| Claudia12 | 29.11.2011 19:14 |
Ich bin jetzt einen kleinen Schritt weiter. Ich konnte OTL.exe jetzt öffnen und die empfohlenen Schritte ausführen. Es gelang mir aber nicht, die benutzerdefinierten Scans zu kopieren. Deshalb habe ich alles gescannt. Möglicherweise habe ich jetzt wieder einiges falsch gemacht. Ich erwartete eigentlich, dass otl mir einen Trojaner meldet, den ich dann löschen kann. Der kam aber nicht.
Hier ist der Inhalt aus OTL.txt:OTL Logfile: Code:
OTL logfile created on: 29.11.2011 18:38:06 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = d:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1014,07 Mb Total Physical Memory | 574,67 Mb Available Physical Memory | 56,67% Memory free
2,90 Gb Paging File | 2,57 Gb Available in Paging File | 88,62% Paging File free
Paging file location(s): C:\pagefile.sys 2048 4096 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 19,07 Gb Total Space | 1,55 Gb Free Space | 8,15% Space Free | Partition Type: NTFS
Drive D: | 1,91 Gb Total Space | 1,89 Gb Free Space | 98,93% Space Free | Partition Type: FAT32
Computer Name: HUCH | User Name: Capitan | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (All) ==========
PRC - [2011.11.29 12:42:32 | 000,584,192 | ---- | M] (OldTimer Tools) -- d:\OTL.exe
PRC - [2009.02.09 12:21:35 | 000,111,104 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008.04.14 03:23:05 | 000,513,024 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008.04.14 03:23:02 | 000,014,336 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008.04.14 03:23:02 | 000,014,336 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008.04.14 03:23:02 | 000,014,336 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008.04.14 03:23:01 | 000,050,688 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008.04.14 03:22:51 | 000,013,312 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008.04.14 03:22:45 | 001,036,800 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.04.14 03:22:40 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008.04.14 03:22:38 | 000,401,920 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cmd.exe
PRC - [2006.10.12 09:44:48 | 000,385,113 | RH-- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\PRISMSVR.exe
========== Modules (All) ==========
MOD - [2011.11.29 12:42:32 | 000,584,192 | ---- | M] (OldTimer Tools) -- d:\OTL.exe
MOD - [2011.09.28 08:06:43 | 000,604,160 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll
MOD - [2011.09.26 11:41:20 | 000,220,160 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleacc.dll
MOD - [2011.08.31 21:55:37 | 000,280,232 | -H-- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avsda.dll
MOD - [2011.08.23 17:41:32 | 011,081,728 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ieframe.dll
MOD - [2011.08.23 00:41:33 | 000,916,480 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll
MOD - [2011.08.23 00:41:32 | 001,212,416 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll
MOD - [2011.08.23 00:41:31 | 002,000,384 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iertutil.dll
MOD - [2011.04.29 18:25:06 | 000,151,552 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schannel.dll
MOD - [2011.03.03 07:54:43 | 000,149,504 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll
MOD - [2011.01.21 15:44:10 | 008,503,296 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2010.12.22 13:34:16 | 000,301,568 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kerberos.dll
MOD - [2010.12.20 18:32:10 | 000,551,936 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2010.12.20 18:25:50 | 000,737,792 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsasrv.dll
MOD - [2010.12.09 16:15:07 | 000,743,936 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2010.11.09 15:51:40 | 000,249,856 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbc32.dll
MOD - [2010.08.23 17:11:49 | 000,617,472 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comctl32.dll
MOD - [2010.08.23 17:11:46 | 001,054,208 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010.08.16 09:44:05 | 000,590,848 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2010.07.16 13:05:01 | 001,288,192 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2009.12.24 07:59:41 | 000,177,664 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll
MOD - [2009.12.08 10:23:28 | 000,474,624 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009.09.11 15:17:01 | 000,136,192 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msv1_0.dll
MOD - [2009.09.04 22:03:28 | 000,058,880 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll
MOD - [2009.07.28 00:16:05 | 000,135,680 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shsvcs.dll
MOD - [2009.07.17 20:01:06 | 000,058,880 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\atl.dll
MOD - [2009.06.25 09:25:23 | 000,056,832 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009.06.25 09:25:23 | 000,054,272 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdigest.dll
MOD - [2009.03.21 15:06:58 | 001,063,424 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009.03.10 21:18:02 | 000,265,096 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WgaLogon.dll
MOD - [2009.02.09 12:21:35 | 000,111,104 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
MOD - [2009.02.09 11:51:45 | 000,401,408 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcss.dll
MOD - [2009.02.09 11:51:44 | 000,678,400 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2009.02.09 11:51:44 | 000,473,600 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\fastprox.dll
MOD - [2009.02.09 11:51:42 | 000,453,120 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvsd.dll
MOD - [2009.01.07 17:20:36 | 000,023,552 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\normaliz.dll
MOD - [2008.10.23 13:36:55 | 000,286,720 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008.10.15 17:35:02 | 000,337,408 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll
MOD - [2008.06.20 17:02:46 | 000,247,296 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mswsock.dll
MOD - [2008.04.14 06:52:26 | 000,989,696 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008.04.14 03:23:08 | 000,146,944 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008.04.14 03:23:05 | 000,513,024 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
MOD - [2008.04.14 03:23:02 | 000,014,336 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
MOD - [2008.04.14 03:23:01 | 000,050,688 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
