Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Ihr Windows-System wurde aus Sicherheitsgründen blockiert: Trojaner (https://www.trojaner-board.de/109623-windows-system-wurde-sicherheitsgruenden-blockiert-trojaner.html)

Chris4You 13.02.2012 14:06
Hi,

nein, nicht fixen, einfach nur ein neues Log mit OTL erstellen..

OTL
Lade Dir OTL von Oldtimer herunter (http://filepony.de/download-otl/) und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista/Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt (OTL.TXT und EXTRAS.TXT)
  • Poste die Logfiles hier in den Thread

chris

donnaca 13.02.2012 14:22
:stirn:oh mann...tut mir leid, dass ich mich so anstelle:stirn:

also hier erstmal das OTL.txt

Code:
OTL logfile created on: 13.02.2012 14:17:09 - Run 2
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Dokumente und Einstellungen\Wittmann\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,75 Gb Total Physical Memory | 1,38 Gb Available Physical Memory | 78,78% Memory free
4,23 Gb Paging File | 4,05 Gb Available in Paging File | 95,94% Paging File free
Paging file location(s): C:\pagefile.sys 2685 4096 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 232,88 Gb Total Space | 150,29 Gb Free Space | 64,54% Space Free | Partition Type: NTFS
Unable to calculate disk information.
 
Computer Name: PC | User Name: Wittmann | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\Wittmann\Eigene Dateien\Downloads\OTL(3).exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (ReminderFoxUpdater) -- C:\Dokumente und Einstellungen\Wittmann\Anwendungsdaten\ReminderFox\IE\ReminderFoxUpdater.exe ()
SRV - (Bandoo Coordinator) -- C:\Programme\Bandoo\Bandoo.exe (Bandoo Media Inc.)
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (TGCM_ImportWiFiSvc) -- C:\Programme\o2\Mobile Connection Manager\ImpWiFiSvc.exe (Telefónica I+D)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (NMIndexingService) -- C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe (Nero AG)
SRV - (ACS) -- C:\WINDOWS\system32\acs.exe ()
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (tidnet) -- C:\WINDOWS\system32\drivers\tidnet.sys (Telefónica I+D)
DRV - (huawei_enumerator) -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV - (ewusbnet) -- C:\WINDOWS\system32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (ew_hwusbdev) -- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (AR5211) -- C:\WINDOWS\system32\drivers\WPN311.sys (Atheros Communications, Inc.)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (SNPSTD3) -- C:\WINDOWS\system32\drivers\snpstd3.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = hxxp://dnl.crawler.com/support/sa_customize.aspx?TbId=66008
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=ac3f3e9d00000000000000146cbf7ced&tlver=1.4.19.19&ss=1&affID=17395
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=66008
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook: {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Programme\NCH_EN\prxtbNCH_.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {a51a36e6-31e7-4838-9ff7-76298b527ec0} - C:\Programme\softonic-Germany\prxtbsof0.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.defaultthis.engineName: "NCH EN Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801948&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "Search Results"
FF - prefs.js..browser.startup.homepage: "hxxp://www.searchqu.com/406"
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {a51a36e6-31e7-4838-9ff7-76298b527ec0}:3.2.5.2
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {d1e96ee9-8227-4791-adb9-c3d4bb586a8b}:3.3.0.19
FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.3
FF - prefs.js..extensions.enabledItems: {37483b40-c254-4a72-bda4-22ee90182c1e}:3.3.3.2
FF - prefs.js..keyword.URL: "hxxp://dts.search-results.com/sr?src=ffb&appid=102&systemid=406&q="
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programme\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Programme\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Programme\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.02.13 13:47:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.02.06 11:48:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\ffox@bandoo.com: C:\Dokumente und Einstellungen\Wittmann\Anwendungsdaten\Mozilla\Firefox\Profiles/0ivplufa.default\extensions\ffox@bandoo.com
 
[2011.07.11 19:05:29 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Wittmann\Anwendungsdaten\Mozilla\Extensions
[2012.02.13 13:36:32 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Wittmann\Anwendungsdaten\Mozilla\Firefox\Profiles\0ivplufa.default\extensions
[2012.02.13 13:36:32 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Dokumente und Einstellungen\Wittmann\Anwendungsdaten\Mozilla\Firefox\Profiles\0ivplufa.default\extensions\addon@reminderfox.org
[2011.06.26 17:46:19 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Dokumente und Einstellungen\Wittmann\Anwendungsdaten\Mozilla\Firefox\Profiles\0ivplufa.default\extensions\plugin@yontoo.com
[2011.03.21 14:51:06 | 000,000,915 | ---- | M] () -- C:\Dokumente und Einstellungen\Wittmann\Anwendungsdaten\Mozilla\Firefox\Profiles\0ivplufa.default\searchplugins\conduit.xml
[2011.07.11 19:05:18 | 000,002,501 | ---- | M] () -- C:\Dokumente und Einstellungen\Wittmann\Anwendungsdaten\Mozilla\Firefox\Profiles\0ivplufa.default\searchplugins\SearchResults.xml
[2012.01.20 19:09:20 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.07.22 12:20:03 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2012.02.13 13:47:11 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.01.17 10:13:27 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2012.02.13 13:47:08 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.04.18 11:20:23 | 000,002,428 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\babylon.xml
[2012.02.13 13:47:08 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.02.13 13:47:08 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.13 13:47:08 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.07.11 19:05:18 | 000,002,501 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\SearchResults.xml
[2012.02.13 13:47:08 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.13 13:47:08 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Wittmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_0\
 
O1 HOSTS File: ([2012.02.13 12:51:38 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1      localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (NCH EN Toolbar) - {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Programme\NCH_EN\prxtbNCH_.dll (Conduit Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (ReminderFox) - {7C9B39E6-6606-4ED2-8A3F-36E39C78CBDC} - C:\Dokumente und Einstellungen\Wittmann\Anwendungsdaten\ReminderFox\IE\ReminderFox.dll (Tom Mutdosch)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\Programme\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O2 - BHO: (softonic-Germany Toolbar) - {a51a36e6-31e7-4838-9ff7-76298b527ec0} - C:\Programme\softonic-Germany\prxtbsof0.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Programme\Google\GoogleToolbar1.dll (Google Germany GmbH)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (BandooIEPlugin Class) - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Programme\Bandoo\Plugins\IE\ieplugin.dll (Bandoo Media Inc.)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Programme\Yontoo Layers\YontooIEClient.dll (Yontoo Technology, Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Germany GmbH)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (NCH EN Toolbar) - {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Programme\NCH_EN\prxtbNCH_.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (softonic-Germany Toolbar) - {a51a36e6-31e7-4838-9ff7-76298b527ec0} - C:\Programme\softonic-Germany\prxtbsof0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Germany GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (NCH EN Toolbar) - {37483B40-C254-4A72-BDA4-22EE90182C1E} - C:\Programme\NCH_EN\prxtbNCH_.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (softonic-Germany Toolbar) - {A51A36E6-31E7-4838-9FF7-76298B527EC0} - C:\Programme\softonic-Germany\prxtbsof0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BabylonToolbar] C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
O4 - HKLM..\Run: [BrStsWnd] C:\Programme\Brownie\BrstsWnd.exe (brother)
O4 - HKLM..\Run: [DATAMNGR] C:\Programme\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [Mobile Connection Manager] C:\Programme\o2\Mobile Connection Manager\EMMSN.exe (Telefónica I+D)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe ()
O4 - HKCU..\Run: [ffdwnd] C:\Dokumente und Einstellungen\Wittmann\Lokale Einstellungen\Anwendungsdaten\Mozilla\Firefox\firefox.exe (Tomasz Pawlak)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube Download - C:\Dokumente und Einstellungen\Wittmann\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to iPod Converter - C:\Dokumente und Einstellungen\Wittmann\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Dokumente und Einstellungen\Wittmann\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1208871934093 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1208872106984 (MUWebControl Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} hxxp://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader4.cab (IPSUploader4 Control)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EBC185AD-FCBC-4F21-832C-7BE4B4105C3C}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~1\wi371a~1\datamngr\datamngr.dll) -c:\Programme\Windows iLivid Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (c:\progra~1\wi371a~1\datamngr\iebho.dll) -c:\Programme\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (c:\progra~1\bandoo\bndhook.dll) -c:\Programme\Bandoo\BndHook.dll (Discordia Limited)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Wittmann\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Wittmann\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004.08.20 20:33:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{5f55eea8-b820-11de-9e69-00146cbf7ced}\Shell\AutoRun\command - "" = E:\Menu.exe
O33 - MountPoints2\{7537c866-04ba-11e1-a136-00199917f615}\Shell - "" = AutoRun
O33 - MountPoints2\{7537c866-04ba-11e1-a136-00199917f615}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{7537c866-04ba-11e1-a136-00199917f615}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{e805cdc7-d80d-11de-9ea1-00146cbf7ced}\Shell\AutoRun\command - "" = E:\MAD\TRACK\mad.exe
O33 - MountPoints2\{e805cdc7-d80d-11de-9ea1-00146cbf7ced}\Shell\open\command - "" = E:\MAD\TRACK\mad.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.02.13 13:36:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wittmann\Anwendungsdaten\ReminderFox
[2012.02.13 11:45:46 | 000,000,000 | ---D | C] -- C:\Programme\Trojancheck 6
[2012.02.13 11:45:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Trojancheck 6
[2012.02.11 15:34:32 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.02.11 14:23:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wittmann\Anwendungsdaten\Malwarebytes
[2012.02.06 18:17:48 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.02.06 18:17:48 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2012.02.06 18:17:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.02.06 18:17:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.01.17 10:31:33 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2012.01.17 10:30:25 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2012.01.17 10:30:14 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2012.01.17 10:14:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun
[2012.01.17 10:13:40 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2012.01.17 10:13:40 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2012.01.17 10:13:40 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2012.01.17 10:13:40 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2012.01.17 10:06:13 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2012.01.17 10:06:09 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2012.01.17 10:04:18 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2012.01.17 10:03:01 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2012.01.16 15:12:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wittmann\Anwendungsdaten\Sony Corporation
[2012.01.16 14:51:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wittmann\Lokale Einstellungen\Anwendungsdaten\Sony
[2012.01.16 14:51:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wittmann\Eigene Dateien\My Podcasts
[2012.01.16 14:51:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wittmann\Eigene Dateien\Media Go
[2012.01.16 14:50:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Sony
[2012.01.16 14:50:40 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Sony Shared
[2012.01.16 14:44:18 | 000,000,000 | ---D | C] -- C:\Programme\Sony Media Go Install
[2012.01.16 14:38:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wittmann\Anwendungsdaten\Sony
[2012.01.16 14:37:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\WALKMAN Guide
[2012.01.16 14:36:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wittmann\Lokale Einstellungen\Anwendungsdaten\Downloaded Installations
[2012.01.16 14:34:24 | 000,000,000 | ---D | C] -- C:\Programme\Sony
[2012.01.16 14:28:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012.01.16 14:10:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2012.01.16 14:10:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de
[2012.01.16 14:10:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2012.01.16 14:05:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2012.01.16 13:59:48 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2012.01.16 13:29:58 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Wittmann\PrivacIE
[2012.01.16 13:24:02 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Wittmann\IETldCache
[2012.01.16 13:16:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2012.01.16 13:14:46 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2012.01.16 13:11:42 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2012.01.16 12:57:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sony Corporation
[2009.11.10 18:40:58 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll
[2009.11.10 18:40:58 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[2009.11.10 18:40:58 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
 
