GVU-Virus hat zugeschlagen
Hallo Team,
Mich hat der GVU-Virus mit schlechter Sprachausgabe und Webcamfeld, außerdem der Forderung nach 100 Euro erwischt. Ich hoffe jemand kann mir helfen.
Habe ein 32Bit-System.
Hier meine Logs (Die Extra von OTL kam bei mir nicht):
OTL-Log: Code:
OTL logfile created on: 21.11.2012 02:38:58 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\fabi\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,50 Gb Total Physical Memory | 3,17 Gb Available Physical Memory | 90,53% Memory free
5,34 Gb Paging File | 5,19 Gb Available in Paging File | 97,16% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 48,83 Gb Total Space | 31,72 Gb Free Space | 64,97% Space Free | Partition Type: NTFS
Drive E: | 203,53 Gb Total Space | 100,24 Gb Free Space | 49,25% Space Free | Partition Type: NTFS
Drive F: | 203,64 Gb Total Space | 109,76 Gb Free Space | 53,90% Space Free | Partition Type: NTFS
Drive J: | 963,70 Mb Total Space | 233,30 Mb Free Space | 24,21% Space Free | Partition Type: FAT
Computer Name: ***** | User Name: fabi | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Dokumente und Einstellungen\fabi\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Hercules\WiFiStationN\WiFiN.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\WINDOWS\system32\xvid.ax ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
========== Services (SafeList) ==========
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Application Updater) -- C:\Programme\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (UI Assistant Service) -- C:\Programme\1&1 Surf-Stick\AssistantServices.exe ()
SRV - (WTGService) -- C:\Programme\Verbindungsassistent\WTGService.exe ()
SRV - (NMSAccessU) -- F:\Programme\CDBurnerXP\NMSAccessU.exe ()
SRV - (HerculesWiFi) -- C:\WINDOWS\system32\HerculesWiFiService.exe (Guillemot Corporation)
SRV - (NVIDIA Performance Driver Service) -- C:\Programme\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe ()
SRV - (appdrvrem01) -- C:\WINDOWS\System32\appdrvrem01.exe (Protection Technology)
SRV - (GEST Service) -- C:\Programme\GIGABYTE\GEST\GSvr.exe ()
SRV - (TabletServicePen) -- C:\WINDOWS\system32\Pen_Tablet.exe (Wacom Technology, Corp.)
SRV - (ProtexisLicensing) -- C:\WINDOWS\system32\PSIService.exe ()
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (apazfqjo) -- File not found
DRV - (gdrv) -- C:\WINDOWS\gdrv.sys (Windows (R) 2000 DDK provider)
DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (ew_hwusbdev) -- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV - (ZTEusbser6k) -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV - (ZTEusbnmea) -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV - (ZTEusbmdm6k) -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV - (massfilter) -- C:\WINDOWS\system32\drivers\massfilter.sys (MBB Incorporated)
DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (atksgt) -- C:\WINDOWS\system32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\WINDOWS\system32\drivers\lirsgt.sys ()
DRV - (L6PODX3LV) -- C:\WINDOWS\system32\drivers\L6PODX3LV.sys (Line 6)
DRV - (RTL8192su) -- C:\WINDOWS\system32\drivers\RTL8192su.sys (Realtek Semiconductor Corporation )
DRV - (oreans32) -- C:\WINDOWS\system32\drivers\oreans32.sys ()
DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (appdrv01) -- C:\WINDOWS\system32\drivers\appdrv01.sys (Protection Technology)
DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys ()
DRV - (ET5Drv) -- C:\WINDOWS\system32\drivers\ET5Drv.sys (Windows (R) 2000 DDK provider)
DRV - (JRAID) -- C:\WINDOWS\system32\drivers\jraid.sys (JMicron Technology Corp.)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (wacommousefilter) -- C:\WINDOWS\system32\drivers\wacommousefilter.sys (Wacom Technology)
DRV - (wacomvhid) -- C:\WINDOWS\system32\drivers\wacomvhid.sys (Wacom Technology)
DRV - (WacomVKHid) -- C:\WINDOWS\system32\drivers\WacomVKHid.sys (Wacom Technology)
DRV - (RTL8187B) -- C:\WINDOWS\system32\drivers\rtl8187B.sys (Realtek Semiconductor Corporation )
DRV - (NwlnkIpx) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys (Microsoft Corporation)
DRV - (NwlnkNb) -- C:\WINDOWS\system32\drivers\nwlnknb.sys (Microsoft Corporation)
DRV - (NwlnkSpx) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys (Microsoft Corporation)
DRV - (QCEmerald) -- C:\WINDOWS\system32\drivers\OVCE.sys (Microsoft Corporation)
DRV - (lusbaudio) -- C:\WINDOWS\system32\drivers\OVSound2.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-854245398-1482476501-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-854245398-1482476501-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-854245398-1482476501-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.fbdownloader.com/?channel=sfde203fbdgy21
IE - HKU\S-1-5-21-854245398-1482476501-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-854245398-1482476501-839522115-1003\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\6.5\pdfforgeToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-854245398-1482476501-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-854245398-1482476501-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com
IE - HKU\S-1-5-21-854245398-1482476501-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=971163"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "hxxp://www.ecosia.org/"
FF - prefs.js..extensions.enabledAddons: pdfforge@mybrowserbar.com:6.5
FF - prefs.js..extensions.enabledAddons: wtxpcom@mybrowserbar.com:6.5
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.21.0
FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:6.3
FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:6.3
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: E:\Programme\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: E:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: E:\Programme\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: E:\Programme\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer: C:\Programme\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2009.02.22 15:17:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.10.26 21:55:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.10.24 08:26:47 | 000,000,000 | ---D | M]
[2009.02.22 18:40:53 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\fabi\Anwendungsdaten\Mozilla\Extensions
[2012.11.21 01:19:36 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\fabi\Anwendungsdaten\Mozilla\Firefox\Profiles\f7ant1ft.default\extensions
[2010.05.03 20:03:36 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Dokumente und Einstellungen\fabi\Anwendungsdaten\Mozilla\Firefox\Profiles\f7ant1ft.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009.07.08 21:26:07 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Dokumente und Einstellungen\fabi\Anwendungsdaten\Mozilla\Firefox\Profiles\f7ant1ft.default\extensions\battlefieldheroespatcher@ea.com
[2012.10.24 08:26:50 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2008.07.04 21:26:05 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2008.07.04 21:26:05 | 000,000,000 | ---D | M] (Google Settings) -- C:\Programme\Mozilla Firefox\extensions\google-gzfb@partners.mozilla.com
[2012.07.08 21:27:44 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\searchsettings@spigot.com
[2012.10.26 21:55:34 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAMME\GEMEINSAME DATEIEN\SPIGOT\WTXPCOM
[2012.10.25 10:03:21 | 000,000,000 | ---D | M] (pdfforge Toolbar) -- C:\PROGRAMME\PDFFORGE TOOLBAR\FF
[2012.10.26 21:55:30 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.10.26 21:55:26 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.26 21:55:26 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.10.26 21:55:26 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.26 21:55:26 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.26 21:55:26 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.26 21:55:26 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2001.08.23 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Programme\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\6.5\pdfforgeToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\6.5\pdfforgeToolbarIE.dll (Spigot, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\System32\xRaidSetup.exe (Gigabyte Technology Corp.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [GEST] C:\Programme\GIGABYTE\GEST\run.exe ()
O4 - HKLM..\Run: [ISUSPM Startup] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SearchSettings] C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] E:\Programme\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [UIExec] C:\Programme\1&1 Surf-Stick\UIExec.exe ()
O4 - HKU\S-1-5-21-854245398-1482476501-839522115-1003..\Run: [DAEMON Tools Lite] E:\Programme\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-854245398-1482476501-839522115-1003..\Run: [DataMgr] C:\Dokumente und Einstellungen\fabi\Anwendungsdaten\DataMgr\datamgr.exe (HTTO Group, Ltd.)