MOD - [2008.04.14 03:22:51 | 000,013,312 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
MOD - [2008.04.14 03:22:45 | 001,036,800 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
MOD - [2008.04.14 03:22:38 | 000,401,920 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cmd.exe
MOD - [2008.04.14 03:22:32 | 000,531,456 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcore.dll
MOD - [2008.04.14 03:22:32 | 000,273,920 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemess.dll
MOD - [2008.04.14 03:22:32 | 000,214,528 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcomn.dll
MOD - [2008.04.14 03:22:32 | 000,178,176 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll
MOD - [2008.04.14 03:22:32 | 000,173,056 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2008.04.14 03:22:32 | 000,145,408 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmisvc.dll
MOD - [2008.04.14 03:22:32 | 000,100,352 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winscard.dll
MOD - [2008.04.14 03:22:32 | 000,099,840 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiutils.dll
MOD - [2008.04.14 03:22:32 | 000,093,696 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wlnotify.dll
MOD - [2008.04.14 03:22:32 | 000,082,432 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll
MOD - [2008.04.14 03:22:32 | 000,053,760 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2008.04.14 03:22:32 | 000,019,968 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll
MOD - [2008.04.14 03:22:32 | 000,019,456 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wshtcpip.dll
MOD - [2008.04.14 03:22:32 | 000,018,432 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2008.04.14 03:22:31 | 000,736,768 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008.04.14 03:22:31 | 000,580,096 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008.04.14 03:22:31 | 000,430,592 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\vssapi.dll
MOD - [2008.04.14 03:22:31 | 000,219,136 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008.04.14 03:22:31 | 000,177,152 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\w32time.dll
MOD - [2008.04.14 03:22:31 | 000,124,416 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umpnpmgr.dll
MOD - [2008.04.14 03:22:31 | 000,018,944 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008.04.14 03:22:30 | 000,389,632 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\themeui.dll
MOD - [2008.04.14 03:22:30 | 000,181,760 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapi32.dll
MOD - [2008.04.14 03:22:30 | 000,171,520 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srsvc.dll
MOD - [2008.04.14 03:22:30 | 000,067,584 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008.04.14 03:22:25 | 001,499,136 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll
MOD - [2008.04.14 03:22:25 | 000,065,024 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll
MOD - [2008.04.14 03:22:25 | 000,025,088 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shfolder.dll
MOD - [2008.04.14 03:22:24 | 000,142,336 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc_os.dll
MOD - [2008.04.14 03:22:24 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc.dll
MOD - [2008.04.14 03:22:23 | 000,429,568 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samsrv.dll
MOD - [2008.04.14 03:22:23 | 000,328,192 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scesrv.dll
MOD - [2008.04.14 03:22:23 | 000,237,056 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasapi32.dll
MOD - [2008.04.14 03:22:23 | 000,187,904 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll
MOD - [2008.04.14 03:22:23 | 000,178,176 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\repdrvfs.dll
MOD - [2008.04.14 03:22:23 | 000,084,992 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008.04.14 03:22:23 | 000,064,000 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2008.04.14 03:22:23 | 000,061,440 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasman.dll
MOD - [2008.04.14 03:22:23 | 000,049,664 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\regapi.dll
MOD - [2008.04.14 03:22:23 | 000,044,032 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rtutils.dll
MOD - [2008.04.14 03:22:23 | 000,038,400 | -H-- | M] (Microsoft Corporation) -- c:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
MOD - [2008.04.14 03:22:23 | 000,035,328 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfproc.dll
MOD - [2008.04.14 03:22:23 | 000,027,648 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\profmap.dll
MOD - [2008.04.14 03:22:23 | 000,023,040 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008.04.14 03:22:23 | 000,017,408 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\powrprof.dll
MOD - [2008.04.14 03:22:20 | 000,245,760 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll
MOD - [2008.04.14 03:22:20 | 000,119,296 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2008.04.14 03:22:20 | 000,081,920 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll
MOD - [2008.04.14 03:22:20 | 000,067,072 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdsapi.dll
MOD - [2008.04.14 03:22:20 | 000,044,032 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll
MOD - [2008.04.14 03:22:19 | 000,407,040 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netlogon.dll
MOD - [2008.04.14 03:22:19 | 000,047,104 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\ncprov.dll
MOD - [2008.04.14 03:22:19 | 000,036,352 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ncobjapi.dll
MOD - [2008.04.14 03:22:19 | 000,018,432 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\nddeapi.dll
MOD - [2008.04.14 03:22:19 | 000,011,776 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll
MOD - [2008.04.14 03:22:18 | 000,413,696 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2008.04.14 03:22:18 | 000,343,040 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008.04.14 03:22:18 | 000,196,096 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msutb.dll
MOD - [2008.04.14 03:22:17 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimg32.dll
MOD - [2008.04.14 03:22:16 | 001,005,568 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msgina.dll
MOD - [2008.04.14 03:22:16 | 000,297,984 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll
MOD - [2008.04.14 03:22:15 | 000,072,192 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll
MOD - [2008.04.14 03:22:15 | 000,059,904 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll
MOD - [2008.04.14 03:22:12 | 000,144,384 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll
MOD - [2008.04.14 03:22:12 | 000,110,080 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008.04.14 03:22:12 | 000,095,744 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll
MOD - [2008.04.14 03:22:11 | 000,348,672 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hnetcfg.dll
MOD - [2008.04.14 03:22:10 | 001,094,144 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\esent.dll
MOD - [2008.04.14 03:22:10 | 000,247,808 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\esscli.dll
MOD - [2008.04.14 03:22:10 | 000,185,344 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008.04.14 03:22:10 | 000,056,320 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll
MOD - [2008.04.14 03:22:09 | 000,024,064 | -H-- | M] (Microsoft Corp.) -- C:\WINDOWS\system32\dmserver.dll
MOD - [2008.04.14 03:22:09 | 000,019,456 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dimsntfy.dll
MOD - [2008.04.14 03:22:09 | 000,014,336 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll
MOD - [2008.04.14 03:22:08 | 000,846,848 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008.04.14 03:22:08 | 000,530,944 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll
MOD - [2008.04.14 03:22:08 | 000,334,848 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscui.dll
MOD - [2008.04.14 03:22:08 | 000,281,600 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008.04.14 03:22:08 | 000,102,912 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscdll.dll
MOD - [2008.04.14 03:22:08 | 000,062,464 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptsvc.dll
MOD - [2008.04.14 03:22:08 | 000,033,280 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptdll.dll
MOD - [2008.04.14 03:22:08 | 000,025,600 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll
MOD - [2008.04.14 03:22:07 | 001,025,024 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browseui.dll
MOD - [2008.04.14 03:22:07 | 000,498,688 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008.04.14 03:22:07 | 000,198,144 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\certcli.dll
MOD - [2008.04.14 03:22:07 | 000,125,952 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2008.04.14 03:22:07 | 000,062,464 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\authz.dll
MOD - [2008.04.14 03:22:06 | 001,852,928 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\acgenral.dll
MOD - [2008.04.14 03:22:06 | 000,039,424 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\acadproc.dll
MOD - [2008.04.14 03:21:06 | 000,110,592 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008.04.14 03:20:58 | 000,177,152 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime
MOD - [2008.04.14 03:20:17 | 000,016,896 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cfgmgr32.dll
MOD - [2008.04.13 19:36:47 | 002,981,888 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll
MOD - [2008.04.13 18:37:57 | 000,208,384 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll
MOD - [2008.04.13 17:23:31 | 000,048,128 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msprivs.dll
MOD - [2007.03.28 13:51:52 | 000,102,400 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcint.dll
MOD - [2006.10.26 12:22:02 | 001,396,827 | RH-- | M] (Meetinghouse Data Communications) -- C:\WINDOWS\system32\PRISME5.dll
MOD - [2006.10.12 09:44:48 | 000,385,113 | RH-- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\PRISMSVR.exe
MOD - [2006.10.12 09:42:40 | 000,450,649 | RH-- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\PRISMAPI.dll
MOD - [2005.03.11 11:05:56 | 000,360,448 | -H-- | M] (Infineon Technologies AG) -- C:\WINDOWS\system32\IfxWlxEN.dll
MOD - [2005.03.11 10:43:42 | 000,045,056 | -H-- | M] (Broadcom ) -- C:\Programme\Broadcom\Security Platform Software\PSDNtfy.dll
========== Win32 Services (All) ==========
SRV - [2011.07.11 18:28:55 | 000,428,200 | -H-- | M] (Avira GmbH) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2011.07.11 18:28:54 | 000,269,480 | -H-- | M] (Avira GmbH) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.04.30 22:52:32 | 000,136,360 | -H-- | M] (Avira GmbH) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.04.06 21:00:57 | 000,153,376 | -H-- | M] (Sun Microsystems, Inc.) [Auto | Stopped] -- C:\Programme\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2010.08.27 06:57:36 | 000,099,840 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\srvsvc.dll -- (lanmanserver)
SRV - [2010.08.17 14:17:06 | 000,058,880 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2009.07.28 00:16:05 | 000,135,680 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2009.07.28 00:16:05 | 000,135,680 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2009.07.28 00:16:05 | 000,135,680 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2009.06.10 07:14:21 | 000,132,096 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)
SRV - [2009.04.20 18:17:26 | 000,045,568 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2009.02.09 12:21:35 | 000,111,104 | -H-- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2009.02.09 12:21:35 | 000,111,104 | -H-- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2009.02.09 11:51:45 | 000,401,408 | -H-- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs) Remoteprozeduraufruf (RPC)
SRV - [2009.02.09 11:51:45 | 000,401,408 | -H-- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (DcomLaunch)
SRV - [2009.02.09 11:51:44 | 000,678,400 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi)
SRV - [2008.07.07 21:26:58 | 000,253,952 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\es.dll -- (EventSystem)
SRV - [2008.06.20 17:02:46 | 000,247,296 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mswsock.dll -- (Nla) NLA (Network Location Awareness)
SRV - [2008.04.14 03:23:06 | 000,126,464 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\wbem\wmiapsrv.exe -- (WmiApSrv)
SRV - [2008.04.14 03:23:04 | 000,292,864 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2008.04.14 03:23:03 | 000,075,264 | -H-- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\tlntsvr.exe -- (TlntSvr)
SRV - [2008.04.14 03:23:03 | 000,018,432 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ups.exe -- (UPS)
SRV - [2008.04.14 03:23:01 | 000,094,208 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog)
SRV - [2008.04.14 03:23:00 | 000,143,360 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\sessmgr.exe -- (RDSessMgr)