========== Files - Modified Within 30 Days ==========
 
[2012.02.13 14:15:11 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.02.13 14:14:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.02.13 13:43:43 | 000,000,232 | ---- | M] () -- C:\WINDOWS\Brownie.ini
[2012.02.13 13:43:08 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.02.13 13:14:59 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.02.13 12:51:38 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012.02.13 11:45:46 | 000,000,664 | ---- | M] () -- C:\Dokumente und Einstellungen\Wittmann\Desktop\Trojancheck.lnk
[2012.02.13 10:32:03 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.02.12 18:59:42 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.02.11 14:23:11 | 000,000,762 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.02.07 10:31:01 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2012.01.31 15:25:04 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012.01.25 12:28:29 | 000,001,783 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk
[2012.01.19 12:23:51 | 013,979,902 | ---- | M] () -- C:\Dokumente und Einstellungen\Wittmann\Eigene Dateien\Firefly - für ewig_09901.wmv.mp4
[2012.01.18 13:03:16 | 000,267,800 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.01.18 09:43:54 | 000,452,790 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.01.18 09:43:54 | 000,435,396 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.01.18 09:43:54 | 000,082,468 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.01.18 09:43:54 | 000,069,386 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.01.18 09:37:13 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.01.18 09:12:55 | 002,006,123 | ---- | M] () -- C:\WINDOWS\iis6.BAK
[2012.01.17 10:13:26 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2012.01.17 10:13:26 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2012.01.17 10:13:26 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2012.01.17 10:13:26 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2012.01.17 10:13:25 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2012.01.16 14:50:41 | 000,001,608 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Media Go.lnk
[2012.01.16 14:48:38 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.01.16 14:37:04 | 000,001,827 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\NWZ-E460 WALKMAN Guide.lnk
[2012.01.16 14:04:51 | 000,251,712 | RHS- | M] () -- C:\ntldr
[2012.01.16 12:54:19 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
 
========== Files Created - No Company Name ==========
 
[2012.02.13 11:45:46 | 000,000,664 | ---- | C] () -- C:\Dokumente und Einstellungen\Wittmann\Desktop\Trojancheck.lnk
[2012.02.12 19:02:38 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.02.06 18:17:49 | 000,000,762 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.01.19 12:23:27 | 013,979,902 | ---- | C] () -- C:\Dokumente und Einstellungen\Wittmann\Eigene Dateien\Firefly - für ewig_09901.wmv.mp4
[2012.01.16 14:50:41 | 000,001,608 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Media Go.lnk
[2012.01.16 14:37:04 | 000,001,827 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\NWZ-E460 WALKMAN Guide.lnk
[2011.07.11 19:06:27 | 001,524,112 | ---- | C] () -- C:\WINDOWS\System32\bandoolmx.dll
[2011.05.09 19:30:20 | 000,000,145 | ---- | C] () -- C:\Dokumente und Einstellungen\Wittmann\Anwendungsdaten\AVSDVDPlayer.m3u
[2011.05.09 18:46:24 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011.05.09 18:46:24 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.02.17 22:28:52 | 000,000,141 | ---- | C] () -- C:\WINDOWS\BRVIDEO.INI
[2010.02.17 22:28:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2010.02.17 22:28:36 | 000,009,868 | ---- | C] () -- C:\WINDOWS\HL-2140.INI
[2010.02.17 22:28:36 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\brlmw03a.ini
[2010.02.17 22:28:25 | 000,000,432 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2010.02.17 22:28:24 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\BD2140.DAT
[2010.02.17 22:26:06 | 000,000,232 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2009.12.30 10:42:24 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2009.12.10 14:26:31 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\KMVIDC32.DLL
[2009.11.11 18:11:33 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009.11.10 18:40:59 | 008,701,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd3.sys
[2009.11.10 18:40:59 | 000,339,968 | ---- | C] () -- C:\WINDOWS\vsnpstd3.exe
[2009.11.10 18:40:59 | 000,294,912 | ---- | C] () -- C:\WINDOWS\tsnpstd3.exe
[2009.11.10 18:40:59 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2009.11.10 18:40:58 | 000,020,480 | ---- | C] () -- C:\WINDOWS\usnpstd3.exe
[2009.09.20 17:25:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008.11.11 21:20:59 | 000,000,055 | ---- | C] () -- C:\WINDOWS\cryavitompeg.ini
[2008.11.11 21:19:56 | 000,000,005 | ---- | C] () -- C:\WINDOWS\System32\SySavitompeg.dat
[2008.11.09 01:17:30 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.11.09 01:17:28 | 000,204,800 | ---- | C] () -- C:\Dokumente und Einstellungen\Wittmann\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.05.08 15:19:50 | 000,000,802 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2008.04.22 22:45:01 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008.04.22 22:45:01 | 001,626,112 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2008.04.22 22:45:01 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008.04.22 22:45:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008.04.22 22:45:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008.04.22 22:44:59 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008.04.22 22:44:58 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2008.04.22 22:44:57 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2008.04.22 22:44:57 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2008.04.22 15:22:26 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2008.04.22 13:54:10 | 000,000,141 | ---- | C] () -- C:\Dokumente und Einstellungen\Wittmann\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2008.04.22 13:49:01 | 000,001,732 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2007.07.18 12:30:21 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006.12.04 10:57:38 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2006.12.04 10:57:38 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\acs.exe
[2005.04.28 13:32:29 | 000,001,124 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004.08.20 21:22:17 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004.08.20 21:21:04 | 000,267,800 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004.08.20 20:44:06 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004.08.20 20:39:16 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004.08.20 20:28:14 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004.08.20 20:07:59 | 000,452,790 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2004.08.20 20:07:59 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2004.08.20 20:07:59 | 000,082,468 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2004.08.20 20:07:59 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2004.08.20 20:07:41 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004.08.20 20:07:38 | 000,435,396 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004.08.20 20:07:38 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004.08.20 20:07:38 | 000,069,386 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004.08.20 20:07:38 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004.08.20 20:07:37 | 000,004,711 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004.08.20 20:07:36 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004.08.20 20:07:34 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004.08.20 20:07:28 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004.08.20 20:07:28 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004.08.20 20:07:19 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004.08.20 20:07:13 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 88 bytes -> C:\Dokumente und Einstellungen\Wittmann\Eigene Dateien\Donna- die Matz:SummaryInformation

< End of report >
und Extras.txt:

Code:
OTL Extras logfile created on: 13.02.2012 14:17:09 - Run 2
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Dokumente und Einstellungen\Wittmann\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,75 Gb Total Physical Memory | 1,38 Gb Available Physical Memory | 78,78% Memory free
4,23 Gb Paging File | 4,05 Gb Available in Paging File | 95,94% Paging File free
Paging file location(s): C:\pagefile.sys 2685 4096 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 232,88 Gb Total Space | 150,29 Gb Free Space | 64,54% Space Free | Partition Type: NTFS
Unable to calculate disk information.
 
