tcpip - ok
19:50:05.0031 3104 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
19:50:05.0609 3104 TDPIPE - ok
19:50:05.0687 3104 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
19:50:06.0156 3104 TDTCP - ok
19:50:06.0265 3104 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
19:50:06.0593 3104 TermDD - ok
19:50:08.0328 3104 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
19:50:09.0531 3104 TermService - ok
19:50:10.0140 3104 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
19:50:11.0843 3104 Themes - ok
19:50:12.0734 3104 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
19:50:13.0859 3104 TlntSvr - ok
19:50:13.0875 3104 TosIde - ok
19:50:14.0093 3104 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
19:50:15.0140 3104 TrkWks - ok
19:50:15.0234 3104 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
19:50:16.0312 3104 Udfs - ok
19:50:16.0328 3104 ULI5261XP - ok
19:50:16.0453 3104 ultra - ok
19:50:16.0828 3104 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
19:50:18.0390 3104 Update - ok
19:50:18.0921 3104 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
19:50:19.0515 3104 upnphost - ok
19:50:19.0609 3104 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
19:50:20.0078 3104 UPS - ok
19:50:20.0343 3104 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:50:21.0453 3104 usbehci - ok
19:50:21.0703 3104 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:50:22.0625 3104 usbhub - ok
19:50:22.0734 3104 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
19:50:23.0765 3104 usbohci - ok
19:50:23.0890 3104 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:50:24.0312 3104 usbprint - ok
19:50:25.0406 3104 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:50:26.0250 3104 usbscan - ok
19:50:26.0765 3104 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:50:27.0968 3104 USBSTOR - ok
19:50:28.0562 3104 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
19:50:29.0531 3104 VgaSave - ok
19:50:29.0546 3104 ViaIde - ok
19:50:29.0656 3104 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
19:50:30.0000 3104 VolSnap - ok
19:50:30.0953 3104 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
19:50:32.0234 3104 VSS - ok
19:50:33.0203 3104 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
19:50:35.0750 3104 W32Time - ok
19:50:36.0609 3104 [ 0BAA4C13CCD2CAFE1E121121F1C1611D ] W33ND C:\WINDOWS\system32\DRIVERS\W33ND.SYS
19:50:39.0921 3104 W33ND - ok
19:50:41.0781 3104 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:50:43.0750 3104 Wanarp - ok
19:50:43.0765 3104 wanatw - ok
19:50:43.0859 3104 [ 553E38A0E5C8FEB94CC228F3AF700AC2 ] wbsecdrv C:\WINDOWS\system32\DRIVERS\wbsecdrv.sys
19:50:44.0031 3104 wbsecdrv ( UnsignedFile.Multi.Generic ) - warning
19:50:44.0031 3104 wbsecdrv - detected UnsignedFile.Multi.Generic (1)
19:50:44.0062 3104 wbsecsvc - ok
19:50:44.0078 3104 WDICA - ok
19:50:44.0625 3104 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
19:50:44.0984 3104 wdmaud - ok
19:50:45.0125 3104 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
19:50:46.0765 3104 WebClient - ok
19:50:47.0718 3104 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:50:48.0343 3104 winmgmt - ok
19:50:48.0468 3104 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
19:50:49.0093 3104 WmdmPmSN - ok
19:50:49.0828 3104 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll
19:50:51.0156 3104 Wmi - ok
19:50:51.0703 3104 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:50:52.0609 3104 WmiApSrv - ok
19:50:59.0531 3104 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
19:51:01.0843 3104 WMPNetworkSvc - ok
19:51:02.0625 3104 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
19:51:03.0000 3104 WpdUsb - ok
19:51:09.0453 3104 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
19:51:10.0562 3104 wscsvc - ok
19:51:11.0781 3104 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
19:51:12.0828 3104 wuauserv - ok
19:51:13.0062 3104 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:51:13.0781 3104 WudfPf - ok
19:51:13.0937 3104 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:51:14.0421 3104 WudfRd - ok
19:51:14.0531 3104 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
19:51:15.0390 3104 WudfSvc - ok
19:51:16.0937 3104 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
19:51:26.0015 3104 WZCSVC - ok
19:51:27.0359 3104 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
19:51:28.0265 3104 xmlprov - ok
19:51:28.0296 3104 ================ Scan global ===============================
19:51:28.0421 3104 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
19:51:29.0078 3104 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
19:51:30.0250 3104 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
19:51:30.0609 3104 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
19:51:30.0625 3104 [Global] - ok
19:51:30.0625 3104 ================ Scan MBR ==================================
19:51:31.0156 3104 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
19:51:55.0406 3104 \Device\Harddisk0\DR0 - ok
19:51:55.0421 3104 ================ Scan VBR ==================================
19:51:55.0546 3104 [ 3512296C03EBE65E2D567EBF627925BE ] \Device\Harddisk0\DR0\Partition1
19:51:55.0968 3104 \Device\Harddisk0\DR0\Partition1 - ok
19:51:56.0015 3104 [ 6FC8CA293581F30C410419C7437CF90A ] \Device\Harddisk0\DR0\Partition2
19:51:56.0109 3104 \Device\Harddisk0\DR0\Partition2 - ok
19:51:56.0125 3104 ============================================================
19:51:56.0125 3104 Scan finished
19:51:56.0125 3104 ============================================================
19:51:56.0484 1592 Detected object count: 9
19:51:56.0484 1592 Actual detected object count: 9
19:53:53.0515 1592 Apple Mobile Device ( UnsignedFile.Multi.Generic ) - skipped by user
19:53:53.0515 1592 Apple Mobile Device ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:53:53.0515 1592 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
19:53:53.0515 1592 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:53:53.0515 1592 FsUsbExService ( UnsignedFile.Multi.Generic ) - skipped by user
19:53:53.0515 1592 FsUsbExService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:53:53.0515 1592 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
19:53:53.0515 1592 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:53:53.0531 1592 Iviaspi ( UnsignedFile.Multi.Generic ) - skipped by user
19:53:53.0531 1592 Iviaspi ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:53:53.0531 1592 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
19:53:53.0531 1592 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:53:53.0531 1592 MHN ( UnsignedFile.Multi.Generic ) - skipped by user
19:53:53.0531 1592 MHN ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:53:53.0531 1592 MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user
19:53:53.0531 1592 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:53:53.0546 1592 wbsecdrv ( UnsignedFile.Multi.Generic ) - skipped by user
19:53:53.0546 1592 wbsecdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:02:53.0890 1704 Deinitialize success