SRV - [2008.04.14 03:22:59 | 000,099,840 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\scardsvr.exe -- (SCardSvr)
SRV - [2008.04.14 03:22:55 | 000,114,176 | -H-- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)
SRV - [2008.04.14 03:22:55 | 000,114,176 | -H-- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE)
SRV - [2008.04.14 03:22:53 | 000,078,848 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2008.04.14 03:22:53 | 000,006,144 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\msdtc.exe -- (MSDTC)
SRV - [2008.04.14 03:22:52 | 000,032,768 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mnmsrvc.exe -- (mnmsrvc)
SRV - [2008.04.14 03:22:51 | 000,013,312 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2008.04.14 03:22:51 | 000,013,312 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2008.04.14 03:22:51 | 000,013,312 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)
SRV - [2008.04.14 03:22:51 | 000,013,312 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (NtLmSsp)
SRV - [2008.04.14 03:22:51 | 000,013,312 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008.04.14 03:22:50 | 000,075,264 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\locator.exe -- (RpcLocator)
SRV - [2008.04.14 03:22:48 | 000,150,528 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2008.04.14 03:22:42 | 000,225,280 | -H-- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2008.04.14 03:22:42 | 000,005,120 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2008.04.14 03:22:42 | 000,005,120 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (COMSysApp)
SRV - [2008.04.14 03:22:38 | 000,033,280 | -H-- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv)
SRV - [2008.04.14 03:22:38 | 000,005,632 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\cisvc.exe -- (CiSvc)
SRV - [2008.04.14 03:22:34 | 000,044,544 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2008.04.14 03:22:33 | 000,483,840 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2008.04.14 03:22:33 | 000,129,024 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\xmlprov.dll -- (xmlprov)
SRV - [2008.04.14 03:22:33 | 000,006,656 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008.04.14 03:22:32 | 000,334,336 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc) Windows-Bilderfassung (WIA)
SRV - [2008.04.14 03:22:32 | 000,145,408 | -H-- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2008.04.14 03:22:32 | 000,068,096 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\webclnt.dll -- (WebClient)
SRV - [2008.04.14 03:22:31 | 000,186,880 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\upnphost.dll -- (upnphost)
SRV - [2008.04.14 03:22:31 | 000,177,152 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\w32time.dll -- (W32Time)
SRV - [2008.04.14 03:22:31 | 000,015,872 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - [2008.04.14 03:22:30 | 000,297,472 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2008.04.14 03:22:30 | 000,249,856 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2008.04.14 03:22:30 | 000,171,520 | -H-- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008.04.14 03:22:30 | 000,090,112 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks) Überwachung verteilter Verknüpfungen (Client)
SRV - [2008.04.14 03:22:30 | 000,071,680 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ssdpsrv.dll -- (SSDPSRV)
SRV - [2008.04.14 03:22:24 | 000,039,424 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\sens.dll -- (SENS)
SRV - [2008.04.14 03:22:24 | 000,018,944 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008.04.14 03:22:23 | 000,409,088 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2008.04.14 03:22:23 | 000,294,400 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\qagentrt.dll -- (napagent) NAP-Agent (Network Access Protection)
SRV - [2008.04.14 03:22:23 | 000,193,536 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2008.04.14 03:22:23 | 000,186,368 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2008.04.14 03:22:23 | 000,088,576 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2008.04.14 03:22:23 | 000,059,904 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\regsvc.dll -- (RemoteRegistry)
SRV - [2008.04.14 03:22:23 | 000,038,400 | -H-- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)
SRV - [2008.04.14 03:22:20 | 000,438,272 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2008.04.14 03:22:19 | 000,198,144 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2008.04.14 03:22:18 | 000,052,736 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mspmsnsv.dll -- (WmdmPmSN)
SRV - [2008.04.14 03:22:16 | 000,033,792 | -H-- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger)
SRV - [2008.04.14 03:22:15 | 000,053,248 | -H-- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess)
SRV - [2008.04.14 03:22:13 | 000,061,440 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\kmsvc.dll -- (hkmsvc)
SRV - [2008.04.14 03:22:13 | 000,013,824 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2008.04.14 03:22:12 | 000,334,336 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess)
SRV - [2008.04.14 03:22:11 | 000,021,504 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\hidserv.dll -- (HidServ)
SRV - [2008.04.14 03:22:10 | 000,023,040 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc)
SRV - [2008.04.14 03:22:09 | 000,133,120 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc) Automatische Konfiguration (verkabelt)
SRV - [2008.04.14 03:22:09 | 000,033,792 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost)
SRV - [2008.04.14 03:22:09 | 000,024,064 | -H-- | M] (Microsoft Corp.) [Auto | Running] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2008.04.14 03:22:08 | 000,127,488 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2008.04.14 03:22:08 | 000,062,464 | -H-- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008.04.14 03:22:07 | 000,175,616 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\appmgmts.dll -- (AppMgmt)
SRV - [2008.04.14 03:22:07 | 000,077,824 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2008.04.14 03:22:07 | 000,042,496 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2008.04.14 03:22:07 | 000,017,408 | -H-- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
SRV - [2006.10.12 09:45:58 | 000,061,529 | RH-- | M] (Conexant Systems, Inc.) [Auto | Stopped] -- C:\WINDOWS\system32\PRISMSVC.exe -- (PRISMSVC)