O4 - HKU\S-1-5-21-854245398-1482476501-839522115-1003..\Run: [Protector] C:\Dokumente und Einstellungen\fabi\Anwendungsdaten\SDIV 2.0\Prot\prot.vbs ()
O4 - HKU\S-1-5-21-854245398-1482476501-839522115-1003..\Run: [TU] C:\Dokumente und Einstellungen\fabi\Anwendungsdaten\SDIV 2.0\Prot\tu\tu.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\REALTEK USB Wireless LAN Utility.lnk = C:\Programme\REALTEK USB Wireless LAN Driver and Utility\RtWLan.exe (Realtek Semiconductor Corp.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\WiFi Station N.lnk = C:\Programme\Hercules\WiFiStationN\WiFiN.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\fabi\Startmenü\Programme\Autostart\ctfmon.lnk = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\lsass.exe (Microsoft Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\fabi\Startmenü\Programme\Autostart\OpenOffice.org 3.1.lnk = E:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-854245398-1482476501-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-854245398-1482476501-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Programme\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - E:\Programme\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - E:\Programme\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKU\S-1-5-21-854245398-1482476501-839522115-1003\..Trusted Domains: ([]msn in Arbeitsplatz)
O15 - HKU\S-1-5-21-854245398-1482476501-839522115-1003\..Trusted Domains: line6.net ([]* in Vertrauenswürdige Sites)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\system32\msdxm.ocx (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\fabi\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\fabi\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.07.04 02:36:57 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0d44b314-d800-11e1-8308-b104184ed950}\Shell - "" = AutoRun
O33 - MountPoints2\{0d44b314-d800-11e1-8308-b104184ed950}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{0d44b314-d800-11e1-8308-b104184ed950}\Shell\AutoRun\command - "" = H:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{5e5c3319-9ad9-11de-8186-001d7dd130e0}\Shell\AutoRun\command - "" = avira.exe
O33 - MountPoints2\{9384a7b8-1dab-11e2-833d-0008d380dfd1}\Shell - "" = AutoRun
O33 - MountPoints2\{9384a7b8-1dab-11e2-833d-0008d380dfd1}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{9384a7b8-1dab-11e2-833d-0008d380dfd1}\Shell\AutoRun\command - "" = H:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{ac682770-f274-11e0-82cd-9761b8509f7c}\Shell - "" = AutoRun
O33 - MountPoints2\{ac682770-f274-11e0-82cd-9761b8509f7c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ac682770-f274-11e0-82cd-9761b8509f7c}\Shell\AutoRun\command - "" = H:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{ac682774-f274-11e0-82cd-9761b8509f7c}\Shell - "" = AutoRun
O33 - MountPoints2\{ac682774-f274-11e0-82cd-9761b8509f7c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ac682774-f274-11e0-82cd-9761b8509f7c}\Shell\AutoRun\command - "" = H:\.\Autorun.exe AUTORUN=1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012.11.21 02:13:18 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\fabi\Desktop\OTL.exe
[2012.11.21 01:48:31 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2012.11.21 01:08:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de-DE
[2012.11.21 01:00:47 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft.NET
[2012.11.21 00:49:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\fabi\Anwendungsdaten\SDIV 2.0
[2012.11.21 00:49:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\fabi\Anwendungsdaten\HMN
[2012.11.21 00:49:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\fabi\Anwendungsdaten\DataMgr
[2012.11.21 00:49:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\fabi\Lokale Einstellungen\Anwendungsdaten\fbDownloader
[2012.11.21 00:48:56 | 019,027,936 | ---- | C] (DVDVideoSoft Ltd. ) -- C:\Dokumente und Einstellungen\fabi\Desktop\FreeYouTubeDownload3-1-40-1031.exe
[2012.11.20 18:02:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\fabi\helden
[2012.11.20 18:01:44 | 000,000,000 | ---D | C] -- C:\Programme\Helden-Software
[2012.11.20 18:01:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\fabi\Startmenü\Programme\Helden-Software
[2012.11.19 21:17:58 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\fabi\ms.exe
[2012.11.13 20:37:36 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\lsass.exe
[2012.10.25 10:04:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\fabi\Anwendungsdaten\Search Settings
[2012.10.25 10:03:02 | 000,000,000 | ---D | C] -- C:\Programme\Application Updater
[2012.10.25 10:03:00 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Spigot
[2012.10.25 10:03:00 | 000,000,000 | ---D | C] -- C:\Programme\pdfforge Toolbar
[2012.10.24 08:26:51 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Maintenance Service
[2012.10.24 08:26:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mozilla
[2012.10.23 10:16:28 | 000,404,920 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.11.21 02:37:10 | 000,041,984 | ---- | M] () -- C:\Dokumente und Einstellungen\fabi\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.11.21 02:13:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\fabi\Desktop\OTL.exe
[2012.11.21 02:05:47 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.11.21 01:48:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.11.21 01:38:12 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\gdrv.sys
[2012.11.21 01:35:00 | 000,210,919 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012.11.21 01:34:54 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.11.21 01:33:06 | 095,023,320 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\0tbpw.pad
[2012.11.21 01:20:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.11.21 01:11:00 | 000,513,740 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.11.21 01:11:00 | 000,490,808 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.11.21 01:11:00 | 000,099,690 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.11.21 01:11:00 | 000,083,266 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.11.21 00:49:07 | 019,027,936 | ---- | M] (DVDVideoSoft Ltd. ) -- C:\Dokumente und Einstellungen\fabi\Desktop\FreeYouTubeDownload3-1-40-1031.exe
[2012.11.20 18:02:01 | 000,000,232 | ---- | M] () -- C:\Dokumente und Einstellungen\fabi\.dsa4.properties
[2012.11.20 18:02:00 | 000,002,207 | ---- | M] () -- C:\Dokumente und Einstellungen\fabi\.heldEinstellungen4_1.xml
[2012.11.19 21:17:59 | 000,225,280 | ---- | M] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\fabi\ms.exe
[2012.11.19 19:57:44 | 000,137,176 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2012.11.19 19:57:19 | 000,268,952 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2012.11.19 08:30:27 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.11.15 21:57:46 | 000,268,952 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.ex0
[2012.11.13 20:37:51 | 000,001,064 | ---- | M] () -- C:\Dokumente und Einstellungen\fabi\Startmenü\Programme\Autostart\ctfmon.lnk
[2012.11.13 20:37:36 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\lsass.exe
[2012.11.05 17:44:35 | 002,457,832 | ---- | M] () -- C:\Dokumente und Einstellungen\fabi\gfh.jpg
[2012.11.05 17:44:35 | 000,038,521 | ---- | M] () -- C:\Dokumente und Einstellungen\fabi\.recently-used.xbel
[2012.11.05 17:44:07 | 014,411,206 | ---- | M] () -- C:\Dokumente und Einstellungen\fabi\gfh.xcf
[2012.10.23 10:16:28 | 000,404,920 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.11.20 18:02:00 | 000,002,207 | ---- | C] () -- C:\Dokumente und Einstellungen\fabi\.heldEinstellungen4_1.xml
[2012.11.20 18:01:59 | 000,000,232 | ---- | C] () -- C:\Dokumente und Einstellungen\fabi\.dsa4.properties
[2012.11.13 20:37:51 | 000,001,064 | ---- | C] () -- C:\Dokumente und Einstellungen\fabi\Startmenü\Programme\Autostart\ctfmon.lnk
[2012.11.13 20:37:36 | 095,023,320 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\0tbpw.pad
[2012.11.05 17:44:35 | 000,038,521 | ---- | C] () -- C:\Dokumente und Einstellungen\fabi\.recently-used.xbel
[2012.11.05 17:44:34 | 002,457,832 | ---- | C] () -- C:\Dokumente und Einstellungen\fabi\gfh.jpg