Computer Name: PC | User Name: Wittmann | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Programme\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Programme\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Programme\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [SCHLECKER Foto Digital Service] -- "C:\Programme\SCHLECKER\SCHLECKER Foto Digital Service\SCHLECKER Foto Digital Service.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Gemeinsame Dateien\Ahead\Nero Web\SetupX.exe" = C:\Programme\Gemeinsame Dateien\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup -- (Nero AG)
"C:\Dokumente und Einstellungen\Wittmann\Lokale Einstellungen\Temp\ImInstaller\incredimail_installer.exe" = C:\Dokumente und Einstellungen\Wittmann\Lokale Einstellungen\Temp\ImInstaller\incredimail_installer.exe:*:Enabled:IncrediMail Installer
"C:\Programme\ICQLite\ICQLite.exe" = C:\Programme\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite
"C:\Programme\ICQ6\ICQ.exe" = C:\Programme\ICQ6\ICQ.exe:*:Enabled:ICQ6
"C:\Programme\ICQ6.5\ICQ.exe" = C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\Team17\Worms2\frontend.exe" = C:\Team17\Worms2\frontend.exe:*:Enabled:Worms 2 Frontend
"C:\Dokumente und Einstellungen\Wittmann\Eigene Dateien\Downloads\facebook-pic000934519(2).exe" = C:\Dokumente und Einstellungen\Wittmann\Eigene Dateien\Downloads\facebook-pic000934519(2).exe:*:Enabled:Windows Services
"C:\Programme\Google\Google Earth\client\googleearth.exe" = C:\Programme\Google\Google Earth\client\googleearth.exe:*:Disabled:Google Earth -- (Google)
"C:\Programme\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe" = C:\Programme\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe:*:Enabled:DTX broker -- (Visicom Media Inc.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0483BE07-260D-4E4D-815E-F737C0A72E40}" = Adobe Flash Player 10 ActiveX
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{167A1F6A-9BF2-4B24-83DB-C6D659F680EA}" = Media Go
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4075478A-AF1F-4CCB-BA27-A3FAEFD24ADB}" = Brother HL-2140
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5F499D33-546A-442B-B0F9-4C58F3B5B6E3}" = Cuttermaran 1.70
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{69995C7A-062A-4A90-A4DF-8C22895DF522}" = iTunes
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = Die Sims 2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7516254D-7F98-49DD-8209-5D2208BD1031}" = Nero 7 Essentials
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers 1.10.01
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}" = iLivid
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (German) 12
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9309DD7E-EBFE-3C95-8B47-30D3A012F606}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DEU
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4D58206-7E8F-41F2-BD94-85009F3AEA28}" = NWZ-E460 WALKMAN Guide
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB938897-211A-4999-9749-236D2E8E464A}" = NETGEAR WPN311 Wireless Adapter
"{AC76BA86-7AD7-1031-7B44-A81300000003}" = Adobe Reader 8.1.3 - Deutsch
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B97ACE80-6D9B-11D6-AFFD-0040052179B6}" = Crazy Taxi
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D03482C5-9AD8-496D-B388-692AE04C93AF}" = Bonjour
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{E07F7571-7193-4505-B017-FDC6525CA0B7}" = ATI AVIVO Codecs
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = i-NOVIA webpro3
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software
"AVI To MPEG Converter_is1" = AVI To MPEG Converter 1.00
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVS DVD Player_is1" = AVS DVD Player version 2.4
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.2
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"BabylonToolbar" = Babylon toolbar
"Bandoo" = Bandoo
"CodecInstaller" = CodecInstaller 2.10.2
"conduitEngine" = Conduit Engine
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"Free YouTube Download_is1" = Free YouTube Download version 3.0.13.815
"Free YouTube to iPod Converter_is1" = Free YouTube to iPod Converter version 3.10.8.815
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.8.815
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HUAWEI DataCard Driver" = HUAWEI DataCard Driver 4.20.12.00
"ICQToolbar" = ICQ Toolbar
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"iLivid" = iLivid
"InstallShield_{AB938897-211A-4999-9749-236D2E8E464A}" = NETGEAR WPN311 Wireless Adapter
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MixPad" = MixPad Audio Mixer
"Mozilla Firefox 10.0.1 (x86 de)" = Mozilla Firefox 10.0.1 (x86 de)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NCH_EN Toolbar" = NCH EN Toolbar
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"o2DE" = Mobile Connection Manager
"PhotoPad" = PhotoPad Image Editor
"PhotoScape" = PhotoScape
"PhotoStage" = PhotoStage Slideshow Producer
"Prism" = Prism Video File Converter
"SCHLECKER Foto Digital Service" = SCHLECKER Foto Digital Service
"Searchqu 406 MediaBar" = Windows iLivid Toolbar
"softonic-Germany Toolbar" = softonic-Germany Toolbar
"Tierpension" = Meine Tierpension
"Trojancheck_is1" = Trojancheck 6
"Uninstall_is1" = Uninstall 1.0.0.1
"VideoPad" = VideoPad Video Editor
"VLC media player" = VideoLAN VLC media player 0.8.6f
"WavePad" = WavePad Sound Editor
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 08.02.2012 05:57:51 | Computer Name = PC | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
 nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
 
Error - 09.02.2012 12:01:42 | Computer Name = PC | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
 nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
 
Error - 10.02.2012 04:38:36 | Computer Name = PC | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
 nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
 
Error - 11.02.2012 08:56:33 | Computer Name = PC | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
 nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
 
Error - 12.02.2012 07:22:53 | Computer Name = PC | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
 nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
 
Error - 12.02.2012 07:23:00 | Computer Name = PC | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
 nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
 
Error - 12.02.2012 13:01:05 | Computer Name = PC | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
 nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
 
Error - 13.02.2012 08:38:11 | Computer Name = PC | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
 nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
 
Error - 13.02.2012 08:41:28 | Computer Name = PC | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
 nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
 
Error - 13.02.2012 08:43:11 | Computer Name = PC | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
 nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
 
[ System Events ]
Error - 13.02.2012 09:10:33 | Computer Name = PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "DHCP-Client" ist vom Dienst "NetBios über TCP/IP" abhängig,
 der aufgrund folgenden Fehlers nicht gestartet wurde:  %%31
 
Error - 13.02.2012 09:10:33 | Computer Name = PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "DNS-Client" ist vom Dienst "TCP/IP-Protokolltreiber" abhängig,
 der aufgrund folgenden Fehlers nicht gestartet wurde:  %%31
 
Error - 13.02.2012 09:10:33 | Computer Name = PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "TCP/IP-NetBIOS-Hilfsprogramm" ist vom Dienst "AFD" abhängig,
 der aufgrund folgenden Fehlers nicht gestartet wurde:  %%31
 
Error - 13.02.2012 09:10:33 | Computer Name = PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Apple Mobile Device" ist vom Dienst "TCP/IP-Protokolltreiber"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:  %%31
 
Error - 13.02.2012 09:10:33 | Computer Name = PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Dienst "Bonjour"" ist vom Dienst "TCP/IP-Protokolltreiber"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:  %%31
 
Error - 13.02.2012 09:10:33 | Computer Name = PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "IPSEC-Dienste" ist vom Dienst "IPSEC-Treiber" abhängig,
 der aufgrund folgenden Fehlers nicht gestartet wurde:  %%31
 
Error - 13.02.2012 09:10:33 | Computer Name = PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
  AFD  AmdK8  avgio  avipbb  Fips  IPSec  MRxSmb  NetBIOS  NetBT  RasAcd  Rdbss  ssmdrv  Tcpip  tidnet
 
Error - 13.02.2012 09:11:44 | Computer Name = PC | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {1BE1F766-5536-11D1-B726-00C04FB926AF}
 
Error - 13.02.2012 09:15:09 | Computer Name = PC | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {1BE1F766-5536-11D1-B726-00C04FB926AF}
 
Error - 13.02.2012 09:16:20 | Computer Name = PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
  AmdK8  avgio  avipbb  Fips  ssmdrv
 
 
< End of report >
danke für deine Bemühungen :)

Chris4You 13.02.2012 14:32
Hi,

let's try again...

Dateien Online überprüfen lassen
  • Suche die Seite Virustotal auf, klicke auf den Button „Durchsuchen“ und suche folgende Datei/Dateien:
Code:
C:\Dokumente und Einstellungen\Wittmann\Anwendungsdaten\ReminderFox\IE\ReminderFox.dll
  • Lade nun nacheinander jede/alle Datei/Dateien hoch, und warte bis der Scan vorbei ist. (kann bis zu 2 Minuten dauern.)
  • Poste im Anschluss das Ergebnis der Auswertung, alles abkopieren und in einen Beitrag einfügen.
  • Wichtig: Auch die Größenangabe sowie den HASH mit kopieren!

Fix für OTL:
  • Doppelklick auf die OTL.exe, um das Programm auszuführen.
  • Vista/Win7-User bitte per Rechtsklick und "Ausführen als Administrator" starten.
  • Kopiere den Inhalt der folgenden Codebox komplett in die OTL-Box unter "Custom Scan/Fixes"
http://oldtimer.geekstogo.com/OTL/OTL_Main_Tutorial.gif
Code:

:OTL
O4 - HKCU..\Run: [ffdwnd] C:\Dokumente und Einstellungen\Wittmann\Lokale Einstellungen\Anwendungsdaten\Mozilla\Firefox\firefox.exe (Tomasz Pawlak)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

:Commands
[emptytemp]
[Reboot]
  • Den roten Run Fixes! Button anklicken.
  • Bitte alles aus dem Ergebnisfenster (Results) herauskopieren.
  • Eine Kopie eines OTL-Fix-Logs wird in einer Textdatei in folgendem Ordner gespeichert:
  • %systemroot%\_OTL

Danach solltest Du wieder in den normalen Mode kommen, unbedingt MAM updaten und FULLSCAN, Log posten..

chris

donnaca 13.02.2012 15:00
Ich hoffe ich habe alles richtig gemacht und alles vollständig kopiert ;)

das ist der Scan auf Virustotal:

Code:
VirusTotal
SHA256:        356a573dd794fbd7b2630b7c830c727a75106bedacd3ab38276f3bfe0d74e01d
File name:        ReminderFox.dll
Detection ratio:        1 / 42
Analysis date:        2012-02-13 13:53:01 UTC ( 1 Minute ago )
0
0
Antivirus        Result        Update
AhnLab-V3        -        20120213
AntiVir        -        20120213
Antiy-AVL        -        20120212
Avast        -        20120213
AVG        -        20120213
BitDefender        -        20120213
ByteHero        -        20120212
CAT-QuickHeal        -        20120213
ClamAV        -        20120213
Commtouch        -        20120213
Comodo        -        20120213
DrWeb        Adware.Downware.54        20120213
Emsisoft        -        20120213
eSafe        -        20120213
eTrust-Vet        -        20120213
F-Prot        -        20120213
F-Secure        -        20120213
Fortinet        -        20120213
GData        -        20120213
Ikarus        -        20120213
Jiangmin        -        20120212
K7AntiVirus        -        20120211
Kaspersky        -        20120213
McAfee        -        20120213
McAfee-GW-Edition        -        20120212
Microsoft        -        20120213
NOD32        -        20120213
Norman        -        20120212
nProtect        -        20120213
Panda        -        20120213
Prevx        -        20120213
Rising        -        20120213
Sophos        -        20120213
SUPERAntiSpyware        -        20120206
Symantec        -        20120213
TheHacker        -        20120212
TrendMicro        -        20120213
TrendMicro-HouseCall        -        20120213
VBA32        -        20120213
VIPRE        -        20120213
ViRobot        -        20120213
VirusBuster        -        20120212

    Comments
    Additional information

donnaca 13.02.2012 15:06
OMG ih bin wieder im normalen Modus :D :D :D danke!! :D

hier ist der OTL-Fix-Log:

Code:
All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ffdwnd deleted successfully.
C:\Dokumente und Einstellungen\Wittmann\Lokale Einstellungen\Anwendungsdaten\Mozilla\Firefox\firefox.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: All Users
 
User: Default User
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Wittmann
->Temp folder emptied: 389839709 bytes
->Temporary Internet Files folder emptied: 428334 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 96556205 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 1595 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 82403 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 464,00 mb
 
 
OTL by OldTimer - Version 3.2.31.0 log created on 02132012_150155

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
danke, danke, danke :D

das ist noch der Log von MAM:

Code:
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Datenbank Version: v2012.02.12.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Wittmann :: PC [Administrator]

13.02.2012 15:07:27
mbam-log-2012-02-13 (15-07-27).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: Dateisystem | P2P
Durchsuchte Objekte: 187309
Laufzeit: 1 Minute(n), 43 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
ist meiin PC jetzt wieder clean? :)
eißt du, wie ich ihn in Zukunft besser davor schützen kann?