markusg 25.02.2013 20:24
Aloa,
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Tina67 27.02.2013 10:19
Hi,

ich habe jetzt mehrfach versucht, den Scan mit Combofix zu machen, aber jedes Mal endet es nach einer Weile damit, dass der Computer herunter und wieder hochfährt, es aber kein Logfile gibt.

Stattdessen kam die Windows Meldung:
Das System wird nach einem schwerwiegenden Fehler wieder ausgeführt.

Problemsignatur:
BCCode: 19
BCP1: 000 000 20
BCP2: 84037968
BCP3: 84037080
BCP4: 1A830001
OSVer: 5_1_2600
SP: 3_0
Product: 256_1

markusg 27.02.2013 13:18
starte neu, drücke f8 wähle abgesicherter modus, melde dich in deinem Konto an, führe combofix erneut aus, starte, wenn fertig, in den normalen Modus und poste das log.

Tina67 27.02.2013 18:50
Jetzt hat es gekplappt. Allerdings komme ich im Moment weder über Chrome noch den Internet explorer ins Netz. Daher habe ich den Log per USB-Stick herauskopiert und schicke ihn über einen anderen Computer:
Combofix Logfile:
Code:
ComboFix 13-02-24.01 - *** 27.02.2013  17:07:49.2.1 - x86 MINIMAL
Microsoft Windows XP Professional  5.1.2600.3.1252.49.1031.18.895.698 [GMT 1:00]
ausgeführt von:: c:\dokumente und einstellungen\***\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokumente und einstellungen\Administrator\Anwendungsdaten\AdobeDLM.log
c:\dokumente und einstellungen\Default User\Anwendungsdaten\AdobeDLM.log
c:\dokumente und einstellungen\***\Anwendungsdaten\.#
c:\dokumente und einstellungen\***\Anwendungsdaten\.#\MBX@F80@A141A8.###
c:\dokumente und einstellungen\***\Anwendungsdaten\.#\MBX@F80@A141D8.###
c:\dokumente und einstellungen\***\Anwendungsdaten\.#\MBX@F80@A14208.###
c:\dokumente und einstellungen\***\WINDOWS
c:\programme\autorun.inf
c:\windows\IsUn0407.exe
c:\windows\system32\muzapp.exe
c:\windows\system32\SET12.tmp
c:\windows\system32\SET13.tmp
c:\windows\system32\SET14.tmp
c:\windows\system32\SET15.tmp
c:\windows\system32\SET19.tmp
c:\windows\system32\SET1B.tmp
c:\windows\system32\SET1D.tmp
c:\windows\system32\SET22.tmp
c:\windows\system32\SET4A.tmp
c:\windows\system32\SET56.tmp
c:\windows\system32\SET5F.tmp
c:\windows\system32\SET60.tmp
c:\windows\system32\SET61.tmp
c:\windows\system32\SET62.tmp
c:\windows\system32\SET64.tmp
c:\windows\system32\SET71.tmp
c:\windows\system32\SET7A.tmp
c:\windows\system32\SET9.tmp
c:\windows\system32\SETB.tmp
c:\windows\system32\SETC.tmp
c:\windows\system32\System32\MASetupCleaner.exe
c:\windows\system32\System32\muzapp.exe
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-01-27 bis 2013-02-27  ))))))))))))))))))))))))))))))
.
.
2013-02-24 14:00 . 2013-02-24 13:58        94112        ----a-w-        c:\windows\system32\WindowsAccessBridge.dll
2013-02-24 12:03 . 2013-02-24 12:03        --------        d-----w-        c:\programme\Microsoft
2013-02-24 11:07 . 2013-02-24 11:07        --------        d-----w-        c:\dokumente und einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Secunia PSI
2013-02-17 12:36 . 2013-02-17 12:36        --------        d-----w-        c:\dokumente und einstellungen\***\Anwendungsdaten\RealNetworks
2013-02-17 12:34 . 2013-02-17 12:34        --------        d-----w-        c:\dokumente und einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Sun
2013-02-14 15:55 . 2012-06-02 14:18        275696        ----a-w-        c:\windows\system32\mucltui.dll
2013-02-14 14:22 . 2013-02-14 14:23        --------        d-----w-        c:\programme\RealNetworks
2013-02-14 14:22 . 2013-02-14 14:22        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\RealNetworks
2013-02-14 14:20 . 2013-02-14 14:20        --------        d-----w-        c:\programme\Gemeinsame Dateien\xing shared
2013-02-14 13:15 . 2013-02-14 13:23        --------        d-----w-        c:\programme\QuickTime
2013-02-14 11:11 . 2013-02-24 13:57        143872        ----a-w-        c:\windows\system32\javacpl.cpl
2013-02-14 06:57 . 2013-02-14 06:57        --------        d-----w-        c:\programme\Secunia
2013-02-13 21:56 . 2012-10-30 22:51        21256        ----a-w-        c:\windows\system32\drivers\aswFsBlk.sys
2013-02-13 21:56 . 2012-10-30 22:51        361032        ----a-w-        c:\windows\system32\drivers\aswSP.sys