SRV - [2005.03.11 11:19:06 | 000,200,704 | -H-- | M] (Infineon Technologies AG) [Auto | Stopped] -- C:\WINDOWS\system32\IFXSPMGT.exe -- (IFXSpMgtSrv)
SRV - [2005.03.11 11:04:42 | 000,503,808 | -H-- | M] (Infineon Technologies AG) [Auto | Stopped] -- C:\WINDOWS\system32\IFXTCS.exe -- (IFXTCS)
SRV - [2005.03.11 10:43:50 | 000,102,400 | -H-- | M] (Broadcom ) [Auto | Stopped] -- C:\Programme\Broadcom\Security Platform Software\PSDsrvc.EXE -- (PersonalSecureDriveService)
SRV - [2003.07.28 12:28:22 | 000,089,136 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2001.08.18 19:00:00 | 000,132,608 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rsvp.exe -- (RSVP)
========== Driver Services (All) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ViaIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ultra)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (TosIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (symc8xx)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (symc810)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (sym_u3)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (sym_hi)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Sparrow)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Simbad)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1280)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1240)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql12160)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Ql10wnt)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1080)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (perc2hib)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (perc2)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (mraid35x)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ini910u)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (i2omp)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (hpn)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (dpti2o)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (dac960nt)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Cpqarray)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (CmdIde)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (cd20xrnt)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (bvrp_pci)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Atdisk)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc3550)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc3350p)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (amsint)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (AliIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (aic78xx)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (aic78u2)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Aha154x)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (adpu160m)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (abp480n5)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Abiosdsk)
DRV - [2011.08.17 14:49:54 | 000,138,496 | -H-- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD)
DRV - [2011.07.15 14:29:31 | 000,456,320 | -H-- | M] (Microsoft Corporation) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb)
DRV - [2011.07.11 18:28:58 | 000,138,192 | -H-- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.07.11 18:28:58 | 000,066,616 | -H-- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.07.08 15:02:00 | 000,010,496 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2011.06.24 15:10:47 | 000,139,656 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2011.04.21 14:37:43 | 000,105,472 | -H-- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup)
DRV - [2011.02.17 14:18:03 | 000,357,888 | -H-- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv)
DRV - [2010.11.02 16:17:02 | 000,040,960 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2010.06.17 13:27:02 | 000,028,520 | -H-- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.06.17 13:26:52 | 000,011,608 | -H-- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009.10.20 17:20:16 | 000,265,728 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP)
DRV - [2009.06.24 12:18:41 | 000,092,928 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2008.06.20 12:51:12 | 000,361,600 | -H-- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip)
DRV - [2008.04.14 03:23:26 | 000,040,840 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD)
DRV - [2008.04.14 03:23:26 | 000,021,896 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2008.04.14 03:23:26 | 000,012,040 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2008.04.14 03:02:33 | 000,073,472 | -H-- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sr.sys -- (sr)
DRV - [2008.04.14 03:02:16 | 000,120,576 | -H-- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2008.04.14 03:02:13 | 000,068,224 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\pci.sys -- (PCI)
DRV - [2008.04.14 03:02:10 | 000,080,384 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\parport.sys -- (Parport)
DRV - [2008.04.14 02:58:37 | 000,014,720 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid)
DRV - [2008.04.14 02:58:36 | 000,025,216 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass)
DRV - [2008.04.14 02:58:18 | 000,154,112 | -H-- | M] (Microsoft Corp., Veritas Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\dmio.sys -- (dmio)
DRV - [2008.04.14 02:58:13 | 000,800,384 | -H-- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008.04.14 02:58:03 | 000,037,632 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\isapnp.sys -- (isapnp)
DRV - [2008.04.14 02:57:20 | 000,040,448 | -H-- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\intelppm.sys -- (intelppm)
DRV - [2008.04.14 02:57:19 | 000,005,504 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\intelide.sys -- (IntelIde)
DRV - [2008.04.14 02:55:34 | 000,052,992 | -H-- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008.04.14 02:54:59 | 000,065,536 | -H-- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\serial.sys -- (Serial)
DRV - [2008.04.14 02:52:51 | 000,057,728 | -H-- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook)
DRV - [2008.04.14 02:52:51 | 000,044,672 | -H-- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\fips.sys -- (Fips)
DRV - [2008.04.14 02:52:02 | 000,053,760 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2008.04.14 02:49:36 | 000,023,552 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass)
DRV - [2008.04.14 02:49:32 | 000,030,336 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem)