Chris4You 13.02.2012 15:08
Hi,

ok, scheint ein Fehlalarm zu sein...
Jetzt den Fix durchführen undFixLog posten...

chris

donnaca 13.02.2012 15:15
meinst du einen Fix von OTL oder von MAM?

danke:)

Chris4You 13.02.2012 15:40
Hi,

den Fix für OTL...

Code:
:OTL
O4 - HKCU..\Run: [ffdwnd] C:\Dokumente und Einstellungen\Wittmann\Lokale Einstellungen\Anwendungsdaten\Mozilla\Firefox\firefox.exe (Tomasz Pawlak)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

:Commands
[emptytemp]
[Reboot]
Dann MAM...

chris

donnaca 13.02.2012 15:51
das habe ich doch schon auf der seite davor gemacht, oder? :confused:

lg :)

Chris4You 13.02.2012 15:59
Hi,

habe ich übersehen...
Kommst Du jetzt wieder "normal" in den Rechner?

Abschließend:

TDSS-Killer
Download und Anweisung unter: Wie werden Schadprogramme der Familie Rootkit.Win32.TDSS bekämpft?
Entpacke alle Dateien in einem eigenen Verzeichnis (z. B: C:\TDSS)!
Aufruf über den Explorer duch Doppelklick auf die TDSSKiller.exe.
Nach dem Start erscheint ein Fenster, dort dann "Start Scan".
Wenn der Scan fertig ist bitte "Report" anwählen. Es öffnet sich ein Fenster, den Text abkopieren und hier posten...

Da das Ganze über eine Sicherheitslücke funktioniert, nur bekannte Seiten ansrufen, GUEST-Account zum Surfen einrichten, Firefox benutzen (mit den Plugins "WOT" und "NoScript") und Windows per Update immer Up-ToDate halten....

chris

donnaca 13.02.2012 16:11
genau ich habe den PC jetzt wieder normal hochgefahren :)

ähm, ich hab ejetzt noch eine Frage: ich lade TDSS herunter und klicke dann auf alle extrahieren, oder?
wenn ich das mache erscheint aber die Meldung, dass ein trojanisches Pferd gefunden wurde und der Rest kann dann nicht mehr extrahiert werden...weißt du was ich falsch mache?

unter der Festplatte C habe ich jetzt noch einen Ordner TDSS eröffnet, in den ich den Download verschoben habe, stimmt das?

Vielen Dank noch einmal :D :daumenhoch:

Chris4You 13.02.2012 16:15
Hi,

der Killer kann schon mla fälschlicherweise erkannt werden, als "Ausnahme" hinzufüpgen bzw. auspacken und Start erlauben ("sichere Anwendung");

Ggf. Offline gehen und Sicherheitslösung für den Zeitraum ausschalten... dann Killer auspacken und laufen lassen... Log posten...

chris

donnaca 13.02.2012 16:22
hier ist der Log :)