2013-02-13 21:56 . 2012-10-30 22:51        35928        ----a-w-        c:\windows\system32\drivers\aswRdr.sys
2013-02-13 21:56 . 2012-10-30 22:51        54232        ----a-w-        c:\windows\system32\drivers\aswTdi.sys
2013-02-13 21:55 . 2012-10-30 22:51        738504        ----a-w-        c:\windows\system32\drivers\aswSnx.sys
2013-02-13 21:55 . 2012-10-30 22:51        97608        ----a-w-        c:\windows\system32\drivers\aswmon2.sys
2013-02-13 21:55 . 2012-10-30 22:51        89752        ----a-w-        c:\windows\system32\drivers\aswmon.sys
2013-02-13 21:55 . 2012-10-30 22:51        25256        ----a-w-        c:\windows\system32\drivers\aavmker4.sys
2013-02-13 21:52 . 2012-10-30 22:51        41224        ----a-w-        c:\windows\avastSS.scr
2013-02-13 21:51 . 2012-10-30 22:50        227648        ----a-w-        c:\windows\system32\aswBoot.exe
2013-02-13 21:45 . 2013-02-13 21:45        --------        d-----w-        c:\programme\AVAST Software
2013-02-13 21:45 . 2013-02-13 21:45        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\AVAST Software
2013-02-13 17:41 . 2013-02-13 17:41        --------        d-----w-        c:\dokumente und einstellungen\***\Anwendungsdaten\Malwarebytes
2013-02-13 17:41 . 2013-02-13 17:41        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes
2013-02-13 17:40 . 2013-02-13 17:41        --------        d-----w-        c:\programme\Malwarebytes' Anti-Malware
2013-02-13 17:40 . 2012-12-14 15:49        21104        ----a-w-        c:\windows\system32\drivers\mbam.sys
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-27 07:25 . 2012-12-07 15:56        691568        ----a-w-        c:\windows\system32\FlashPlayerApp.exe
2013-02-27 07:25 . 2012-12-07 15:56        71024        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-24 13:57 . 2012-09-27 16:21        861088        ----a-w-        c:\windows\system32\npdeployJava1.dll
2013-02-24 13:57 . 2010-12-12 18:05        782240        ----a-w-        c:\windows\system32\deployJava1.dll
2013-02-14 14:12 . 2003-02-21 03:42        348160        ----a-w-        c:\windows\system32\msvcr71.dll
2013-02-14 14:12 . 2003-03-18 21:14        499712        ----a-w-        c:\windows\system32\msvcp71.dll
2013-01-26 03:55 . 2004-08-10 12:00        552448        ----a-w-        c:\windows\system32\oleaut32.dll
2013-01-07 07:24 . 2004-08-10 12:00        2195328        ----a-w-        c:\windows\system32\ntoskrnl.exe
2013-01-07 07:24 . 2004-08-04 00:50        2072064        ----a-w-        c:\windows\system32\ntkrnlpa.exe
2013-01-04 10:09 . 2004-08-10 12:00        1867392        ----a-w-        c:\windows\system32\win32k.sys
2013-01-02 06:49 . 2004-08-10 12:00        1297920        ----a-w-        c:\windows\system32\quartz.dll
2012-12-26 20:37 . 2004-08-10 12:00        832512        ----a-w-        c:\windows\system32\wininet.dll
2012-12-26 20:37 . 2004-08-10 12:00        1830912        ------w-        c:\windows\system32\inetcpl.cpl
2012-12-26 20:37 . 2004-08-10 12:00        78336        ----a-w-        c:\windows\system32\ieencode.dll
2012-12-26 20:37 . 2004-08-10 12:00        17408        ------w-        c:\windows\system32\corpol.dll
2012-12-16 12:23 . 2004-08-10 12:00        290560        ----a-w-        c:\windows\system32\atmfd.dll
2010-01-13 17:51 . 2010-01-13 17:51        28534656        ----a-w-        c:\programme\AdbeRdr930_de_DE.exe
2008-03-07 13:40 . 2008-05-27 17:34        5423104        ----a-w-        c:\programme\EURO08.exe
2008-01-28 09:54 . 2008-05-27 17:34        397312        ----a-r-        c:\programme\AutoRun.exe
2008-01-28 09:54 . 2008-05-27 17:34        380928        ----a-r-        c:\programme\EASetup.exe
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50        121528        ----a-w-        c:\programme\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-26 68856]
"KiesHelper"="c:\programme\Samsung\Kies\KiesHelper.exe" [2012-04-04 954256]
"WMPNSCFG"="c:\programme\Windows Media Player\WMPNSCFG.exe" [2006-11-03 204288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"SynTPEnh"="c:\programme\Synaptics\SynTP\SynTPEnh.exe" [2005-10-28 761945]
"AGRSMMSG"="AGRSMMSG.exe" [2004-07-22 88361]