[2012.11.05 17:44:07 | 014,411,206 | ---- | C] () -- C:\Dokumente und Einstellungen\fabi\gfh.xcf
[2012.10.24 08:26:48 | 000,000,702 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Firefox.lnk
[2012.02.19 13:22:11 | 000,088,813 | ---- | C] () -- C:\Dokumente und Einstellungen\fabi\agssave.999
[2011.01.23 19:25:45 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2011.01.23 19:25:45 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2011.01.23 19:25:45 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2011.01.23 19:25:45 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2011.01.23 19:25:45 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2009.02.23 19:10:46 | 000,131,800 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2009.02.21 22:14:34 | 000,022,328 | ---- | C] () -- C:\Dokumente und Einstellungen\fabi\Anwendungsdaten\PnkBstrK.sys
[2008.07.04 22:45:08 | 000,041,984 | ---- | C] () -- C:\Dokumente und Einstellungen\fabi\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.07.04 22:23:49 | 000,000,057 | ---- | C] () -- C:\Dokumente und Einstellungen\fabi\pbuser.htm
[2008.07.04 22:23:30 | 000,009,407 | ---- | C] () -- C:\Dokumente und Einstellungen\fabi\pbgame.htm
========== ZeroAccess Check ==========
[2009.02.23 19:05:15 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2002.12.31 13:00:00 | 001,483,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2002.12.31 13:00:00 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2002.12.31 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2008.08.25 16:58:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Azureus
[2009.11.11 17:22:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canneverbe Limited
[2009.02.23 19:12:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Fallout3
[2009.07.12 20:11:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Line 6
[2009.07.10 22:29:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Tages
[2009.08.08 02:02:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\fabi\Anwendungsdaten\.minecraft
[2008.08.25 17:08:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\fabi\Anwendungsdaten\Azureus
[2009.11.11 17:22:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\fabi\Anwendungsdaten\Canneverbe_Limited
[2009.02.22 02:19:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\fabi\Anwendungsdaten\Command & Conquer 3 Tiberium Wars
[2008.09.20 13:12:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\fabi\Anwendungsdaten\DAEMON Tools
[2012.11.21 00:49:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\fabi\Anwendungsdaten\DataMgr
[2012.11.05 17:44:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\fabi\Anwendungsdaten\gtk-2.0
[2012.11.21 00:49:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\fabi\Anwendungsdaten\HMN
[2009.05.08 21:52:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\fabi\Anwendungsdaten\ICQ
[2009.03.07 13:13:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\fabi\Anwendungsdaten\ImgBurn
[2009.07.12 20:51:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\fabi\Anwendungsdaten\Line 6
[2009.03.06 21:43:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\fabi\Anwendungsdaten\Mount&Blade
[2009.07.08 22:37:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\fabi\Anwendungsdaten\Mumble
[2009.08.23 19:22:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\fabi\Anwendungsdaten\OpenOffice.org
[2010.03.09 10:58:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\fabi\Anwendungsdaten\pdfforge
[2009.03.09 14:22:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\fabi\Anwendungsdaten\REAPER
[2012.11.21 00:49:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\fabi\Anwendungsdaten\SDIV 2.0
[2012.10.25 10:04:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\fabi\Anwendungsdaten\Search Settings
[2009.04.09 23:19:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\fabi\Anwendungsdaten\Teeworlds
[2009.07.10 22:31:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\fabi\Anwendungsdaten\Ubisoft
[2009.03.07 18:55:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\fabi\Anwendungsdaten\Unity
[2012.11.20 20:13:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\fabi\Anwendungsdaten\uTorrent
[2012.10.21 12:39:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\fabi\Anwendungsdaten\Verbindungsassistent
[2012.07.08 21:27:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\fabi\Anwendungsdaten\wtxpcom
[2008.09.25 16:17:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\fabi\Anwendungsdaten\XRay Engine
[2011.10.09 13:50:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Verbindungsassistent
========== Purity Check ==========
< End of report >
Defogger log: Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 15:48 on 21/11/2012 (fabi)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
HKCU:DAEMON Tools Lite -> Removed
Checking for services/drivers...
Unable to read sptd.sys
SPTD -> Disabled (Service running -> reboot required)
-=E.O.F=-
aswMBR-Log: Code:
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-21 15:50:43
-----------------------------
15:50:43.750 OS Version: Windows 5.1.2600 Service Pack 2
15:50:43.750 Number of processors: 4 586 0x1707
15:50:43.750 ComputerName: ***** UserName: fabi
15:50:45.812 Initialize success
15:51:43.468 AVAST engine defs: 12112100
15:51:56.671 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
15:51:56.687 Disk 0 Vendor: ST3500320AS SD15 Size: 476938MB BusType: 3
15:51:56.703 Disk 0 MBR read successfully
15:51:56.718 Disk 0 MBR scan
15:51:56.750 Disk 0 Windows XP default MBR code
15:51:56.765 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 49999 MB offset 63
15:51:56.781 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 208413 MB offset 122881185
15:51:56.812 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 208523 MB offset 549712170
15:51:56.843 Disk 0 scanning sectors +976768065
15:51:56.906 Disk 0 scanning C:\WINDOWS\system32\drivers
15:52:02.328 Service scanning
15:52:16.640 Modules scanning
15:52:43.890 Disk 0 trace - called modules:
15:52:43.921 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
15:52:43.937 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8ae5aab8]
15:52:43.953 3 CLASSPNP.SYS[f764805b] -> nt!IofCallDriver -> \Device\00000074[0x8ae089e8]
15:52:43.968 5 ACPI.sys[f75ad620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8ae66940]
15:52:44.375 AVAST engine scan C:\WINDOWS
15:52:48.437 AVAST engine scan C:\WINDOWS\system32
15:54:37.453 AVAST engine scan C:\WINDOWS\system32\drivers
15:54:44.937 AVAST engine scan C:\Dokumente und Einstellungen\fabi
15:57:27.671 File: C:\Dokumente und Einstellungen\fabi\Lokale Einstellungen\Temp\wpbt0.dll **INFECTED** Win32:LockScreen-OK [Trj]
15:57:33.609 File: C:\Dokumente und Einstellungen\fabi\ms.exe **INFECTED** Win32:Rootkit-gen [Rtk]
15:57:42.843 AVAST engine scan C:\Dokumente und Einstellungen\All Users
15:58:01.703 Scan finished successfully
15:58:08.468 Disk 0 MBR has been saved successfully to "C:\Dokumente und Einstellungen\fabi\Desktop\MBR.dat"
15:58:08.484 The log file has been saved successfully to "C:\Dokumente und Einstellungen\fabi\Desktop\aswMBR.txt"
Gmer-Log: Code:
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-11-21 16:33:06
Windows 5.1.2600 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST3500320AS rev.SD15
Running: 58l06j6n.exe; Driver: C:\DOKUME~1\fabi\LOKALE~1\Temp\uxtdypob.sys
---- Kernel code sections - GMER 1.0.15 ----
? C:\DOKUME~1\fabi\LOKALE~1\Temp\aswMBR.sys Das System kann die angegebene Datei nicht finden. !
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 E:\Programme\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xEE 0x03 0xD6 0x4E ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x47 0xA1 0x70 0x6F ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xC5 0x81 0x00 0x8B ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 E:\Programme\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xEE 0x03 0xD6 0x4E ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x47 0xA1 0x70 0x6F ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xC5 0x81 0x00 0x8B ...