Code:
16:17:54.0875 3176        TDSS rootkit removing tool 2.7.12.0 Feb 11 2012 16:58:52
16:17:55.0000 3176        ============================================================
16:17:55.0000 3176        Current date / time: 2012/02/13 16:17:55.0000
16:17:55.0000 3176        SystemInfo:
16:17:55.0000 3176       
16:17:55.0000 3176        OS Version: 5.1.2600 ServicePack: 3.0
16:17:55.0000 3176        Product type: Workstation
16:17:55.0000 3176        ComputerName: PC
16:17:55.0000 3176        UserName: Wittmann
16:17:55.0000 3176        Windows directory: C:\WINDOWS
16:17:55.0000 3176        System windows directory: C:\WINDOWS
16:17:55.0000 3176        Processor architecture: Intel x86
16:17:55.0000 3176        Number of processors: 2
16:17:55.0000 3176        Page size: 0x1000
16:17:55.0000 3176        Boot type: Normal boot
16:17:55.0000 3176        ============================================================
16:17:57.0328 3176        Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
16:17:57.0328 3176        Drive \Device\Harddisk1\DR2 - Size: 0x75400000 (1.83 Gb), SectorSize: 0x200, Cylinders: 0xEF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:17:57.0375 3176        \Device\Harddisk0\DR0:
16:17:57.0375 3176        MBR used
16:17:57.0375 3176        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4542
16:17:57.0375 3176        \Device\Harddisk1\DR2:
16:17:57.0375 3176        MBR used
16:17:57.0375 3176        \Device\Harddisk1\DR2\Partition0: MBR, Type 0x6, StartLBA 0x89, BlocksNum 0x3A9F77
16:17:57.0406 3176        Initialize success
16:17:57.0406 3176        ============================================================
16:18:01.0171 3372        ============================================================
16:18:01.0171 3372        Scan started
16:18:01.0171 3372        Mode: Manual;
16:18:01.0171 3372        ============================================================
16:18:02.0328 3372        Abiosdsk - ok
16:18:02.0359 3372        abp480n5        (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
16:18:02.0359 3372        abp480n5 - ok
16:18:02.0453 3372        ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:18:02.0453 3372        ACPI - ok
16:18:02.0453 3372        ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
16:18:02.0468 3372        ACPIEC - ok
16:18:02.0468 3372        adpu160m        (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
16:18:02.0468 3372        adpu160m - ok
16:18:02.0500 3372        adpu320        (e4e13ce4c85c7e45a643ba54b8c8b16b) C:\WINDOWS\system32\DRIVERS\adpu320.sys
16:18:02.0500 3372        adpu320 - ok
16:18:02.0531 3372        aec            (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
16:18:02.0546 3372        aec - ok
16:18:02.0593 3372        AegisP          (2c5c22990156a1063e19ad162191dc1d) C:\WINDOWS\system32\DRIVERS\AegisP.sys
16:18:02.0593 3372        AegisP - ok
16:18:02.0640 3372        AFD            (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
16:18:02.0656 3372        AFD - ok
16:18:02.0703 3372        agp440          (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
16:18:02.0703 3372        agp440 - ok
16:18:02.0734 3372        agpCPQ          (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
16:18:02.0734 3372        agpCPQ - ok
16:18:02.0765 3372        Aha154x        (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
16:18:02.0765 3372        Aha154x - ok
16:18:02.0765 3372        aic78u2        (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
16:18:02.0781 3372        aic78u2 - ok
16:18:02.0781 3372        aic78xx        (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
16:18:02.0781 3372        aic78xx - ok
16:18:02.0796 3372        AliIde          (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
16:18:02.0796 3372        AliIde - ok
16:18:02.0828 3372        alim1541        (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
16:18:02.0828 3372        alim1541 - ok
16:18:02.0859 3372        amdagp          (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
16:18:02.0859 3372        amdagp - ok
16:18:02.0921 3372        AmdK8          (efbb0956baed786e137351b5ca272aef) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
16:18:02.0921 3372        AmdK8 - ok
16:18:02.0953 3372        amsint          (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
16:18:02.0953 3372        amsint - ok
16:18:03.0015 3372        AR5211          (08e03e8ab837dc9dd2737930ecd19fbc) C:\WINDOWS\system32\DRIVERS\WPN311.sys
16:18:03.0031 3372        AR5211 - ok
16:18:03.0031 3372        asc            (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
16:18:03.0046 3372        asc - ok
16:18:03.0046 3372        asc3350p        (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
16:18:03.0046 3372        asc3350p - ok
16:18:03.0062 3372        asc3550        (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
16:18:03.0062 3372        asc3550 - ok
16:18:03.0125 3372        AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:18:03.0125 3372        AsyncMac - ok
16:18:03.0140 3372        atapi          (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
16:18:03.0140 3372        atapi - ok
16:18:03.0156 3372        Atdisk - ok
16:18:03.0187 3372        Atmarpc        (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:18:03.0203 3372        Atmarpc - ok
16:18:03.0234 3372        audstub        (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
16:18:03.0234 3372        audstub - ok
16:18:03.0375 3372        avgio          (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Programme\Avira\AntiVir Desktop\avgio.sys
16:18:03.0375 3372        avgio - ok
16:18:03.0437 3372        avgntflt        (14fe36d8f2c6a2435275338d061a0b66) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
16:18:03.0437 3372        avgntflt - ok
16:18:03.0453 3372        avipbb          (6d52060b59e7d79cd2a044b6add1f1ef) C:\WINDOWS\system32\DRIVERS\avipbb.sys
16:18:03.0453 3372        avipbb - ok
16:18:03.0515 3372        Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
16:18:03.0515 3372        Beep - ok
16:18:03.0562 3372        cbidf          (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
16:18:03.0562 3372        cbidf - ok
16:18:03.0562 3372        cbidf2k        (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
16:18:03.0562 3372        cbidf2k - ok
16:18:03.0593 3372        CCDECODE        (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
16:18:03.0609 3372        CCDECODE - ok
16:18:03.0609 3372        cd20xrnt        (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
16:18:03.0609 3372        cd20xrnt - ok
16:18:03.0640 3372        Cdaudio        (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
16:18:03.0640 3372        Cdaudio - ok
16:18:03.0671 3372        Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
16:18:03.0671 3372        Cdfs - ok
16:18:03.0687 3372        Cdrom          (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:18:03.0687 3372        Cdrom - ok
16:18:03.0703 3372        Changer - ok
16:18:03.0765 3372        CmdIde          (c687f81290303d90099b027a6474f99f) C:\WINDOWS\system32\DRIVERS\cmdide.sys
16:18:03.0765 3372        CmdIde - ok
16:18:03.0781 3372        Cpqarray        (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
16:18:03.0781 3372        Cpqarray - ok
16:18:03.0796 3372        dac2w2k        (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
16:18:03.0812 3372        dac2w2k - ok
16:18:03.0828 3372        dac960nt        (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
16:18:03.0828 3372        dac960nt - ok
16:18:03.0890 3372        Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
16:18:03.0890 3372        Disk - ok
16:18:03.0953 3372        dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
16:18:03.0984 3372        dmboot - ok
16:18:04.0015 3372        dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
16:18:04.0015 3372        dmio - ok
16:18:04.0203 3372        dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
16:18:04.0203 3372        dmload - ok
16:18:04.0234 3372        DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
16:18:04.0234 3372        DMusic - ok
16:18:04.0359 3372        dpti2o          (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
16:18:04.0359 3372        dpti2o - ok
16:18:04.0390 3372        drmkaud        (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
16:18:04.0406 3372        drmkaud - ok
16:18:04.0531 3372        ewusbnet        (a52794c010c6df5b4bc70c4ab5e04088) C:\WINDOWS\system32\DRIVERS\ewusbnet.sys
16:18:04.0546 3372        ewusbnet - ok
16:18:04.0578 3372        ew_hwusbdev    (57c171ea22f0a7f068fcb0caedd1e8e7) C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys
16:18:04.0578 3372        ew_hwusbdev - ok
16:18:04.0625 3372        Fastfat        (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
16:18:04.0625 3372        Fastfat - ok
16:18:04.0656 3372        Fdc            (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
16:18:04.0656 3372        Fdc - ok
16:18:04.0703 3372        Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
16:18:04.0703 3372        Fips - ok
16:18:04.0734 3372        Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
16:18:04.0734 3372        Flpydisk - ok
16:18:04.0781 3372        FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
16:18:04.0781 3372        FltMgr - ok
16:18:04.0843 3372        Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:18:04.0843 3372        Fs_Rec - ok
16:18:04.0859 3372        Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:18:04.0859 3372        Ftdisk - ok
16:18:04.0906 3372        GEARAspiWDM    (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
16:18:04.0906 3372        GEARAspiWDM - ok
16:18:04.0953 3372        Gpc            (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:18:04.0953 3372        Gpc - ok
16:18:05.0031 3372        HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
16:18:05.0031 3372        HDAudBus - ok
16:18:05.0078 3372        HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:18:05.0078 3372        HidUsb - ok
16:18:05.0125 3372        hpn            (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
16:18:05.0125 3372        hpn - ok
16:18:05.0171 3372        HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
16:18:05.0171 3372        HTTP - ok
16:18:05.0328 3372        huawei_enumerator (bed3a9f86a637cc6c2c5296cd82423d8) C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys
16:18:05.0328 3372        huawei_enumerator - ok
16:18:05.0375 3372        hwdatacard      (1f40368dc40b17de3fa0fbe8a9d82f9e) C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
16:18:05.0390 3372        hwdatacard - ok
16:18:05.0437 3372        i2omgmt        (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
16:18:05.0437 3372        i2omgmt - ok
16:18:05.0500 3372        i2omp          (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
16:18:05.0500 3372        i2omp - ok
16:18:05.0546 3372        i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:18:05.0546 3372        i8042prt - ok
16:18:05.0609 3372        iaStor          (2358c53f30cb9dcd1d3843c4e2f299b2) C:\WINDOWS\system32\DRIVERS\iaStor.sys
16:18:05.0609 3372        iaStor - ok
16:18:05.0734 3372        Imapi          (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
16:18:05.0750 3372        Imapi - ok
16:18:05.0781 3372        ini910u        (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
16:18:05.0781 3372        ini910u - ok
16:18:05.0937 3372        IntcAzAudAddService (1824c4894aa438cd06c976e44b9e7353) C:\WINDOWS\system32\drivers\RtkHDAud.sys
16:18:06.0000 3372        IntcAzAudAddService - ok
16:18:06.0187 3372        IntelIde        (69c4e3c9e67a1f103b94e14fdd5f3213) C:\WINDOWS\system32\DRIVERS\intelide.sys
16:18:06.0187 3372        IntelIde - ok
16:18:06.0265 3372        Ip6Fw          (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
16:18:06.0265 3372        Ip6Fw - ok
16:18:06.0296 3372        IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:18:06.0296 3372        IpFilterDriver - ok
16:18:06.0328 3372        IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:18:06.0328 3372        IpInIp - ok
16:18:06.0375 3372        IpNat          (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:18:06.0375 3372        IpNat - ok
16:18:06.0406 3372        IPSec          (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:18:06.0406 3372        IPSec - ok
16:18:06.0437 3372        IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
16:18:06.0437 3372        IRENUM - ok
16:18:06.0500 3372        isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:18:06.0500 3372        isapnp - ok
16:18:06.0531 3372        Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:18:06.0531 3372        Kbdclass - ok
16:18:06.0546 3372        kbdhid          (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
16:18:06.0546 3372        kbdhid - ok
16:18:06.0609 3372        kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
16:18:06.0625 3372        kmixer - ok
16:18:06.0828 3372        KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
16:18:06.0828 3372        KSecDD - ok
16:18:06.0859 3372        lbrtfdc - ok
16:18:07.0015 3372        mnmdd          (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
16:18:07.0031 3372        mnmdd - ok
16:18:07.0140 3372        Modem          (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
16:18:07.0140 3372        Modem - ok
16:18:07.0187 3372        Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:18:07.0187 3372        Mouclass - ok
16:18:07.0250 3372        mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:18:07.0250 3372        mouhid - ok
16:18:07.0296 3372        MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