DRV - [2008.04.14 02:49:03 | 000,188,800 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ACPI.sys -- (ACPI)
DRV - [2008.04.13 20:28:39 | 000,175,744 | -H-- | M] (Microsoft Corporation) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss)
DRV - [2008.04.13 20:21:00 | 000,162,816 | -H-- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT)
DRV - [2008.04.13 20:20:42 | 000,091,520 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2008.04.13 20:20:37 | 000,182,656 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS)
DRV - [2008.04.13 20:19:48 | 000,048,384 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport) WAN-Miniport (PPTP)
DRV - [2008.04.13 20:19:43 | 000,051,328 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp) WAN-Miniport (L2TP)
DRV - [2008.04.13 20:19:42 | 000,075,264 | -H-- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec)
DRV - [2008.04.13 20:17:18 | 000,083,072 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud)
DRV - [2008.04.13 20:15:55 | 000,060,800 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio)
DRV - [2008.04.13 20:15:53 | 000,574,976 | -H-- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2008.04.13 20:14:29 | 000,143,744 | -H-- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)
DRV - [2008.04.13 20:14:21 | 000,063,744 | -H-- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs)
DRV - [2008.04.13 19:57:32 | 000,041,472 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2008.04.13 19:57:27 | 000,014,336 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2008.04.13 19:57:21 | 000,034,560 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp)
DRV - [2008.04.13 19:57:15 | 000,152,832 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat)
DRV - [2008.04.13 19:57:07 | 000,020,864 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp)
DRV - [2008.04.13 19:56:38 | 000,069,120 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched)
DRV - [2008.04.13 19:56:32 | 000,035,072 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc)
DRV - [2008.04.13 19:56:02 | 000,034,688 | -H-- | M] (Microsoft Corporation) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS)
DRV - [2008.04.13 19:55:58 | 000,014,592 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2008.04.13 19:54:28 | 000,011,264 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM)
DRV - [2008.04.13 19:53:34 | 000,036,608 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (Ip6Fw)
DRV - [2008.04.13 19:51:25 | 000,059,904 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc)
DRV - [2008.04.13 19:45:39 | 000,032,128 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2008.04.13 19:45:38 | 000,026,368 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbstor.sys -- (USBSTOR)
DRV - [2008.04.13 19:45:37 | 000,059,520 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub)
DRV - [2008.04.13 19:45:35 | 000,030,208 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci)
DRV - [2008.04.13 19:45:35 | 000,020,608 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbuhci.sys -- (usbuhci)
DRV - [2008.04.13 19:45:34 | 000,015,104 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbscan.sys -- (usbscan)
DRV - [2008.04.13 19:45:27 | 000,010,368 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hidusb.sys -- (hidusb)
DRV - [2008.04.13 19:45:13 | 000,002,944 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2008.04.13 19:45:09 | 000,172,416 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer)
DRV - [2008.04.13 19:45:09 | 000,056,576 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi)
DRV - [2008.04.13 19:45:07 | 000,006,272 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter)
DRV - [2008.04.13 19:45:01 | 000,052,864 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dmusic.sys -- (DMusic)
DRV - [2008.04.13 19:44:40 | 000,020,992 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave)
DRV - [2008.04.13 19:40:58 | 000,042,112 | -H-- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi)
DRV - [2008.04.13 19:40:49 | 000,019,712 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\partmgr.sys -- (PartMgr)
DRV - [2008.04.13 19:40:48 | 000,011,392 | -H-- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\sfloppy.sys -- (Sfloppy)
DRV - [2008.04.13 19:40:47 | 000,036,352 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\disk.sys -- (Disk)
DRV - [2008.04.13 19:40:46 | 000,062,976 | -H-- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom)
DRV - [2008.04.13 19:40:30 | 000,096,512 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\atapi.sys -- (atapi)
DRV - [2008.04.13 19:40:25 | 000,027,392 | -H-- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\fdc.sys -- (Fdc)
DRV - [2008.04.13 19:40:25 | 000,020,480 | -H-- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\flpydisk.sys -- (Flpydisk)
DRV - [2008.04.13 19:40:12 | 000,015,744 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\serenum.sys -- (serenum)
DRV - [2008.04.13 19:39:53 | 000,004,352 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum)
DRV - [2008.04.13 19:39:52 | 000,007,552 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2008.04.13 19:39:51 | 000,004,992 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mspqm.sys -- (MSPQM)
DRV - [2008.04.13 19:39:50 | 000,005,376 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2008.04.13 19:39:46 | 000,384,768 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\update.sys -- (Update)
DRV - [2008.04.13 19:39:46 | 000,042,368 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2008.04.13 19:36:46 | 000,015,488 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2008.04.13 19:32:59 | 000,129,792 | -H-- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\fltmgr.sys -- (FltMgr)
DRV - [2008.04.13 19:32:51 | 000,196,224 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2008.04.13 19:32:44 | 000,180,608 | -H-- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2008.04.13 19:32:39 | 000,030,848 | -H-- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\npfs.sys -- (Npfs)
DRV - [2008.04.13 19:32:39 | 000,019,072 | -H-- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\msfs.sys -- (Msfs)
DRV - [2008.04.13 19:32:36 | 000,066,048 | -H-- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2008.04.13 17:39:23 | 000,142,592 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec)