---- EOF - GMER 1.0.15 ----
EDIT:
und hier noch die TDSS-Killer-Log: Code:
21:08:51.0421 2028 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
21:08:51.0625 2028 ============================================================
21:08:51.0625 2028 Current date / time: 2012/11/21 21:08:51.0625
21:08:51.0625 2028 SystemInfo:
21:08:51.0625 2028
21:08:51.0625 2028 OS Version: 5.1.2600 ServicePack: 2.0
21:08:51.0625 2028 Product type: Workstation
21:08:51.0625 2028 ComputerName: *****
21:08:51.0625 2028 UserName: fabi
21:08:51.0625 2028 Windows directory: C:\WINDOWS
21:08:51.0625 2028 System windows directory: C:\WINDOWS
21:08:51.0625 2028 Processor architecture: Intel x86
21:08:51.0625 2028 Number of processors: 4
21:08:51.0625 2028 Page size: 0x1000
21:08:51.0625 2028 Boot type: Safe boot with network
21:08:51.0625 2028 ============================================================
21:08:55.0078 2028 Drive \Device\Harddisk0\DR0 - Size: 0x7470AFDE00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
21:08:55.0078 2028 Drive \Device\Harddisk1\DR4 - Size: 0x3C3FFE00 (0.94 Gb), SectorSize: 0x200, Cylinders: 0x7A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:08:55.0078 2028 ============================================================
21:08:55.0078 2028 \Device\Harddisk0\DR0:
21:08:55.0078 2028 MBR partitions:
21:08:55.0078 2028 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A7927
21:08:55.0078 2028 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x75304A1, BlocksNum 0x1970EC89
21:08:55.0078 2028 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x20C3F12A, BlocksNum 0x19745B17
21:08:55.0078 2028 \Device\Harddisk1\DR4:
21:08:55.0078 2028 MBR partitions:
21:08:55.0078 2028 \Device\Harddisk1\DR4\Partition1: MBR, Type 0x6, StartLBA 0x3F, BlocksNum 0x1E1FC0
21:08:55.0078 2028 ============================================================
21:08:55.0093 2028 C: <-> \Device\Harddisk0\DR0\Partition1
21:08:55.0156 2028 E: <-> \Device\Harddisk0\DR0\Partition2
21:08:55.0312 2028 F: <-> \Device\Harddisk0\DR0\Partition3
21:08:55.0328 2028 ============================================================
21:08:55.0328 2028 Initialize success
21:08:55.0328 2028 ============================================================
21:09:02.0078 0188 ============================================================
21:09:02.0078 0188 Scan started
21:09:02.0078 0188 Mode: Manual; SigCheck; TDLFS;
21:09:02.0078 0188 ============================================================
21:09:04.0875 0188 ================ Scan system memory ========================
21:09:04.0875 0188 System memory - ok
21:09:04.0875 0188 ================ Scan services =============================
21:09:05.0015 0188 Abiosdsk - ok
21:09:05.0015 0188 abp480n5 - ok
21:09:05.0031 0188 [ 94B4741D2CF9ED38140B831293D1601A ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:09:05.0375 0188 ACPI - ok
21:09:05.0390 0188 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
21:09:05.0437 0188 ACPIEC - ok
21:09:05.0453 0188 adpu160m - ok
21:09:05.0484 0188 [ 841F385C6CFAF66B58FBD898722BB4F0 ] aec C:\WINDOWS\system32\drivers\aec.sys
21:09:05.0546 0188 aec - ok
21:09:05.0578 0188 [ 30BB1BDE595CA65FD5549462080D94E5 ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
21:09:05.0593 0188 AegisP ( UnsignedFile.Multi.Generic ) - warning
21:09:05.0593 0188 AegisP - detected UnsignedFile.Multi.Generic (1)
21:09:05.0609 0188 [ 5AC495F4CB807B2B98AD2AD591E6D92E ] AFD C:\WINDOWS\System32\drivers\afd.sys
21:09:05.0671 0188 AFD - ok
21:09:05.0671 0188 Aha154x - ok
21:09:05.0687 0188 aic78u2 - ok
21:09:05.0703 0188 aic78xx - ok
21:09:05.0718 0188 [ 1AAB6C5F8376357CB9B16C38C42C4076 ] Alerter C:\WINDOWS\system32\alrsvc.dll
21:09:05.0781 0188 Alerter - ok
21:09:05.0796 0188 [ 6596DD260FFDE1BDC994C1DF236307BB ] ALG C:\WINDOWS\System32\alg.exe
21:09:05.0828 0188 ALG - ok
21:09:05.0828 0188 AliIde - ok
21:09:05.0843 0188 amsint - ok
21:09:05.0921 0188 [ FEC0C3F9B39C5D17EC3442F244EC0474 ] appdrv01 C:\WINDOWS\system32\Drivers\appdrv01.sys
21:09:06.0125 0188 appdrv01 - ok
21:09:06.0125 0188 appdrvrem01 - ok
21:09:06.0312 0188 [ 70968A726D9DE0F0259D4AEB965FAD61 ] Application Updater C:\Programme\Application Updater\ApplicationUpdater.exe
21:09:06.0406 0188 Application Updater - ok
21:09:06.0500 0188 [ BECD5328E7869807D6557BE4FE60C72F ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
21:09:06.0562 0188 AppMgmt - ok
21:09:06.0562 0188 asc - ok
21:09:06.0578 0188 asc3350p - ok
21:09:06.0593 0188 asc3550 - ok
21:09:06.0921 0188 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
21:09:06.0968 0188 aspnet_state - ok
21:09:06.0984 0188 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:09:07.0046 0188 AsyncMac - ok
21:09:07.0109 0188 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
21:09:07.0203 0188 atapi - ok
21:09:07.0203 0188 Atdisk - ok
21:09:07.0234 0188 [ F0D933B42CD0594048E4D5200AE9E417 ] atksgt C:\WINDOWS\system32\DRIVERS\atksgt.sys
21:09:07.0250 0188 atksgt - ok
21:09:07.0265 0188 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:09:07.0328 0188 Atmarpc - ok
21:09:07.0343 0188 [ E98B8250398F6637B335A76BA8DFB602 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
21:09:07.0406 0188 AudioSrv - ok
21:09:07.0421 0188 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
21:09:07.0484 0188 audstub - ok
21:09:07.0515 0188 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
21:09:07.0562 0188 Beep - ok
21:09:07.0609 0188 [ 3A5E54A9AB96EF2D273B58136FB58EFE ] BITS C:\WINDOWS\system32\qmgr.dll
21:09:07.0734 0188 BITS - ok
21:09:07.0750 0188 [ D8653DCD80CF2EBB333FC4FCC43A7DEF ] Browser C:\WINDOWS\System32\browser.dll
21:09:07.0812 0188 Browser - ok
21:09:07.0828 0188 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
21:09:07.0890 0188 cbidf2k - ok
21:09:07.0906 0188 [ 6163ED60B684BAB19D3352AB22FC48B2 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:09:07.0968 0188 CCDECODE - ok
21:09:07.0968 0188 cd20xrnt - ok
21:09:08.0000 0188 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
21:09:08.0062 0188 Cdaudio - ok
21:09:08.0062 0188 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
21:09:08.0125 0188 Cdfs - ok
21:09:08.0156 0188 [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:09:08.0218 0188 Cdrom - ok
21:09:08.0234 0188 Changer - ok
21:09:08.0250 0188 [ 234D52C63C67A8CF4AF9BECCE43BFB4A ] cisvc C:\WINDOWS\system32\cisvc.exe
21:09:08.0312 0188 cisvc - ok
21:09:08.0343 0188 [ 0461868578D29DC18FB1C79933C5158A ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
21:09:08.0390 0188 ClipSrv - ok