16:18:07.0296 3372        MountMgr - ok
16:18:07.0343 3372        mraid35x        (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
16:18:07.0343 3372        mraid35x - ok
16:18:07.0343 3372        MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:18:07.0343 3372        MRxDAV - ok
16:18:07.0421 3372        MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:18:07.0437 3372        MRxSmb - ok
16:18:07.0500 3372        Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
16:18:07.0500 3372        Msfs - ok
16:18:07.0531 3372        MSKSSRV        (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:18:07.0531 3372        MSKSSRV - ok
16:18:07.0562 3372        MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:18:07.0562 3372        MSPCLOCK - ok
16:18:07.0562 3372        MSPQM          (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
16:18:07.0578 3372        MSPQM - ok
16:18:07.0625 3372        mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:18:07.0625 3372        mssmbios - ok
16:18:07.0656 3372        MSTEE          (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
16:18:07.0656 3372        MSTEE - ok
16:18:07.0703 3372        Mup            (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
16:18:07.0703 3372        Mup - ok
16:18:07.0750 3372        NABTSFEC        (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
16:18:07.0750 3372        NABTSFEC - ok
16:18:08.0000 3372        NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
16:18:08.0000 3372        NDIS - ok
16:18:08.0031 3372        NdisIP          (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
16:18:08.0031 3372        NdisIP - ok
16:18:08.0078 3372        NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:18:08.0078 3372        NdisTapi - ok
16:18:08.0093 3372        Ndisuio        (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:18:08.0093 3372        Ndisuio - ok
16:18:08.0125 3372        NdisWan        (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:18:08.0125 3372        NdisWan - ok
16:18:08.0171 3372        NDProxy        (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
16:18:08.0171 3372        NDProxy - ok
16:18:08.0234 3372        NetBIOS        (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
16:18:08.0234 3372        NetBIOS - ok
16:18:08.0265 3372        NetBT          (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
16:18:08.0265 3372        NetBT - ok
16:18:08.0296 3372        Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
16:18:08.0296 3372        Npfs - ok
16:18:08.0312 3372        Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
16:18:08.0328 3372        Ntfs - ok
16:18:08.0375 3372        Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
16:18:08.0375 3372        Null - ok
16:18:08.0609 3372        nv              (8c0456001b6900114bbb1c548bd8aaf5) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
16:18:08.0656 3372        nv - ok
16:18:08.0671 3372        NVENETFD        (1492c7738f68625805f5f53c8bad24c6) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
16:18:08.0671 3372        NVENETFD - ok
16:18:08.0703 3372        nvnetbus        (ae73e61f07ddc84255bece6b02f18390) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
16:18:08.0718 3372        nvnetbus - ok
16:18:08.0750 3372        NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:18:08.0750 3372        NwlnkFlt - ok
16:18:08.0765 3372        NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:18:08.0765 3372        NwlnkFwd - ok
16:18:08.0812 3372        P3              (a7af0c0860f1c43fc6581ba8a99eabef) C:\WINDOWS\system32\DRIVERS\p3.sys
16:18:08.0812 3372        P3 - ok
16:18:08.0843 3372        Parport        (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
16:18:08.0843 3372        Parport - ok
16:18:08.0875 3372        PartMgr        (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
16:18:08.0875 3372        PartMgr - ok
16:18:08.0921 3372        ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
16:18:08.0921 3372        ParVdm - ok
16:18:08.0921 3372        PCI            (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
16:18:08.0937 3372        PCI - ok
16:18:08.0937 3372        PCIDump - ok
16:18:08.0953 3372        PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
16:18:08.0953 3372        PCIIde - ok
16:18:08.0984 3372        Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
16:18:08.0984 3372        Pcmcia - ok
16:18:09.0000 3372        PDCOMP - ok
16:18:09.0000 3372        PDFRAME - ok
16:18:09.0015 3372        PDRELI - ok
16:18:09.0015 3372        PDRFRAME - ok
16:18:09.0046 3372        perc2          (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
16:18:09.0046 3372        perc2 - ok
16:18:09.0062 3372        perc2hib        (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
16:18:09.0062 3372        perc2hib - ok
16:18:09.0109 3372        PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:18:09.0109 3372        PptpMiniport - ok
16:18:09.0125 3372        Ptilink        (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:18:09.0125 3372        Ptilink - ok
16:18:09.0140 3372        ql1080          (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
16:18:09.0140 3372        ql1080 - ok
16:18:09.0140 3372        Ql10wnt        (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
16:18:09.0140 3372        Ql10wnt - ok
16:18:09.0171 3372        ql12160        (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
16:18:09.0171 3372        ql12160 - ok
16:18:09.0171 3372        ql1240          (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
16:18:09.0171 3372        ql1240 - ok
16:18:09.0187 3372        ql1280          (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
16:18:09.0187 3372        ql1280 - ok
16:18:09.0234 3372        RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:18:09.0234 3372        RasAcd - ok
16:18:09.0234 3372        Rasl2tp        (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:18:09.0250 3372        Rasl2tp - ok
16:18:09.0265 3372        RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:18:09.0265 3372        RasPppoe - ok
16:18:09.0265 3372        Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
16:18:09.0265 3372        Raspti - ok
16:18:09.0312 3372        Rdbss          (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:18:09.0312 3372        Rdbss - ok
16:18:09.0328 3372        RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:18:09.0328 3372        RDPCDD - ok
16:18:09.0375 3372        rdpdr          (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
16:18:09.0375 3372        rdpdr - ok
16:18:09.0437 3372        RDPWD          (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
16:18:09.0437 3372        RDPWD - ok
16:18:09.0484 3372        redbook        (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
16:18:09.0484 3372        redbook - ok
16:18:09.0562 3372        Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:18:09.0562 3372        Secdrv - ok
16:18:09.0609 3372        serenum        (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
16:18:09.0609 3372        serenum - ok
16:18:09.0625 3372        Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
16:18:09.0625 3372        Serial - ok
16:18:09.0656 3372        Sfloppy        (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
16:18:09.0656 3372        Sfloppy - ok
16:18:09.0687 3372        Simbad - ok
16:18:09.0734 3372        sisagp          (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
16:18:09.0734 3372        sisagp - ok
16:18:09.0765 3372        SLIP            (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
16:18:09.0765 3372        SLIP - ok
16:18:09.0968 3372        SNPSTD3        (7a466c97346f98deef87a884304893fd) C:\WINDOWS\system32\DRIVERS\snpstd3.sys
16:18:10.0031 3372        SNPSTD3 - ok
16:18:10.0062 3372        SONYPVU1        (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
16:18:10.0062 3372        SONYPVU1 - ok
16:18:10.0093 3372        Sparrow        (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
16:18:10.0093 3372        Sparrow - ok
16:18:10.0140 3372        splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
16:18:10.0140 3372        splitter - ok
16:18:10.0203 3372        sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
16:18:10.0203 3372        sr - ok
16:18:10.0250 3372        Srv            (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
16:18:10.0250 3372        Srv - ok
16:18:10.0296 3372        ssmdrv          (5ec550b8952882ee856b862cf648522d) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
16:18:10.0296 3372        ssmdrv - ok
16:18:10.0328 3372        streamip        (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
16:18:10.0343 3372        streamip - ok
16:18:10.0375 3372        swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
16:18:10.0375 3372        swenum - ok
16:18:10.0390 3372        swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
16:18:10.0390 3372        swmidi - ok
16:18:10.0421 3372        symc810        (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
16:18:10.0421 3372        symc810 - ok
16:18:10.0437 3372        symc8xx        (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
16:18:10.0437 3372        symc8xx - ok
16:18:10.0453 3372        sym_hi          (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
16:18:10.0453 3372        sym_hi - ok
16:18:10.0468 3372        sym_u3          (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
16:18:10.0468 3372        sym_u3 - ok
16:18:10.0500 3372        sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
16:18:10.0500 3372        sysaudio - ok
16:18:10.0578 3372        Tcpip          (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:18:10.0578 3372        Tcpip - ok
16:18:10.0609 3372        TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
16:18:10.0609 3372        TDPIPE - ok
16:18:10.0625 3372        TDTCP          (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
16:18:10.0625 3372        TDTCP - ok
16:18:10.0656 3372        TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
16:18:10.0656 3372        TermDD - ok
16:18:10.0734 3372        tidnet          (e27982d1c30ae1dd7eb8eb5caf8d20c6) C:\WINDOWS\system32\DRIVERS\tidnet.sys
16:18:10.0734 3372        tidnet - ok
16:18:10.0781 3372        TosIde          (d213a9247dc347f305a2d4cc9b951487) C:\WINDOWS\system32\DRIVERS\toside.sys
16:18:10.0781 3372        TosIde - ok
16:18:10.0812 3372        Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
16:18:10.0828 3372        Udfs - ok
16:18:10.0843 3372        ultra          (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
16:18:10.0843 3372        ultra - ok
16:18:10.0890 3372        Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
16:18:10.0890 3372        Update - ok
16:18:10.0937 3372        usbaudio        (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
16:18:10.0937 3372        usbaudio - ok
16:18:10.0984 3372        usbccgp        (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:18:10.0984 3372        usbccgp - ok
16:18:11.0031 3372        usbehci        (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:18:11.0031 3372        usbehci - ok
16:18:11.0046 3372        usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:18:11.0046 3372        usbhub - ok
16:18:11.0062 3372        usbohci        (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
16:18:11.0062 3372        usbohci - ok
16:18:11.0093 3372        usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
16:18:11.0093 3372        usbprint - ok
16:18:11.0125 3372        usbscan        (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:18:11.0125 3372        usbscan - ok
16:18:11.0156 3372        USBSTOR        (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:18:11.0156 3372        USBSTOR - ok
16:18:11.0218 3372        usbuhci        (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
16:18:11.0218 3372        usbuhci - ok
16:18:11.0312 3372        VgaSave        (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
16:18:11.0312 3372        VgaSave - ok
16:18:11.0421 3372        viaagp          (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
16:18:11.0421 3372        viaagp - ok
16:18:11.0484 3372        ViaIde          (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
16:18:11.0484 3372        ViaIde - ok
16:18:11.0500 3372        VolSnap        (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
16:18:11.0500 3372        VolSnap - ok
16:18:11.0546 3372        Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:18:11.0546 3372        Wanarp - ok
16:18:11.0656 3372        Wdf01000        (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
16:18:11.0671 3372        Wdf01000 - ok
16:18:11.0671 3372        WDICA - ok
16:18:11.0718 3372        wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
16:18:11.0718 3372        wdmaud - ok
16:18:11.0796 3372        WpdUsb          (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
16:18:11.0796 3372        WpdUsb - ok
16:18:11.0843 3372        WSTCODEC        (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
16:18:11.0843 3372        WSTCODEC - ok
16:18:11.0890 3372        WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
16:18:11.0890 3372        WudfPf - ok
16:18:11.0921 3372        WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
16:18:11.0937 3372        WudfRd - ok
16:18:11.0984 3372        MBR (0x1B8)    (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
16:18:12.0093 3372        \Device\Harddisk0\DR0 - ok
16:18:12.0109 3372        MBR (0x1B8)    (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR2
16:18:12.0187 3372        \Device\Harddisk1\DR2 - ok