"PestPatrolRegistration"="c:\programme\PestPatrol\Register.exe" [2005-08-22 180224]
"PPMemCheck"="c:\programme\PestPatrol\PPMemCheck.exe" [2004-04-02 148480]
"CookiePatrol"="c:\programme\PestPatrol\CookiePatrol.exe" [2005-01-10 73728]
"Microsoft Works Update Detection"="c:\programme\Microsoft Works\WkDetect.exe" [2000-07-21 28739]
"KiesTrayAgent"="c:\programme\Samsung\Kies\KiesTrayAgent.exe" [2012-04-04 3521424]
"avast"="c:\programme\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"TkBellExe"="c:\programme\real\realplayer\update\realsched.exe" [2013-02-14 295072]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\
Secunia PSI Tray.lnk - c:\programme\Secunia\PSI\psi_tray.exe [2012-9-24 573536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-12-03 07:35        946352        ----a-w-        c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-12-19 14:39        41208        ----a-w-        c:\programme\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
2012-04-04 05:05        954256        ----a-w-        c:\programme\Samsung\Kies\KiesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
2012-04-04 05:05        3521424        ----a-w-        c:\programme\Samsung\Kies\KiesTrayAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Portfolio]
2005-08-19 05:15        749568        ----a-w-        c:\programme\Microsoft Works\WksSb.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 08:50        155648        ----a-w-        c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFPrint]
2012-12-12 09:28        163000        ----a-w-        c:\programme\PDF24\pdf24.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-10-25 02:12        421888        ----a-w-        c:\programme\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WorksFUD]
2000-07-12 19:15        24576        ----a-w-        c:\programme\Microsoft Works\wkfud.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Programme\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\fxsclnt.exe"=
"c:\\Programme\\NetMeeting\\Conf.exe"=
"c:\\Programme\\Ahead\\Nero MediaHome\\NeroMediaHome.exe"=
"c:\\Programme\\InterVideo\\DVD7\\WinDVD.exe"=
"c:\\Programme\\InterVideo\\MediaOne Gallery\\mediaone.exe"=
"c:\\Programme\\MSN Messenger\\msnmsgr.exe"=
"c:\\Programme\\DSC Software\\DL10XP.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
.
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [13.02.2013 22:55 738504]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [13.02.2013 22:56 361032]
S1 wbsecdrv;wbsecdrv Protocol Driver;c:\windows\system32\drivers\wbsecdrv.sys [23.03.2006 15:36 17792]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [13.02.2013 22:56 21256]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [27.12.2010 17:20 233472]
S2 MBAMScheduler;MBAMScheduler;c:\programme\Malwarebytes' Anti-Malware\mbamscheduler.exe [13.02.2013 18:40 398184]
S2 MBAMService;MBAMService;c:\programme\Malwarebytes' Anti-Malware\mbamservice.exe [13.02.2013 18:40 682344]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\programme\RealNetworks\RealDownloader\rndlresolversvc.exe [29.11.2012 20:31 38608]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\programme\Secunia\PSI\PSIA.exe --start-service --> c:\programme\Secunia\PSI\PSIA.exe --start-service [?]
S2 Secunia Update Agent;Secunia Update Agent;c:\programme\Secunia\PSI\sua.exe --start-service --> c:\programme\Secunia\PSI\sua.exe --start-service [?]
S2 wbsecsvc;wbsecsvc;c:\windows\system32\wbsecsvc.exe [23.03.2006 15:36 245760]
S3 ActivHidSerMini;Promethean Serial Board Driver;c:\windows\system32\DRIVERS\activhidsermini.sys --> c:\windows\system32\DRIVERS\activhidsermini.sys [?]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [11.04.2012 08:27 20032]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [27.12.2010 17:20 36640]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [13.02.2013 18:40 21104]
S3 prmvmouse;Promethean HID Mouse Service;c:\windows\system32\DRIVERS\activmouse.sys --> c:\windows\system32\DRIVERS\activmouse.sys [?]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [16.12.2011 15:19 15544]
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);c:\windows\system32\drivers\sscebus.sys [11.04.2012 08:48 98560]