21:09:08.0437 0188 [ 3C4D595E7F9B747325AEF28B4ADCAAE5 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:09:08.0468 0188 clr_optimization_v2.0.50727_32 - ok
21:09:08.0500 0188 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:09:08.0562 0188 clr_optimization_v4.0.30319_32 - ok
21:09:08.0578 0188 CmdIde - ok
21:09:08.0578 0188 COMSysApp - ok
21:09:08.0609 0188 Cpqarray - ok
21:09:08.0625 0188 [ 1A5F9DB98DF7955B4C7CBDBF2C638238 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
21:09:08.0687 0188 CryptSvc - ok
21:09:08.0687 0188 dac2w2k - ok
21:09:08.0703 0188 dac960nt - ok
21:09:08.0718 0188 [ 9F28FF58D6D67B123272869D89D14004 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
21:09:08.0796 0188 DcomLaunch - ok
21:09:08.0796 0188 [ 69F986B2688BA95A0D9362B0E233D5FF ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
21:09:08.0859 0188 Dhcp - ok
21:09:08.0890 0188 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
21:09:08.0937 0188 Disk - ok
21:09:08.0953 0188 dmadmin - ok
21:09:08.0984 0188 [ 5789B83BA87FC84C3568CF86CACEF8CE ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
21:09:09.0062 0188 dmboot - ok
21:09:09.0109 0188 [ 084EB0A50A4F7B4705C8A57F234E5291 ] dmio C:\WINDOWS\system32\DRIVERS\dmio.sys
21:09:09.0171 0188 dmio - ok
21:09:09.0171 0188 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
21:09:09.0234 0188 dmload - ok
21:09:09.0250 0188 [ FA2D9D1A9F6B5A88D01E1685CE2378BA ] dmserver C:\WINDOWS\System32\dmserver.dll
21:09:09.0312 0188 dmserver - ok
21:09:09.0343 0188 [ A6F881284AC1150E37D9AE47FF601267 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
21:09:09.0390 0188 DMusic - ok
21:09:09.0406 0188 [ D1F5B71BBAEEE07B78980DBD878C0BC7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
21:09:09.0468 0188 Dnscache - ok
21:09:09.0484 0188 dpti2o - ok
21:09:09.0500 0188 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
21:09:09.0562 0188 drmkaud - ok
21:09:09.0593 0188 [ D82414EC520453EFE2EBA936F6A9115A ] EAPPkt C:\WINDOWS\system32\DRIVERS\EAPPkt.sys
21:09:09.0593 0188 EAPPkt ( UnsignedFile.Multi.Generic ) - warning
21:09:09.0593 0188 EAPPkt - detected UnsignedFile.Multi.Generic (1)
21:09:09.0609 0188 [ 877A4512CC9074D6954776AF47021766 ] ERSvc C:\WINDOWS\System32\ersvc.dll
21:09:09.0671 0188 ERSvc - ok
21:09:09.0703 0188 [ E5030E34DE21A6818E8586BFB7DD4B60 ] ET5Drv C:\WINDOWS\system32\Drivers\ET5Drv.sys
21:09:09.0750 0188 ET5Drv - ok
21:09:09.0765 0188 [ EDB6B81761BD60F32F740BBC40AFB676 ] Eventlog C:\WINDOWS\system32\services.exe
21:09:09.0843 0188 Eventlog - ok
21:09:09.0859 0188 [ 4E1A8645EE77CB9454FFE53C59620A25 ] EventSystem C:\WINDOWS\system32\es.dll
21:09:09.0921 0188 EventSystem - ok
21:09:09.0953 0188 [ 57C171EA22F0A7F068FCB0CAEDD1E8E7 ] ew_hwusbdev C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys
21:09:09.0984 0188 ew_hwusbdev - ok
21:09:10.0000 0188 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
21:09:10.0062 0188 Fastfat - ok
21:09:10.0109 0188 [ BAC5F7F0C2B8C1B9832594851E0F9914 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
21:09:10.0171 0188 FastUserSwitchingCompatibility - ok
21:09:10.0187 0188 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
21:09:10.0234 0188 Fdc - ok
21:09:10.0250 0188 [ 9E9AF89F9B14AA6249065C309CE73BD8 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
21:09:10.0296 0188 Fips - ok
21:09:10.0312 0188 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
21:09:10.0375 0188 Flpydisk - ok
21:09:10.0390 0188 [ 157754F0DF355A9E0A6F54721914F9C6 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
21:09:10.0453 0188 FltMgr - ok
21:09:10.0468 0188 [ FACECF3F75BAF3775A879D1168402270 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:09:10.0484 0188 FontCache3.0.0.0 - ok
21:09:10.0484 0188 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:09:10.0546 0188 Fs_Rec - ok
21:09:10.0546 0188 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:09:10.0609 0188 Ftdisk - ok
21:09:10.0640 0188 [ 5C230948DD6652228F88CA7AE6CB276C ] gdrv C:\WINDOWS\gdrv.sys
21:09:10.0640 0188 gdrv - ok
21:09:10.0671 0188 [ A73082BAB773171B34D656609C6D5854 ] GEST Service C:\Programme\GIGABYTE\GEST\GSvr.exe
21:09:10.0687 0188 GEST Service - ok
21:09:10.0703 0188 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:09:10.0750 0188 Gpc - ok
21:09:10.0796 0188 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1c9e3c665794a9d C:\Programme\Google\Update\GoogleUpdate.exe
21:09:10.0812 0188 gupdate1c9e3c665794a9d - ok
21:09:10.0828 0188 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
21:09:10.0828 0188 gupdatem - ok
21:09:10.0843 0188 [ D30B31375C40309425C21EFE75DB90BB ] hamachi C:\WINDOWS\system32\DRIVERS\hamachi.sys
21:09:10.0843 0188 hamachi - ok
21:09:10.0859 0188 [ 3FCC124B6E08EE0E9351F717DD136939 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:09:10.0875 0188 HDAudBus - ok
21:09:10.0890 0188 [ BA85BCF1A2BCF927C3600574173403E0 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:09:10.0953 0188 helpsvc - ok
21:09:10.0984 0188 [ 2F337D9ADE7B9F2C954C6E799D82D619 ] HerculesWiFi C:\WINDOWS\system32\HerculesWiFiService.exe
21:09:10.0984 0188 HerculesWiFi - ok
21:09:11.0000 0188 [ B647CA198B9C73056ABFB0A9D8F4916D ] HidServ C:\WINDOWS\System32\hidserv.dll
21:09:11.0062 0188 HidServ - ok
21:09:11.0078 0188 [ 1DE6783B918F540149AA69943BDFEBA8 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:09:11.0140 0188 HidUsb - ok
21:09:11.0140 0188 hpn - ok
21:09:11.0156 0188 hpt3xx - ok
21:09:11.0187 0188 [ C19B522A9AE0BBC3293397F3055E80A1 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
21:09:11.0250 0188 HTTP - ok
21:09:11.0281 0188 [ 9EC7E866BBDBF3ECC0E67F4E0A838EB2 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
21:09:11.0328 0188 HTTPFilter - ok
21:09:11.0359 0188 [ 1F40368DC40B17DE3FA0FBE8A9D82F9E ] hwdatacard C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
21:09:11.0390 0188 hwdatacard - ok
21:09:11.0406 0188 i2omgmt - ok
21:09:11.0406 0188 i2omp - ok
21:09:11.0421 0188 [ 7C575018D0413440D75432A78B88C899 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:09:11.0484 0188 i8042prt - ok
21:09:11.0531 0188 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:09:11.0531 0188 IDriverT ( UnsignedFile.Multi.Generic ) - warning
21:09:11.0531 0188 IDriverT - detected UnsignedFile.Multi.Generic (1)
21:09:11.0578 0188 [ EA7267505149B3A10DF32506A4E4E412 ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:09:11.0671 0188 idsvc ( UnsignedFile.Multi.Generic ) - warning
21:09:11.0671 0188 idsvc - detected UnsignedFile.Multi.Generic (1)
21:09:11.0687 0188 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