16:18:12.0203 3372        Boot (0x1200)  (ee288937d795ce77ef43004ba2e08905) \Device\Harddisk0\DR0\Partition0
16:18:12.0203 3372        \Device\Harddisk0\DR0\Partition0 - ok
16:18:12.0218 3372        Boot (0x1200)  (dbf9b7613fbb48c468bbd3afae8281c6) \Device\Harddisk1\DR2\Partition0
16:18:12.0218 3372        \Device\Harddisk1\DR2\Partition0 - ok
16:18:12.0218 3372        ============================================================
16:18:12.0218 3372        Scan finished
16:18:12.0218 3372        ============================================================
16:18:12.0234 1932        Detected object count: 0
16:18:12.0234 1932        Actual detected object count: 0
16:19:06.0562 3304        ============================================================
16:19:06.0562 3304        Scan started
16:19:06.0562 3304        Mode: Manual;
16:19:06.0562 3304        ============================================================
16:19:06.0859 3304        Abiosdsk - ok
16:19:06.0890 3304        abp480n5        (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
16:19:06.0890 3304        abp480n5 - ok
16:19:06.0984 3304        ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:19:06.0984 3304        ACPI - ok
16:19:07.0000 3304        ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
16:19:07.0000 3304        ACPIEC - ok
16:19:07.0000 3304        adpu160m        (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
16:19:07.0000 3304        adpu160m - ok
16:19:07.0031 3304        adpu320        (e4e13ce4c85c7e45a643ba54b8c8b16b) C:\WINDOWS\system32\DRIVERS\adpu320.sys
16:19:07.0031 3304        adpu320 - ok
16:19:07.0062 3304        aec            (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
16:19:07.0062 3304        aec - ok
16:19:07.0125 3304        AegisP          (2c5c22990156a1063e19ad162191dc1d) C:\WINDOWS\system32\DRIVERS\AegisP.sys
16:19:07.0125 3304        AegisP - ok
16:19:07.0171 3304        AFD            (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
16:19:07.0171 3304        AFD - ok
16:19:07.0234 3304        agp440          (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
16:19:07.0234 3304        agp440 - ok
16:19:07.0281 3304        agpCPQ          (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
16:19:07.0281 3304        agpCPQ - ok
16:19:07.0296 3304        Aha154x        (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
16:19:07.0296 3304        Aha154x - ok
16:19:07.0296 3304        aic78u2        (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
16:19:07.0296 3304        aic78u2 - ok
16:19:07.0312 3304        aic78xx        (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
16:19:07.0312 3304        aic78xx - ok
16:19:07.0328 3304        AliIde          (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
16:19:07.0328 3304        AliIde - ok
16:19:07.0375 3304        alim1541        (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
16:19:07.0375 3304        alim1541 - ok
16:19:07.0390 3304        amdagp          (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
16:19:07.0390 3304        amdagp - ok
16:19:07.0453 3304        AmdK8          (efbb0956baed786e137351b5ca272aef) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
16:19:07.0453 3304        AmdK8 - ok
16:19:07.0500 3304        amsint          (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
16:19:07.0500 3304        amsint - ok
16:19:07.0562 3304        AR5211          (08e03e8ab837dc9dd2737930ecd19fbc) C:\WINDOWS\system32\DRIVERS\WPN311.sys
16:19:07.0562 3304        AR5211 - ok
16:19:07.0578 3304        asc            (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
16:19:07.0578 3304        asc - ok
16:19:07.0578 3304        asc3350p        (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
16:19:07.0593 3304        asc3350p - ok
16:19:07.0593 3304        asc3550        (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
16:19:07.0593 3304        asc3550 - ok
16:19:07.0687 3304        AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:19:07.0687 3304        AsyncMac - ok
16:19:07.0875 3304        atapi          (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
16:19:07.0875 3304        atapi - ok
16:19:07.0890 3304        Atdisk - ok
16:19:07.0921 3304        Atmarpc        (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:19:07.0921 3304        Atmarpc - ok
16:19:07.0953 3304        audstub        (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
16:19:07.0953 3304        audstub - ok
16:19:08.0109 3304        avgio          (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Programme\Avira\AntiVir Desktop\avgio.sys
16:19:08.0109 3304        avgio - ok
16:19:08.0265 3304        avgntflt        (14fe36d8f2c6a2435275338d061a0b66) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
16:19:08.0265 3304        avgntflt - ok
16:19:08.0281 3304        avipbb          (6d52060b59e7d79cd2a044b6add1f1ef) C:\WINDOWS\system32\DRIVERS\avipbb.sys
16:19:08.0281 3304        avipbb - ok
16:19:08.0296 3304        Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
16:19:08.0296 3304        Beep - ok
16:19:08.0343 3304        cbidf          (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
16:19:08.0343 3304        cbidf - ok
16:19:08.0359 3304        cbidf2k        (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
16:19:08.0359 3304        cbidf2k - ok
16:19:08.0390 3304        CCDECODE        (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
16:19:08.0390 3304        CCDECODE - ok
16:19:08.0406 3304        cd20xrnt        (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
16:19:08.0406 3304        cd20xrnt - ok
16:19:08.0453 3304        Cdaudio        (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
16:19:08.0453 3304        Cdaudio - ok
16:19:08.0468 3304        Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
16:19:08.0468 3304        Cdfs - ok
16:19:08.0484 3304        Cdrom          (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:19:08.0500 3304        Cdrom - ok
16:19:08.0500 3304        Changer - ok
16:19:08.0546 3304        CmdIde          (c687f81290303d90099b027a6474f99f) C:\WINDOWS\system32\DRIVERS\cmdide.sys
16:19:08.0546 3304        CmdIde - ok
16:19:08.0578 3304        Cpqarray        (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
16:19:08.0578 3304        Cpqarray - ok
16:19:08.0609 3304        dac2w2k        (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
16:19:08.0609 3304        dac2w2k - ok
16:19:08.0609 3304        dac960nt        (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
16:19:08.0609 3304        dac960nt - ok
16:19:08.0671 3304        Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
16:19:08.0671 3304        Disk - ok
16:19:08.0718 3304        dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
16:19:08.0718 3304        dmboot - ok
16:19:08.0734 3304        dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
16:19:08.0734 3304        dmio - ok
16:19:08.0750 3304        dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
16:19:08.0750 3304        dmload - ok
16:19:08.0828 3304        DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
16:19:08.0828 3304        DMusic - ok
16:19:08.0875 3304        dpti2o          (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
16:19:08.0875 3304        dpti2o - ok
16:19:08.0906 3304        drmkaud        (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
16:19:08.0906 3304        drmkaud - ok
16:19:08.0984 3304        ewusbnet        (a52794c010c6df5b4bc70c4ab5e04088) C:\WINDOWS\system32\DRIVERS\ewusbnet.sys
16:19:08.0984 3304        ewusbnet - ok
16:19:09.0015 3304        ew_hwusbdev    (57c171ea22f0a7f068fcb0caedd1e8e7) C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys
16:19:09.0015 3304        ew_hwusbdev - ok
16:19:09.0078 3304        Fastfat        (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
16:19:09.0078 3304        Fastfat - ok
16:19:09.0093 3304        Fdc            (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
16:19:09.0093 3304        Fdc - ok
16:19:09.0140 3304        Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
16:19:09.0140 3304        Fips - ok
16:19:09.0171 3304        Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
16:19:09.0171 3304        Flpydisk - ok
16:19:09.0203 3304        FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
16:19:09.0218 3304        FltMgr - ok
16:19:09.0265 3304        Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:19:09.0265 3304        Fs_Rec - ok
16:19:09.0281 3304        Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:19:09.0281 3304        Ftdisk - ok
16:19:09.0343 3304        GEARAspiWDM    (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
16:19:09.0343 3304        GEARAspiWDM - ok
16:19:09.0390 3304        Gpc            (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:19:09.0390 3304        Gpc - ok
16:19:09.0453 3304        HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
16:19:09.0453 3304        HDAudBus - ok
16:19:09.0468 3304        HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:19:09.0468 3304        HidUsb - ok
16:19:09.0500 3304        hpn            (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
16:19:09.0500 3304        hpn - ok
16:19:09.0562 3304        HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
16:19:09.0562 3304        HTTP - ok
16:19:09.0625 3304        huawei_enumerator (bed3a9f86a637cc6c2c5296cd82423d8) C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys
16:19:09.0625 3304        huawei_enumerator - ok
16:19:09.0656 3304        hwdatacard      (1f40368dc40b17de3fa0fbe8a9d82f9e) C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
16:19:09.0656 3304        hwdatacard - ok
16:19:09.0718 3304        i2omgmt        (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
16:19:09.0718 3304        i2omgmt - ok
16:19:09.0750 3304        i2omp          (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
16:19:09.0750 3304        i2omp - ok
16:19:09.0796 3304        i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:19:09.0796 3304        i8042prt - ok
16:19:09.0843 3304        iaStor          (2358c53f30cb9dcd1d3843c4e2f299b2) C:\WINDOWS\system32\DRIVERS\iaStor.sys
16:19:09.0859 3304        iaStor - ok
16:19:09.0906 3304        Imapi          (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
16:19:09.0921 3304        Imapi - ok
16:19:09.0953 3304        ini910u        (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
16:19:09.0953 3304        ini910u - ok
16:19:10.0156 3304        IntcAzAudAddService (1824c4894aa438cd06c976e44b9e7353) C:\WINDOWS\system32\drivers\RtkHDAud.sys
16:19:10.0218 3304        IntcAzAudAddService - ok
16:19:10.0406 3304        IntelIde        (69c4e3c9e67a1f103b94e14fdd5f3213) C:\WINDOWS\system32\DRIVERS\intelide.sys
16:19:10.0406 3304        IntelIde - ok
16:19:10.0468 3304        Ip6Fw          (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
16:19:10.0468 3304        Ip6Fw - ok
16:19:10.0500 3304        IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:19:10.0500 3304        IpFilterDriver - ok
16:19:10.0515 3304        IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:19:10.0515 3304        IpInIp - ok
16:19:10.0546 3304        IpNat          (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:19:10.0546 3304        IpNat - ok
16:19:10.0578 3304        IPSec          (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:19:10.0578 3304        IPSec - ok
16:19:10.0609 3304        IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
16:19:10.0609 3304        IRENUM - ok
16:19:10.0640 3304        isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:19:10.0640 3304        isapnp - ok
16:19:10.0656 3304        Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:19:10.0656 3304        Kbdclass - ok
16:19:10.0671 3304        kbdhid          (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
16:19:10.0671 3304        kbdhid - ok
16:19:10.0734 3304        kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
16:19:10.0734 3304        kmixer - ok
16:19:10.0781 3304        KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
16:19:10.0781 3304        KSecDD - ok
16:19:10.0828 3304        lbrtfdc - ok
16:19:10.0890 3304        mnmdd          (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
16:19:10.0890 3304        mnmdd - ok
16:19:10.0953 3304        Modem          (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
16:19:10.0953 3304        Modem - ok
16:19:10.0984 3304        Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:19:11.0000 3304        Mouclass - ok
16:19:11.0062 3304        mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:19:11.0062 3304        mouhid - ok
16:19:11.0078 3304        MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
16:19:11.0093 3304        MountMgr - ok
16:19:11.0125 3304        mraid35x        (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
16:19:11.0125 3304        mraid35x - ok
16:19:11.0171 3304        MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:19:11.0171 3304        MRxDAV - ok
16:19:11.0218 3304        MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:19:11.0234 3304        MRxSmb - ok
16:19:11.0312 3304        Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
16:19:11.0312 3304        Msfs - ok
16:19:11.0359 3304        MSKSSRV        (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:19:11.0359 3304        MSKSSRV - ok
16:19:11.0390 3304        MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:19:11.0390 3304        MSPCLOCK - ok
16:19:11.0406 3304        MSPQM          (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
16:19:11.0406 3304        MSPQM - ok
16:19:11.0468 3304        mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:19:11.0484 3304        mssmbios - ok