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;c:\windows\system32\drivers\sscemdfl.sys [11.04.2012 08:48 14848]
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;c:\windows\system32\drivers\sscemdm.sys [11.04.2012 08:48 123648]
S3 ssceserd;SAMSUNG Mobile Modem Diagnostic Serial Port V2 (WDM);c:\windows\system32\drivers\ssceserd.sys [11.04.2012 08:48 100352]
S3 ULI5261XP;ULi M526X Ethernet NT Driver;c:\windows\system32\DRIVERS\ULILAN51.SYS --> c:\windows\system32\DRIVERS\ULILAN51.SYS [?]
S3 W33ND;W89C33 mPCI 802.11 Wireless LAN Adapter Driver;c:\windows\system32\drivers\W33ND.SYS [23.03.2006 15:36 140064]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-13 22:00        1607120        ----a-w-        c:\programme\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-02-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-07 07:29]
.
2012-12-21 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programme\Apple Software Update\SoftwareUpdate.exe [2007-08-29 12:57]
.
2013-02-27 c:\windows\Tasks\avast! Emergency Update.job
- c:\programme\AVAST Software\Avast\AvastEmUpdate.exe [2013-02-13 22:50]
.
2013-02-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2010-02-25 16:16]
.
2013-02-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2010-02-25 16:16]
.
2013-02-27 c:\windows\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3231079407-1651759842-1146664477-1007.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2012-11-30 14:30]
.
2013-02-16 c:\windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3231079407-1651759842-1146664477-1007.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2012-11-30 14:30]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.yahoo.de/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mWindow Title = Microsoft Internet Explorer
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 80.69.100.214 192.168.0.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-PestPatrol Control Center - C-\Programme\PestPatrol\PPControl.exe
MSConfigStartUp-iTunesHelper - c:\programme\iTunes\iTunesHelper.exe
AddRemove-Microsoft Interactive Training - c:\windows\IsUn0407.exe
AddRemove-01_Simmental - c:\programme\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\programme\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\programme\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\programme\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\programme\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\programme\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\programme\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\programme\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\programme\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\programme\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-12_Symbian_USB_Download_Driver - c:\programme\SAMSUNG\USB Drivers\12_Symbian_USB_Download_Driver\Uninstall.exe
AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\programme\SAMSUNG\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe
AddRemove-16_Shrewsbury - c:\programme\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\programme\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\programme\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\programme\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\programme\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\programme\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\programme\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\programme\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\programme\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2013-02-27 17:25
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•6~*]
"7040211900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'winlogon.exe'(224)
c:\windows\system32\Ati2evxx.dll
.
Zeit der Fertigstellung: 2013-02-27  17:29:25
ComboFix-quarantined-files.txt  2013-02-27 16:29
.
Vor Suchlauf: 9 Verzeichnis(se), 30.564.311.040 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 35.521.802.240 Bytes frei
.
- - End Of File - - D3AE9FF6C49DE69254E01C24BB68C597
--- --- ---