21:09:11.0734 0188 Imapi - ok
21:09:11.0750 0188 [ 57D7267A9ED91ECAF4336B08C9628FCA ] ImapiService C:\WINDOWS\system32\imapi.exe
21:09:11.0812 0188 ImapiService - ok
21:09:11.0828 0188 ini910u - ok
21:09:11.0906 0188 [ C282875880DF189C64C465FC54A0150A ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
21:09:12.0546 0188 IntcAzAudAddService - ok
21:09:12.0562 0188 IntelIde - ok
21:09:12.0593 0188 [ C1C2CC1DA79C5EE10457EF0A3B8568C7 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:09:12.0640 0188 intelppm - ok
21:09:12.0656 0188 [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
21:09:12.0718 0188 Ip6Fw - ok
21:09:12.0734 0188 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:09:12.0781 0188 IpFilterDriver - ok
21:09:12.0796 0188 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:09:12.0843 0188 IpInIp - ok
21:09:12.0859 0188 [ B5A8E215AC29D24D60B4D1250EF05ACE ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:09:12.0921 0188 IpNat - ok
21:09:12.0921 0188 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:09:12.0984 0188 IPSec - ok
21:09:13.0015 0188 [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
21:09:13.0046 0188 IRENUM - ok
21:09:13.0078 0188 [ CE9B7AFDF0A3D7DD8D1487262316B959 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:09:13.0140 0188 isapnp - ok
21:09:13.0156 0188 [ AB95B2DDB49F6B6CF52625E56C1F1F71 ] JRAID C:\WINDOWS\system32\DRIVERS\jraid.sys
21:09:13.0187 0188 JRAID - ok
21:09:13.0203 0188 [ B128FC0A5CD83F669D5DE4B58F77C7D6 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:09:13.0265 0188 Kbdclass - ok
21:09:13.0281 0188 [ 7EC877AA899323B92874FE62C7DDCDE7 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:09:13.0328 0188 kbdhid - ok
21:09:13.0343 0188 [ D93CAD07C5683DB066B0B2D2D3790EAD ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
21:09:13.0406 0188 kmixer - ok
21:09:13.0421 0188 [ EB7FFE87FD367EA8FCA0506F74A87FBB ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
21:09:13.0484 0188 KSecDD - ok
21:09:13.0515 0188 [ 8B41CA266B68E2207BD92C8A3ED7C431 ] L6PODX3LV C:\WINDOWS\system32\Drivers\L6PODX3LV.sys
21:09:13.0531 0188 L6PODX3LV ( UnsignedFile.Multi.Generic ) - warning
21:09:13.0531 0188 L6PODX3LV - detected UnsignedFile.Multi.Generic (1)
21:09:13.0546 0188 [ F8170AA51CD202BC062B8A0983F361B7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
21:09:13.0609 0188 lanmanserver - ok
21:09:13.0625 0188 [ 36D74668F5448D55887FA3958488DC06 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
21:09:13.0687 0188 lanmanworkstation - ok
21:09:13.0687 0188 lbrtfdc - ok
21:09:13.0734 0188 [ F8A7212D0864EF5E9185FB95E6623F4D ] lirsgt C:\WINDOWS\system32\DRIVERS\lirsgt.sys
21:09:13.0734 0188 lirsgt - ok
21:09:13.0750 0188 [ 4C25FADD7FE1D5BD779B20D3D0EB8D7C ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
21:09:13.0796 0188 LmHosts - ok
21:09:13.0828 0188 [ 081CAF42D5DB1FCF8794FD77BEFD1B11 ] lusbaudio C:\WINDOWS\system32\drivers\OVSound2.sys
21:09:13.0875 0188 lusbaudio - ok
21:09:13.0890 0188 [ B4B8B993A83084CE25DC776965903CE7 ] massfilter C:\WINDOWS\system32\drivers\massfilter.sys
21:09:13.0906 0188 massfilter - ok
21:09:13.0921 0188 [ E5215AB942C5AC5F7EB0E54871D7A27C ] Messenger C:\WINDOWS\System32\msgsvc.dll
21:09:13.0984 0188 Messenger - ok
21:09:14.0000 0188 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
21:09:14.0062 0188 mnmdd - ok
21:09:14.0125 0188 [ BB2470D20405B272EA47CA5E18F1C58E ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
21:09:14.0187 0188 mnmsrvc - ok
21:09:14.0250 0188 [ 91A3DA4B12F6F1D760463A7F7857F748 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
21:09:14.0312 0188 Modem - ok
21:09:14.0328 0188 [ 71E15CA47FD947552054AFB28536268F ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:09:14.0390 0188 Mouclass - ok
21:09:14.0390 0188 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:09:14.0468 0188 mouhid - ok
21:09:14.0468 0188 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
21:09:14.0531 0188 MountMgr - ok
21:09:14.0562 0188 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
21:09:14.0578 0188 MozillaMaintenance - ok
21:09:14.0578 0188 mraid35x - ok
21:09:14.0609 0188 [ 46EDCC8F2DB2F322C24F48785CB46366 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:09:14.0656 0188 MRxDAV - ok
21:09:14.0671 0188 [ 1FD607FC67F7F7C633C3DA65BFC53D18 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:09:14.0750 0188 MRxSmb - ok
21:09:14.0781 0188 [ D059F9C7752EF461476E83180DAA5C62 ] MSDTC C:\WINDOWS\System32\msdtc.exe
21:09:14.0828 0188 MSDTC - ok
21:09:14.0859 0188 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
21:09:14.0921 0188 Msfs - ok
21:09:14.0921 0188 MSIServer - ok
21:09:14.0953 0188 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:09:15.0000 0188 MSKSSRV - ok
21:09:15.0015 0188 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:09:15.0078 0188 MSPCLOCK - ok
21:09:15.0078 0188 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
21:09:15.0140 0188 MSPQM - ok
21:09:15.0140 0188 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:09:15.0203 0188 mssmbios - ok
21:09:15.0218 0188 [ BF13612142995096AB084F2DB7F40F77 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
21:09:15.0281 0188 MSTEE - ok
21:09:15.0281 0188 [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
21:09:15.0343 0188 Mup - ok
21:09:15.0375 0188 [ 5C8DC6429C43DC6177C1FA5B76290D1A ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:09:15.0421 0188 NABTSFEC - ok
21:09:15.0437 0188 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
21:09:15.0500 0188 NDIS - ok
21:09:15.0515 0188 [ 520CE427A8B298F54112857BCF6BDE15 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:09:15.0562 0188 NdisIP - ok
21:09:15.0578 0188 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:09:15.0625 0188 NdisTapi - ok
21:09:15.0640 0188 [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:09:15.0703 0188 Ndisuio - ok
21:09:15.0718 0188 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:09:15.0765 0188 NdisWan - ok
21:09:15.0781 0188 [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
21:09:15.0843 0188 NDProxy - ok
21:09:15.0859 0188 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
21:09:15.0906 0188 NetBIOS - ok
21:09:15.0921 0188 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
21:09:15.0968 0188 NetBT - ok
21:09:15.0984 0188 [ F4EFF57254F565F39B6029150414A0D5 ] NetDDE C:\WINDOWS\system32\netdde.exe
21:09:16.0046 0188 NetDDE - ok
21:09:16.0046 0188 [ F4EFF57254F565F39B6029150414A0D5 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