16:19:11.0531 3304        MSTEE          (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
16:19:11.0531 3304        MSTEE - ok
16:19:11.0562 3304        Mup            (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
16:19:11.0578 3304        Mup - ok
16:19:11.0625 3304        NABTSFEC        (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
16:19:11.0625 3304        NABTSFEC - ok
16:19:11.0687 3304        NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
16:19:11.0687 3304        NDIS - ok
16:19:11.0718 3304        NdisIP          (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
16:19:11.0718 3304        NdisIP - ok
16:19:11.0765 3304        NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:19:11.0765 3304        NdisTapi - ok
16:19:11.0843 3304        Ndisuio        (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:19:11.0843 3304        Ndisuio - ok
16:19:11.0859 3304        NdisWan        (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:19:11.0859 3304        NdisWan - ok
16:19:11.0937 3304        NDProxy        (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
16:19:11.0937 3304        NDProxy - ok
16:19:12.0000 3304        NetBIOS        (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
16:19:12.0000 3304        NetBIOS - ok
16:19:12.0062 3304        NetBT          (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
16:19:12.0062 3304        NetBT - ok
16:19:12.0265 3304        Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
16:19:12.0265 3304        Npfs - ok
16:19:12.0312 3304        Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
16:19:12.0328 3304        Ntfs - ok
16:19:12.0406 3304        Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
16:19:12.0406 3304        Null - ok
16:19:12.0687 3304        nv              (8c0456001b6900114bbb1c548bd8aaf5) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
16:19:12.0781 3304        nv - ok
16:19:12.0953 3304        NVENETFD        (1492c7738f68625805f5f53c8bad24c6) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
16:19:12.0953 3304        NVENETFD - ok
16:19:13.0000 3304        nvnetbus        (ae73e61f07ddc84255bece6b02f18390) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
16:19:13.0000 3304        nvnetbus - ok
16:19:13.0046 3304        NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:19:13.0046 3304        NwlnkFlt - ok
16:19:13.0046 3304        NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:19:13.0046 3304        NwlnkFwd - ok
16:19:13.0093 3304        P3              (a7af0c0860f1c43fc6581ba8a99eabef) C:\WINDOWS\system32\DRIVERS\p3.sys
16:19:13.0093 3304        P3 - ok
16:19:13.0140 3304        Parport        (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
16:19:13.0140 3304        Parport - ok
16:19:13.0171 3304        PartMgr        (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
16:19:13.0171 3304        PartMgr - ok
16:19:13.0203 3304        ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
16:19:13.0203 3304        ParVdm - ok
16:19:13.0203 3304        PCI            (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
16:19:13.0203 3304        PCI - ok
16:19:13.0218 3304        PCIDump - ok
16:19:13.0234 3304        PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
16:19:13.0234 3304        PCIIde - ok
16:19:13.0250 3304        Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
16:19:13.0250 3304        Pcmcia - ok
16:19:13.0265 3304        PDCOMP - ok
16:19:13.0265 3304        PDFRAME - ok
16:19:13.0281 3304        PDRELI - ok
16:19:13.0296 3304        PDRFRAME - ok
16:19:13.0312 3304        perc2          (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
16:19:13.0312 3304        perc2 - ok
16:19:13.0328 3304        perc2hib        (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
16:19:13.0328 3304        perc2hib - ok
16:19:13.0375 3304        PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:19:13.0375 3304        PptpMiniport - ok
16:19:13.0390 3304        Ptilink        (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:19:13.0390 3304        Ptilink - ok
16:19:13.0421 3304        ql1080          (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
16:19:13.0437 3304        ql1080 - ok
16:19:13.0437 3304        Ql10wnt        (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
16:19:13.0437 3304        Ql10wnt - ok
16:19:13.0453 3304        ql12160        (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
16:19:13.0453 3304        ql12160 - ok
16:19:13.0468 3304        ql1240          (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
16:19:13.0468 3304        ql1240 - ok
16:19:13.0468 3304        ql1280          (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
16:19:13.0468 3304        ql1280 - ok
16:19:13.0515 3304        RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:19:13.0515 3304        RasAcd - ok
16:19:13.0578 3304        Rasl2tp        (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:19:13.0593 3304        Rasl2tp - ok
16:19:13.0593 3304        RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:19:13.0593 3304        RasPppoe - ok
16:19:13.0609 3304        Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
16:19:13.0609 3304        Raspti - ok
16:19:13.0640 3304        Rdbss          (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:19:13.0640 3304        Rdbss - ok
16:19:13.0640 3304        RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:19:13.0640 3304        RDPCDD - ok
16:19:13.0703 3304        rdpdr          (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
16:19:13.0718 3304        rdpdr - ok
16:19:13.0765 3304        RDPWD          (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
16:19:13.0765 3304        RDPWD - ok
16:19:13.0812 3304        redbook        (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
16:19:13.0812 3304        redbook - ok
16:19:13.0875 3304        Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:19:13.0890 3304        Secdrv - ok
16:19:13.0937 3304        serenum        (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
16:19:13.0937 3304        serenum - ok
16:19:13.0953 3304        Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
16:19:13.0953 3304        Serial - ok
16:19:13.0968 3304        Sfloppy        (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
16:19:13.0984 3304        Sfloppy - ok
16:19:14.0000 3304        Simbad - ok
16:19:14.0062 3304        sisagp          (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
16:19:14.0062 3304        sisagp - ok
16:19:14.0093 3304        SLIP            (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
16:19:14.0093 3304        SLIP - ok
16:19:14.0312 3304        SNPSTD3        (7a466c97346f98deef87a884304893fd) C:\WINDOWS\system32\DRIVERS\snpstd3.sys
16:19:14.0375 3304        SNPSTD3 - ok
16:19:14.0546 3304        SONYPVU1        (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
16:19:14.0546 3304        SONYPVU1 - ok
16:19:14.0625 3304        Sparrow        (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
16:19:14.0625 3304        Sparrow - ok
16:19:14.0671 3304        splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
16:19:14.0671 3304        splitter - ok
16:19:14.0703 3304        sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
16:19:14.0703 3304        sr - ok
16:19:14.0734 3304        Srv            (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
16:19:14.0750 3304        Srv - ok
16:19:14.0812 3304        ssmdrv          (5ec550b8952882ee856b862cf648522d) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
16:19:14.0812 3304        ssmdrv - ok
16:19:14.0843 3304        streamip        (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
16:19:14.0843 3304        streamip - ok
16:19:14.0890 3304        swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
16:19:14.0890 3304        swenum - ok
16:19:14.0906 3304        swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
16:19:14.0906 3304        swmidi - ok
16:19:14.0937 3304        symc810        (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
16:19:14.0937 3304        symc810 - ok
16:19:14.0953 3304        symc8xx        (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
16:19:14.0953 3304        symc8xx - ok
16:19:14.0984 3304        sym_hi          (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
16:19:14.0984 3304        sym_hi - ok
16:19:15.0000 3304        sym_u3          (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
16:19:15.0000 3304        sym_u3 - ok
16:19:15.0046 3304        sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
16:19:15.0062 3304        sysaudio - ok
16:19:15.0281 3304        Tcpip          (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:19:15.0281 3304        Tcpip - ok
16:19:15.0328 3304        TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
16:19:15.0328 3304        TDPIPE - ok
16:19:15.0406 3304        TDTCP          (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
16:19:15.0406 3304        TDTCP - ok
16:19:15.0453 3304        TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
16:19:15.0453 3304        TermDD - ok
16:19:15.0562 3304        tidnet          (e27982d1c30ae1dd7eb8eb5caf8d20c6) C:\WINDOWS\system32\DRIVERS\tidnet.sys
16:19:15.0562 3304        tidnet - ok
16:19:15.0609 3304        TosIde          (d213a9247dc347f305a2d4cc9b951487) C:\WINDOWS\system32\DRIVERS\toside.sys
16:19:15.0609 3304        TosIde - ok
16:19:15.0671 3304        Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
16:19:15.0671 3304        Udfs - ok
16:19:15.0687 3304        ultra          (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
16:19:15.0687 3304        ultra - ok
16:19:15.0750 3304        Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
16:19:15.0750 3304        Update - ok
16:19:15.0812 3304        usbaudio        (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
16:19:15.0812 3304        usbaudio - ok
16:19:15.0843 3304        usbccgp        (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:19:15.0843 3304        usbccgp - ok
16:19:15.0906 3304        usbehci        (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:19:15.0906 3304        usbehci - ok
16:19:15.0968 3304        usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:19:15.0968 3304        usbhub - ok
16:19:16.0015 3304        usbohci        (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
16:19:16.0015 3304        usbohci - ok
16:19:16.0062 3304        usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
16:19:16.0062 3304        usbprint - ok
16:19:16.0078 3304        usbscan        (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:19:16.0093 3304        usbscan - ok
16:19:16.0125 3304        USBSTOR        (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:19:16.0125 3304        USBSTOR - ok
16:19:16.0156 3304        usbuhci        (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
16:19:16.0156 3304        usbuhci - ok
16:19:16.0187 3304        VgaSave        (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
16:19:16.0187 3304        VgaSave - ok
16:19:16.0250 3304        viaagp          (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
16:19:16.0250 3304        viaagp - ok
16:19:16.0312 3304        ViaIde          (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
16:19:16.0312 3304        ViaIde - ok
16:19:16.0312 3304        VolSnap        (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
16:19:16.0328 3304        VolSnap - ok
16:19:16.0406 3304        Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:19:16.0406 3304        Wanarp - ok
16:19:16.0484 3304        Wdf01000        (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
16:19:16.0500 3304        Wdf01000 - ok
16:19:16.0562 3304        WDICA - ok
16:19:16.0640 3304        wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
16:19:16.0640 3304        wdmaud - ok
16:19:16.0781 3304        WpdUsb          (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
16:19:16.0781 3304        WpdUsb - ok
16:19:16.0828 3304        WSTCODEC        (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
16:19:16.0843 3304        WSTCODEC - ok
16:19:16.0890 3304        WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
16:19:16.0890 3304        WudfPf - ok
16:19:16.0968 3304        WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
16:19:16.0968 3304        WudfRd - ok
16:19:17.0046 3304        MBR (0x1B8)    (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
16:19:17.0156 3304        \Device\Harddisk0\DR0 - ok
16:19:17.0171 3304        MBR (0x1B8)    (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR2
16:19:17.0265 3304        \Device\Harddisk1\DR2 - ok
16:19:17.0265 3304        Boot (0x1200)  (ee288937d795ce77ef43004ba2e08905) \Device\Harddisk0\DR0\Partition0
16:19:17.0265 3304        \Device\Harddisk0\DR0\Partition0 - ok
16:19:17.0281 3304        Boot (0x1200)  (dbf9b7613fbb48c468bbd3afae8281c6) \Device\Harddisk1\DR2\Partition0
16:19:17.0281 3304        \Device\Harddisk1\DR2\Partition0 - ok
16:19:17.0281 3304        ============================================================
16:19:17.0281 3304        Scan finished
16:19:17.0281 3304        ============================================================
16:19:17.0296 2456        Detected object count: 0
16:19:17.0296 2456        Actual detected object count: 0
ich hoffe es passt alles? :)

vielen Danke :)

Chris4You 13.02.2012 16:29
Hi,

ja, sieht gut aus...
Wenn keine Beeiträchtigungen mehr da sind, sollte es das gewesen sein...

chris

donnaca 13.02.2012 16:30
super :D

Vielen, vielen Dank! du hast meinen PC (und meine Nerven ;)) echt gerettet :dankeschoen:


Alle Zeitangaben in WEZ +1. Es ist jetzt 06:16 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131