DRV - [2008.04.13 17:39:15 | 000,020,480 | -H-- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007.08.07 20:48:33 | 000,025,160 | -H-- | M] (Elaborate Bytes AG) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2007.02.16 01:57:04 | 000,034,760 | -H-- | M] (SlySoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2006.10.26 12:22:00 | 000,020,747 | RH-- | M] (Meetinghouse Data Communications) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\AegisP.sys -- (AegisP) AEGIS Protocol (IEEE 802.1x)
DRV - [2006.05.10 15:00:16 | 000,156,160 | -H-- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2006.03.23 20:47:06 | 001,166,972 | -H-- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ialmnt5.sys -- (ialm)
DRV - [2005.03.22 11:08:40 | 000,260,224 | -H-- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm)
DRV - [2005.03.11 15:51:56 | 000,005,120 | RH-- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Dell\Drivers\R105090\atidgllk.sys -- (atidgllk)
DRV - [2005.03.11 10:43:40 | 000,029,283 | -H-- | M] (Broadcom ) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\psd.sys -- (PersonalSecureDrive)
DRV - [2004.09.17 09:02:54 | 000,732,928 | -H-- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2001.08.18 19:00:00 | 000,126,336 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ftdisk.sys -- (Ftdisk)
DRV - [2001.08.18 19:00:00 | 000,032,896 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2001.08.18 19:00:00 | 000,032,512 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd)
DRV - [2001.08.18 19:00:00 | 000,018,688 | -H-- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\cdaudio.sys -- (Cdaudio)
DRV - [2001.08.18 19:00:00 | 000,017,792 | -H-- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2001.08.18 19:00:00 | 000,016,512 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti) Parallelanschluss (direkt)
DRV - [2001.08.18 19:00:00 | 000,013,952 | -H-- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2001.08.18 19:00:00 | 000,012,416 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt)
DRV - [2001.08.18 19:00:00 | 000,012,288 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid)
DRV - [2001.08.18 19:00:00 | 000,012,160 | -H-- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2001.08.18 19:00:00 | 000,012,032 | -H-- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ws2ifsl.sys -- (WS2IFSL)
DRV - [2001.08.18 19:00:00 | 000,008,832 | -H-- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd)
DRV - [2001.08.18 19:00:00 | 000,007,040 | -H-- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2001.08.18 19:00:00 | 000,005,888 | -H-- | M] (Microsoft Corp., Veritas Software.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\dmload.sys -- (dmload)
DRV - [2001.08.18 19:00:00 | 000,004,224 | -H-- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD)
DRV - [2001.08.18 19:00:00 | 000,004,224 | -H-- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\mnmdd.sys -- (mnmdd)
DRV - [2001.08.18 19:00:00 | 000,004,224 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\beep.sys -- (Beep)
DRV - [2001.08.18 19:00:00 | 000,003,328 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\pciide.sys -- (PCIIde)
DRV - [2001.08.18 19:00:00 | 000,002,944 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\null.sys -- (Null)
DRV - [2001.08.17 13:59:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Bing
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = WinFuture.de - Die ganze Welt der IT
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "www.web.de"
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Programme\Java\jre6\lib\deploy\jqs\ff [2011.04.06 21:00:58 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.11.12 20:07:27 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins
[2011.04.03 22:20:58 | 000,000,000 | -H-D | M] (No name found) -- C:\Dokumente und Einstellungen\Capitan\Anwendungsdaten\Mozilla\Extensions
[2011.07.12 16:25:36 | 000,000,000 | -H-D | M] (No name found) -- C:\Dokumente und Einstellungen\Capitan\Anwendungsdaten\Mozilla\Firefox\Profiles\pirv9fwt.default\extensions
[2011.11.25 22:23:19 | 000,000,000 | -H-D | M] ("Ask Toolbar") -- C:\Dokumente und Einstellungen\Capitan\Anwendungsdaten\Mozilla\Firefox\Profiles\pirv9fwt.default\extensions\toolbar@ask.com
[2011.11.12 20:07:36 | 000,000,000 | -H-D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.11.12 20:07:26 | 000,000,000 | -H-D | M] (Default) -- C:\Programme\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011.11.12 20:07:26 | 000,134,104 | -H-- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2010.01.01 09:00:00 | 000,001,392 | -H-- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 09:00:00 | 000,002,252 | -H-- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2010.01.01 09:00:00 | 000,001,153 | -H-- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 09:00:00 | 000,002,364 | -H-- | M] () -- C:\Programme\mozilla firefox\searchplugins\google.xml
[2010.01.01 09:00:00 | 000,006,805 | -H-- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 09:00:00 | 000,001,178 | -H-- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 09:00:00 | 000,001,105 | -H-- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2011.02.03 23:01:14 | 000,000,867 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresse) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Adresse) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Programme\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnUpdater] C:\Programme\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName})
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CloneCDTray] C:\Programme\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [IfxSecurePlatformIndication] C:\Programme\Broadcom\Security Platform Software\SpTNA.exe (Infineon Technologies AG)
O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [PSDruntime] C:\Programme\Broadcom\Security Platform Software\PSDrt.exe (Broadcom )
O4 - HKLM..\Run: [SoundMAXPnP] C:\Programme\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [UIUCU] C:\DOKUME~1\Capitan\LOKALE~1\Temp\UIUCU.EXE -CLEAN_UP -S File not found
O4 - HKLM..\Run: [yEfRqQhDUGAmlI.exe] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\yEfRqQhDUGAmlI.exe ()
O4 - HKCU..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) -C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) -C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") -C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\IfxWlxEN: DllName - (IfxWlxEN.dll) - C:\WINDOWS\System32\IfxWlxEN.dll (Infineon Technologies AG)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\PRISMAPI.DLL: DllName - (PRISMAPI.DLL) - C:\WINDOWS\System32\PRISMAPI.dll (Conexant Systems, Inc.)