Korrektur. Jetzt bin ich über Chrome reingekommen und ab dann ging es auch schon mal wieder etwas schneller.

markusg 27.02.2013 19:07
gibts ne Fehlermeldung? neustart versucht?
Ein Leitfaden und Tutorium zur Nutzung von ComboFix
evtl. netzwerk reparieren.

Tina67 27.02.2013 19:10
Nein. Wie gerade ergänzt. Jetzt bin ich reingekommen. Soll ich trotzdem mal einen Neustart machen?

markusg 27.02.2013 19:13
hi
hab ich nicht gesehen, da sich unsere Posts überschnitten haben, neustart ist nicht nötig.

lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

Tina67 27.02.2013 19:32
7-Zip 9.20 09.12.2012 benötigt
Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 27.02.2013 11.6.602.171benötigt
Adobe Flash Player 11 Plugin Adobe Systems Incorporated 27.02.2013 11.6.602.171
Adobe Reader 9.5.3 - Deutsch Adobe Systems Incorporated 13.02.2013 124,00MB 9.5.3benötigt
Adobe Shockwave Player 12.0 Adobe Systems, Inc. 14.02.2013 12.0.0.112benötigt
ALDI Online Druck Service (Sued) 08.08.2008 nicht benötigt
ALDI Sued Foto Manager (D) MAGIX AG 18.09.2008 2.0.2.654 nb
ALDI Sued Foto Service (D) MAGIX AG 08.08.2008 1.7.1.41 nb
Amazon MP3-Downloader 1.0.9 01.05.2010 brnötigt
Apple Mobile Device Support Apple Inc. 15.09.2007 33,53MB 1.1.1.1 nb
Apple Software Update Apple Inc. 15.09.2007 2,15MB 2.0.2.92 nb
Ashampoo Burning Studio 2012 v.10.0.15 Ashampoo GmbH & Co. KG 11.12.2012 10.0.15 nb
Athlon 64 Processor Driver 03.04.2006 1.1.0.14 unbekant
ATI - Dienstprogramm zur Deinstallation der Software 23.03.2006 6.14.10.1014
ATI Display Driver 07.05.2006 8.192-051101a1-030043C
ATI Systemsteuerung 19.07.2006 6.14.10.5171 unbekannt
avast! Free Antivirus AVAST Software 13.02.2013 7.0.1474.0 benötigt
CCleaner Piriform 23.01.2013 3.27 benötigt
Compatibility Pack für 2007 Office System Microsoft Corporation 27.02.2013 137,00MB 12.0.6612.1000 unbekannt
Creatix 2.0 AC'97 Modem unbek
dm Digi Foto Imaxel Lab S.L 18.09.2011 2.3.0.93 benötigt
DSC Software 19.07.2006 unbekannt
EasyGrade - Update 7.4.1 K&S GbR 07.06.2012 324,00MB 7.4.1 benötigt
EasyGrade v7.1.3 Krisch, Schäfer und Keimer GbR 19.01.2013 v7.1.3 benötigt
FoneSync 08.05.2006 unbekannt
Google Chrome Google Inc. 13.02.2013 25.0.1364.97 nb
Google Toolbar for Internet Explorer Google Inc. 25.02.2010 7.4.3607.2246 nb
InterVideo MediaOne Gallery 31.12.2006 nb
InterVideo WinDVD 7 InterVideo Inc. 05.04.2006 7.0-B27.184 nb
J2SE Runtime Environment 5.0 Update 6 Sun Microsystems, Inc. 23.03.2006 152,00MB 1.5.0.60 nb
Java 7 Update 15 Oracle 24.02.2013 130,00MB 7.0.150 unbekannt
Java(TM) 6 Update 41 Oracle 27.02.2013 97,94MB 6.0.410 unbekannt
Malwarebytes Anti-Malware Version 1.70.0.1100 Malwarebytes Corporation unbekannt13.02.2013 1.70.0.1100
MEDION Fotos auf CD Sued (D) MAGIX AG 08.08.2008 4.5.4.0 nb
Microsoft .NET Framework 1.0 Hotfix (KB2604042) Microsoft Corporation 18.05.2012
Microsoft .NET Framework 1.0 Hotfix (KB2656378) Microsoft Corporation 16.06.2012
Microsoft .NET Framework 1.0 Security Update (KB2698035) Microsoft Corporation 18.11.2012
Microsoft .NET Framework 1.0 Security Update (KB2742607) Microsoft Corporation 12.01.2013
Microsoft .NET Framework 1.1 12.01.2013
Microsoft .NET Framework 1.1 German Language Pack Microsoft 27.03.2006 3,00MB 1.1.4322
Microsoft .NET Framework 2.0 Language Pack - DEU Microsoft Corporation 23.03.2006
Microsoft .NET Framework 2.0 Service Pack 2 Microsoft Corporation 14.02.2013 185,00MB 2.2.30729
Microsoft .NET Framework 3.0 Service Pack 2 Microsoft Corporation 12.01.2013 253,00MB 3.2.30729
Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 12.01.2013
Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Corporation 05.09.2007 1