21:09:16.0109 0188 NetDDEdsdm - ok
21:09:16.0125 0188 [ 183805EB05BCA5A1E4AAAED4D2BE3690 ] Netlogon C:\WINDOWS\system32\lsass.exe
21:09:16.0171 0188 Netlogon - ok
21:09:16.0187 0188 [ CDF4DA6B518105343FE9E8AFBBF8FBF4 ] Netman C:\WINDOWS\System32\netman.dll
21:09:16.0250 0188 Netman - ok
21:09:16.0296 0188 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:09:16.0375 0188 NetTcpPortSharing - ok
21:09:16.0390 0188 [ B36E08F680BAE4DFC5C24D00A2DFC9E7 ] Nla C:\WINDOWS\System32\mswsock.dll
21:09:16.0453 0188 Nla - ok
21:09:16.0515 0188 [ FD306FBCCE7ADB1077B709742E7148E9 ] NMSAccessU F:\Programme\CDBurnerXP\NMSAccessU.exe
21:09:16.0531 0188 NMSAccessU - ok
21:09:16.0546 0188 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
21:09:16.0593 0188 Npfs - ok
21:09:16.0625 0188 [ B78BE402C3F63DD55521F73876951CDD ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
21:09:16.0687 0188 Ntfs - ok
21:09:16.0734 0188 [ 183805EB05BCA5A1E4AAAED4D2BE3690 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
21:09:16.0781 0188 NtLmSsp - ok
21:09:16.0812 0188 [ 428AA946A8D9F32DBB4260C8E6E13377 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
21:09:16.0875 0188 NtmsSvc - ok
21:09:16.0890 0188 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
21:09:16.0937 0188 Null - ok
21:09:17.0062 0188 [ 07E25FE08344021091F000D84611A2AB ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
21:09:17.0937 0188 nv - ok
21:09:18.0015 0188 [ E00696D78AF663C523D3483410C66F21 ] NVIDIA Performance Driver Service C:\Programme\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
21:09:18.0515 0188 NVIDIA Performance Driver Service ( UnsignedFile.Multi.Generic ) - warning
21:09:18.0515 0188 NVIDIA Performance Driver Service - detected UnsignedFile.Multi.Generic (1)
21:09:18.0531 0188 [ C05A34A53008C443BD9D0BD18683BFD4 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
21:09:18.0546 0188 NVSvc - ok
21:09:18.0562 0188 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:09:18.0609 0188 NwlnkFlt - ok
21:09:18.0625 0188 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:09:18.0671 0188 NwlnkFwd - ok
21:09:18.0703 0188 [ 79EA3FCDA7067977625B3363A2657C80 ] NwlnkIpx C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
21:09:18.0765 0188 NwlnkIpx - ok
21:09:18.0765 0188 [ 56D34A67C05E94E16377C60609741FF8 ] NwlnkNb C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
21:09:18.0828 0188 NwlnkNb - ok
21:09:18.0843 0188 [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] NwlnkSpx C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
21:09:18.0890 0188 NwlnkSpx - ok
21:09:18.0921 0188 [ AAD837BF3B475092FD515CD0842334E9 ] oreans32 C:\WINDOWS\system32\drivers\oreans32.sys
21:09:18.0937 0188 oreans32 ( UnsignedFile.Multi.Generic ) - warning
21:09:18.0937 0188 oreans32 - detected UnsignedFile.Multi.Generic (1)
21:09:18.0937 0188 [ B2F17A2EDB5450E61973A037F63A595B ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
21:09:19.0000 0188 Parport - ok
21:09:19.0015 0188 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
21:09:19.0078 0188 PartMgr - ok
21:09:19.0093 0188 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
21:09:19.0156 0188 ParVdm - ok
21:09:19.0187 0188 [ 6FB463E5B243FBD6F3D3C83F914D94FB ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
21:09:19.0281 0188 PCI - ok
21:09:19.0281 0188 PCIDump - ok
21:09:19.0312 0188 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
21:09:19.0359 0188 PCIIde - ok
21:09:19.0375 0188 [ E2363F4C1DAFF89ABEE5F593E13D8A05 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
21:09:19.0437 0188 Pcmcia - ok
21:09:19.0437 0188 PDCOMP - ok
21:09:19.0453 0188 PDFRAME - ok
21:09:19.0468 0188 PDRELI - ok
21:09:19.0484 0188 PDRFRAME - ok
21:09:19.0500 0188 perc2 - ok
21:09:19.0500 0188 perc2hib - ok
21:09:19.0546 0188 [ EDB6B81761BD60F32F740BBC40AFB676 ] PlugPlay C:\WINDOWS\system32\services.exe
21:09:19.0609 0188 PlugPlay - ok
21:09:19.0625 0188 [ 3A2BDD76E7D2A5F40A7174793D1BA794 ] PnkBstrA C:\WINDOWS\system32\PnkBstrA.exe
21:09:19.0625 0188 PnkBstrA - ok
21:09:19.0640 0188 [ 183805EB05BCA5A1E4AAAED4D2BE3690 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
21:09:19.0687 0188 PolicyAgent - ok
21:09:19.0703 0188 [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:09:19.0750 0188 PptpMiniport - ok
21:09:19.0781 0188 [ 3D7F196E77F986C106E9320B81A5EBBF ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
21:09:19.0828 0188 Processor - ok
21:09:19.0843 0188 [ 183805EB05BCA5A1E4AAAED4D2BE3690 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
21:09:19.0890 0188 ProtectedStorage - ok
21:09:19.0921 0188 [ 64E413BA0C529AA40C3924BBCC4153DB ] ProtexisLicensing C:\WINDOWS\system32\PSIService.exe
21:09:19.0921 0188 ProtexisLicensing ( UnsignedFile.Multi.Generic ) - warning
21:09:19.0921 0188 ProtexisLicensing - detected UnsignedFile.Multi.Generic (1)
21:09:19.0937 0188 [ 48671F327553DCF1D27F6197F622A668 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
21:09:19.0984 0188 PSched - ok
21:09:20.0000 0188 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:09:20.0062 0188 Ptilink - ok
21:09:20.0078 0188 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
21:09:20.0093 0188 PxHelp20 - ok
21:09:20.0140 0188 [ 90849934D37133E069F31F3E9A66C9BC ] QCEmerald C:\WINDOWS\system32\DRIVERS\OVCE.sys
21:09:20.0203 0188 QCEmerald - ok
21:09:20.0203 0188 ql1080 - ok
21:09:20.0218 0188 Ql10wnt - ok
21:09:20.0234 0188 ql12160 - ok
21:09:20.0250 0188 ql1240 - ok
21:09:20.0265 0188 ql1280 - ok
21:09:20.0265 0188 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:09:20.0328 0188 RasAcd - ok
21:09:20.0343 0188 [ E3C6E87C1F84584A773D7C3DD205DBFF ] RasAuto C:\WINDOWS\System32\rasauto.dll
21:09:20.0406 0188 RasAuto - ok
21:09:20.0421 0188 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:09:20.0468 0188 Rasl2tp - ok
21:09:20.0484 0188 [ A5D2D745A2AEFA327DCA6DA317B5FD70 ] RasMan C:\WINDOWS\System32\rasmans.dll
21:09:20.0546 0188 RasMan - ok
21:09:20.0562 0188 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:09:20.0609 0188 RasPppoe - ok
21:09:20.0625 0188 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
21:09:20.0671 0188 Raspti - ok
21:09:20.0687 0188 [ 29D66245ADBA878FFF574CD66ABD2884 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:09:20.0750 0188 Rdbss - ok
21:09:20.0765 0188 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:09:20.0812 0188 RDPCDD - ok
21:09:20.0843 0188 [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:09:20.0890 0188 rdpdr - ok
21:09:20.0937 0188 [ D4F5643D7714EF499AE9527FDCD50894 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