O20 - Winlogon\Notify\PSDNtfy: DllName - (C:\Programme\Broadcom\Security Platform Software\PSDNtfy.dll) - C:\Programme\Broadcom\Security Platform Software\PSDNtfy.dll (Broadcom )
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) -C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) -C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) -C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) -C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) -C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) -C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) -C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) -C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) -C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O31 - SafeBoot: UseAlternatShell - 1
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.02.03 22:46:25 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{ef498bc2-2fdc-11e0-948b-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{ef498bc2-2fdc-11e0-948b-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ef498bc2-2fdc-11e0-948b-806d6172696f}\Shell\AutoRun\command - "" = D:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.11.29 11:48:22 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Capitan\Recent
[2011.11.28 21:07:45 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Capitan\Startmenü\Programme\System Fix
[2011.11.28 21:00:21 | 000,000,000 | -HSD | C] -- C:\WINDOWS\assembly
[2011.11.05 22:31:32 | 000,000,000 | -H-D | C] -- C:\WINDOWS\Minidump
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.11.29 18:34:27 | 000,002,206 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.11.29 18:34:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.11.29 11:49:10 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{42ABEACC-986B-467E-BE64-2F24BE40D72B}.job
[2011.11.28 21:09:28 | 000,000,448 | -H-- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\2gyPbuZdM1FK0J
[2011.11.28 21:09:10 | 000,000,320 | -H-- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~2gyPbuZdM1FK0J
[2011.11.28 21:09:09 | 000,000,224 | -H-- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~2gyPbuZdM1FK0Jr
[2011.11.28 21:07:45 | 000,000,841 | -H-- | M] () -- C:\Dokumente und Einstellungen\Capitan\Desktop\System Fix.lnk
[2011.11.28 21:07:32 | 000,351,488 | -H-- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\2gyPbuZdM1FK0J.exe
[2011.11.28 21:01:01 | 000,000,230 | -H-- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011.11.28 21:00:03 | 000,445,184 | -HS- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\yEfRqQhDUGAmlI.exe
[2011.11.28 17:17:12 | 000,000,091 | -H-- | M] () -- C:\WINDOWS\CIV.INI
[2011.11.22 22:05:04 | 000,002,509 | -H-- | M] () -- C:\Dokumente und Einstellungen\Capitan\Desktop\Microsoft Office Word 2003.lnk
[2011.11.09 22:22:01 | 000,001,374 | -H-- | M] () -- C:\WINDOWS\imsins.BAK
[2011.11.06 18:49:11 | 000,205,712 | -H-- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.11.05 22:59:05 | 000,316,594 | -H-- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2011.11.05 22:59:05 | 000,311,604 | -H-- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.11.05 22:59:05 | 000,048,156 | -H-- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2011.11.05 22:59:05 | 000,039,992 | -H-- | M] () -- C:\WINDOWS\System32\perfc009.dat
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.11.28 21:09:09 | 000,000,320 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~2gyPbuZdM1FK0J
[2011.11.28 21:09:09 | 000,000,224 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~2gyPbuZdM1FK0Jr
[2011.11.28 21:07:45 | 000,000,841 | -H-- | C] () -- C:\Dokumente und Einstellungen\Capitan\Desktop\System Fix.lnk
[2011.11.28 21:07:38 | 000,000,448 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\2gyPbuZdM1FK0J
[2011.11.28 21:07:32 | 000,351,488 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\2gyPbuZdM1FK0J.exe
[2011.11.28 21:03:08 | 000,445,184 | -HS- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\yEfRqQhDUGAmlI.exe
[2011.08.15 17:17:40 | 000,093,696 | -H-- | C] () -- C:\WINDOWS\System32\hpgt42.dll
[2011.05.11 20:38:13 | 000,000,091 | -H-- | C] () -- C:\WINDOWS\CIV.INI
[2011.04.06 19:48:23 | 000,000,014 | -H-- | C] () -- C:\WINDOWS\popcinfo.dat
[2011.04.03 22:20:52 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\nsreg.dat
[2011.02.04 00:47:35 | 000,034,308 | -H-- | C] () -- C:\WINDOWS\System32\Chip.dll
[2011.02.04 00:39:16 | 000,116,224 | -H-- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2011.02.04 00:39:16 | 000,045,056 | -H-- | C] () -- C:\WINDOWS\System32\unredmon.exe
[2011.02.04 00:35:40 | 000,000,400 | -H-- | C] () -- C:\WINDOWS\ODBC.INI
[2011.02.04 00:12:20 | 000,049,152 | RH-- | C] () -- C:\WINDOWS\System32\StopSrvr.exe
[2011.02.03 22:48:47 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.02.03 22:43:11 | 000,021,740 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011.02.03 22:32:44 | 000,004,161 | -H-- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.02.03 22:31:27 | 000,205,712 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004.08.03 23:12:38 | 000,001,804 | -H-- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004.08.03 21:14:30 | 000,075,264 | -H-- | C] () -- C:\WINDOWS\System32\drivers\ipsec.sys
[2004.08.02 12:20:40 | 000,004,569 | -H-- | C] () -- C:\WINDOWS\System32\secupd.dat
[2003.02.20 17:53:42 | 000,005,702 | -H-- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001.08.31 22:15:44 | 013,107,200 | -H-- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.08.31 22:15:44 | 000,004,463 | -H-- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.08.18 19:00:00 | 000,673,088 | -H-- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.08.18 19:00:00 | 000,316,594 | -H-- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2001.08.18 19:00:00 | 000,311,604 | -H-- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.08.18 19:00:00 | 000,272,128 | -H-- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.08.18 19:00:00 | 000,269,480 | -H-- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2001.08.18 19:00:00 | 000,218,003 | -H-- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.08.18 19:00:00 | 000,048,156 | -H-- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2001.08.18 19:00:00 | 000,046,258 | -H-- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.08.18 19:00:00 | 000,039,992 | -H-- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.08.18 19:00:00 | 000,034,478 | -H-- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2001.08.18 19:00:00 | 000,028,626 | -H-- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.08.18 19:00:00 | 000,000,741 | -H-- | C] () -- C:\WINDOWS\System32\noise.dat
< End of report >
--- --- --- |