Microsoft Office Live Add-in 1.5 Microsoft Corporation 24.02.2013 0,49MB 2.0.4024.1 nb
Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Corporation 25.02.2013 80,57MB 12.0.6612.1000 benötigt
Microsoft Office Standard Edition 2003 Microsoft Corporation 25.02.2013 673,00MB 11.0.8173.0 benötigt
Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Corporation 05.09.2007 nb
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 08.01.2010 10,28MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 26.03.2010 10,19MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 15.02.2013 10,20MB 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 15.02.2013 14,97MB 10.0.40219 nb
Microsoft Windows-Journal-Viewer Microsoft 30.03.2006 3,47MB 1.5.2315.3 nb
Microsoft Word in Works Suite-Add-In Microsoft Corporation 08.05.2006 7,52MB 1.0.0.0000 nb
Microsoft Works Microsoft Corporation 15.02.2013 293,00MB 08.05.0822
Microsoft Works 2001-Setup-Start 08.05.2006
Microsoft Works 6.0 Microsoft Corporation 08.05.2006 85,04MB 06.00.0000 nb
Microsoft-Basissmartcard-Kryptografiedienstanbieterpaket Microsoft Corporation 12.06.2008 nb
MSN Messenger 7.5 Microsoft Corporation 06.04.2006 15,16MB 7.5.0306.0
MSXML 4.0 SP2 (KB927978) Microsoft Corporation 30.11.2006 2,56MB 4.20.9841.0
MSXML 4.0 SP2 (KB936181) Microsoft Corporation 27.08.2007 2,62MB 4.20.9848.0
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 19.11.2008 2,67MB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 08.01.2010 2,77MB 4.20.9876.0
MSXML 4.0 SP3 Parser Microsoft Corporation 14.02.2013 2,87MB 4.30.2100.0
MSXML 4.0 SP3 Parser (KB2721691) Microsoft Corporation 14.02.2013 2,99MB 4.30.2114.0
MSXML 4.0 SP3 Parser (KB2758694) Microsoft Corporation 15.02.2013 3,01MB 4.30.2117.0
MSXML 6 Service Pack 2 (KB973686) Microsoft Corporation 10.01.2010 1,40MB 6.20.2003.0 alle mxsml unbekannt
MyFreeCodec 27.02.2013 unbekannt
Nero Suite 03.04.2006 unbekannt
Office 2003 Trial Assistant Microsoft 06.04.2006 1,29MB 1.0.0 unbekannt
PDF24 Creator 5.2.0 PDF24.org 14.12.2012 benötigt
PestPatrol Registration Secure It 30.03.2006 1,28MB 2.0 unbekannt
PSD Viewer IdeaMK 16.01.2011 benötigt
QuickTime Apple Inc. 14.02.2013 73,17MB 7.73.80.64 unbekannt
RealPlayer RealNetworks 14.02.2013 16.0.0 unbekannt
Samsung Kies Samsung Electronics Co., Ltd. 11.04.2012 2.2.0.12014_18 benötigt
SAMSUNG USB Driver for Mobile Phones SAMSUNG Electronics Co., Ltd. 11.04.2012 1.5.4.0 unbekannt
Secunia PSI (3.0.0.4001) Secunia 15.02.2013 3.0.0.4001 unbekannt
Sicherheitsupdate für Windows Media Encoder (KB2447961) Microsoft Corporation 18.05.2012 unbekannt
Sicherheitsupdate für Windows Media Encoder (KB954156) Microsoft Corporation 17.09.2008 unbekannt
Sicherheitsupdate für Windows Media Encoder (KB979332) Microsoft Corporation 16.06.2010 unbekannt
SmartSound Quicktracks Plugin SmartSound Software Inc 05.04.2006 3.0.2.6 unbekannt
Synaptics Pointing Device Driver Synaptics 23.03.2006 8.2.1.0 unbekannt
videon muvee Technologies 05.04.2006 3.5 unbekannt
Viewpoint Media Player 06.06.2006 unbekannt
Winbond WLAN 23.03.2006 unbekannt
Windows Internet Explorer 7 Microsoft Corporation 06.09.2008 20070813.185237
Windows Media Encoder 9-Reihe 05.04.2006 unbekannt
Windows Media Format 11 runtime 05.09.2007 unbekannt
Windows Media Player 11 05.09.2007 benötigt
Windows XP Media Center Edition Screen Saver Screen Saver 05.09.2007 unbekannt
Windows XP Service Pack 3 Microsoft Corporation 17.05.2012 20080414.031514 nicht bekannt
WISO Mein Geld 2006 Professional Buhl Data Service GmbH 06.04.2006 170,00MB 7.00.01 nicht benötigt

markusg 27.02.2013 19:37
deinstaliere:
Adobe Flash Player alle
Adobe - Adobe Flash Player installieren
neueste version laden, instalieren.
adobe reader:
Adobe - Adobe Reader herunterladen - Alle Versionen
haken bei mcafee security scan raus nehmen

bitte auch mal den adobe reader wie folgt konfigurieren:
adobe reader öffnen, bearbeiten, voreinstellungen.
allgemein:
nur zertifizierte zusatz module verwenden, anhaken.
Sicherheit (erweitert)
Erweiterte Sicherheit anhaken
und alle Dateien auswählen.
internet:
hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc.
es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht.
bei javascript den haken bei java script verwenden raus nehmen
bei updater, automatisch instalieren wählen.
übernehmen /ok



deinstaliere:
ALDI : unnötige
Ashampoo
Google : beide
InterVideo : alle
J2SE
Java(TM)
MEDION
MyFreeCodec
Nero
PestPatrol
RealPlayer
Viewpoint

Öffne CCleaner, analysieren, starten, pc neustarten
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Tina67 28.02.2013 15:01
Fast alles erledigt. Die Aldi Programme lassen sich nicht löschen. Es kommt die Meldung, dass INSTALL.log nicht geöffnet werden könne.

Hier das Log AdwCleaner Log:AdwCleaner Logfile:
Code:
# AdwCleaner v2.113 - Datei am 28/02/2013 um 14:20:04 erstellt
# Aktualisiert am 23/02/2013 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : ***
# Bootmodus : Normal
# Ausgeführt unter : C:\Dokumente und Einstellungen\***\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v7.0.6000.17117

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v [Version kann nicht ermittelt werden]

Datei : C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\vquo6ri0.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Dokumente und Einstellungen\Peter\Anwendungsdaten\Mozilla\Firefox\Profiles\3h6epptp.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v25.0.1364.97

Datei : C:\Dokumente und Einstellungen\Tina\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

Datei : C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [2903 octets] - [28/02/2013 08:04:50]
AdwCleaner[S2].txt - [1349 octets] - [28/02/2013 14:20:04]

########## EOF - C:\AdwCleaner[S2].txt - [1409 octets] ##########
--- --- ---


Alle Zeitangaben in WEZ +1. Es ist jetzt 04:06 Uhr.
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19