21:09:20.0984 0188 RDPWD - ok
21:09:21.0015 0188 [ AEC159942DF64A9890072D7BB1797762 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
21:09:21.0078 0188 RDSessMgr - ok
21:09:21.0125 0188 [ AA56702E230860565CB8D43680F57F33 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
21:09:21.0171 0188 redbook - ok
21:09:21.0203 0188 [ EBA80CDF25E02084857957E820004934 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
21:09:21.0250 0188 RemoteAccess - ok
21:09:21.0281 0188 [ AE81CF7D7CFA79CD03E8FB99788A7E09 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
21:09:21.0328 0188 RemoteRegistry - ok
21:09:21.0359 0188 [ DA23F9F3F1B1871120F980A6879581AC ] RpcLocator C:\WINDOWS\system32\locator.exe
21:09:21.0406 0188 RpcLocator - ok
21:09:21.0437 0188 [ 9F28FF58D6D67B123272869D89D14004 ] RpcSs C:\WINDOWS\system32\rpcss.dll
21:09:21.0500 0188 RpcSs - ok
21:09:21.0515 0188 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
21:09:21.0562 0188 RSVP - ok
21:09:21.0656 0188 [ 1C5CCCC1493E01728DA837F1F74D7FA9 ] RTL8187B C:\WINDOWS\system32\DRIVERS\RTL8187B.sys
21:09:21.0656 0188 RTL8187B ( UnsignedFile.Multi.Generic ) - warning
21:09:21.0656 0188 RTL8187B - detected UnsignedFile.Multi.Generic (1)
21:09:21.0796 0188 [ 678C6D510F7D324A8F02B4A97AED8E7E ] RTL8192su C:\WINDOWS\system32\DRIVERS\RTL8192su.sys
21:09:21.0875 0188 RTL8192su - ok
21:09:21.0906 0188 [ 36ADA62330C31AD314E4A26B815FC485 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
21:09:21.0921 0188 RTLE8023xp - ok
21:09:21.0921 0188 [ 183805EB05BCA5A1E4AAAED4D2BE3690 ] SamSs C:\WINDOWS\system32\lsass.exe
21:09:21.0984 0188 SamSs - ok
21:09:22.0000 0188 [ B4CF7B42DE6CFA6FDE7D6AF4DAA55F57 ] SCardDrv C:\WINDOWS\System32\SCardSvr.exe
21:09:22.0046 0188 SCardDrv - ok
21:09:22.0062 0188 [ B4CF7B42DE6CFA6FDE7D6AF4DAA55F57 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
21:09:22.0109 0188 SCardSvr - ok
21:09:22.0140 0188 [ D5E73842F38E24457C63FEF8CEFFBE19 ] Schedule C:\WINDOWS\system32\schedsvc.dll
21:09:22.0187 0188 Schedule - ok
21:09:22.0203 0188 [ D26E26EA516450AF9D072635C60387F4 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:09:22.0234 0188 Secdrv - ok
21:09:22.0250 0188 [ FED544B43903FB801B106F062110358A ] seclogon C:\WINDOWS\System32\seclogon.dll
21:09:22.0296 0188 seclogon - ok
21:09:22.0312 0188 [ AB74D986C1DD0D0C95B6AD37EC1E9F4F ] SENS C:\WINDOWS\system32\sens.dll
21:09:22.0359 0188 SENS - ok
21:09:22.0375 0188 [ A2D868AEEFF612E70E213C451A70CAFB ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
21:09:22.0437 0188 serenum - ok
21:09:22.0437 0188 [ CD5B9995AFCDB466C9EFC048D167E3BE ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
21:09:22.0500 0188 Serial - ok
21:09:22.0546 0188 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
21:09:22.0609 0188 Sfloppy - ok
21:09:22.0625 0188 [ 9245420422E409A25C1410ACB4244060 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
21:09:22.0687 0188 SharedAccess - ok
21:09:22.0703 0188 [ BAC5F7F0C2B8C1B9832594851E0F9914 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:09:22.0765 0188 ShellHWDetection - ok
21:09:22.0765 0188 Simbad - ok
21:09:22.0781 0188 [ 5CAEED86821FA2C6139E32E9E05CCDC9 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:09:22.0843 0188 SLIP - ok
21:09:22.0859 0188 Sparrow - ok
21:09:22.0890 0188 [ 8E186B8F23295D1E42C573B82B80D548 ] splitter C:\WINDOWS\system32\drivers\splitter.sys
21:09:22.0937 0188 splitter - ok
21:09:22.0953 0188 [ 54E7113A4BD696E430919BCAF5C65E06 ] Spooler C:\WINDOWS\system32\spoolsv.exe
21:09:23.0000 0188 Spooler - ok
21:09:23.0031 0188 [ 71E276F6D189413266EA22171806597B ] sptd C:\WINDOWS\System32\Drivers\sptd.sys
21:09:23.0078 0188 sptd - ok
21:09:23.0093 0188 [ E4200CB2F418D8FC4ACDD7E38C419D6A ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
21:09:23.0125 0188 sr - ok
21:09:23.0140 0188 [ 015F302C4CF961F20C3F98F3A7CA7917 ] srservice C:\WINDOWS\system32\srsvc.dll
21:09:23.0171 0188 srservice - ok
21:09:23.0171 0188 [ 20B7E396720353E4117D64D9DCB926CA ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
21:09:23.0234 0188 Srv - ok
21:09:23.0250 0188 [ 6FA03B462B2FFFE2627171B7FE73EE29 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
21:09:23.0281 0188 SSDPSRV - ok
21:09:23.0328 0188 [ F92254B0BCFCD10CAAC7BCCC7CB7F467 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys
21:09:23.0328 0188 StarOpen ( UnsignedFile.Multi.Generic ) - warning
21:09:23.0328 0188 StarOpen - detected UnsignedFile.Multi.Generic (1)
21:09:23.0359 0188 [ 7E751068ADA60FC77638622E86A7CD9E ] stisvc C:\WINDOWS\system32\wiaservc.dll
21:09:23.0421 0188 stisvc - ok
21:09:23.0437 0188 [ 284C57DF5DC7ABCA656BC2B96A667AFB ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:09:23.0500 0188 streamip - ok
21:09:23.0515 0188 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
21:09:23.0562 0188 swenum - ok
21:09:23.0593 0188 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
21:09:23.0640 0188 swmidi - ok
21:09:23.0656 0188 SwPrv - ok
21:09:23.0656 0188 symc810 - ok
21:09:23.0671 0188 symc8xx - ok
21:09:23.0687 0188 sym_hi - ok
21:09:23.0703 0188 sym_u3 - ok
21:09:23.0718 0188 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
21:09:23.0765 0188 sysaudio - ok
21:09:23.0796 0188 [ 6D0C43DF9D3A7C5A9B4F94772CBD5DDC ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
21:09:23.0843 0188 SysmonLog - ok
21:09:23.0890 0188 [ DAD1A4D96291139C0F834B138320E475 ] TabletServicePen C:\WINDOWS\system32\Pen_Tablet.exe
21:09:23.0937 0188 TabletServicePen - ok
21:09:23.0968 0188 [ 4584E2A5FE662AB3E7C32936E1449043 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
21:09:24.0062 0188 TapiSrv - ok
21:09:24.0109 0188 [ 9F4B36614A0FC234525BA224957DE55C ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:09:24.0171 0188 Tcpip - ok
21:09:24.0187 0188 [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
21:09:24.0234 0188 TDPIPE - ok
21:09:24.0250 0188 [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
21:09:24.0296 0188 TDTCP - ok
21:09:24.0328 0188 [ A540A99C281D933F3D69D55E48727F47 ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
21:09:24.0375 0188 TermDD - ok
21:09:24.0390 0188 [ 1850BC10DE5DCCCEDE063FC2D0F2CEDA ] TermService C:\WINDOWS\System32\termsrv.dll
21:09:24.0453 0188 TermService - ok
21:09:24.0468 0188 [ BAC5F7F0C2B8C1B9832594851E0F9914 ] Themes C:\WINDOWS\System32\shsvcs.dll
21:09:24.0531 0188 Themes - ok
21:09:24.0546 0188 [ 58708746B8267033E5CF2B29659E7F74 ] TlntSvr C:\WINDOWS\System32\tlntsvr.exe
21:09:24.0562 0188 TlntSvr - ok
21:09:24.0578 0188 TosIde - ok
21:09:24.0593 0188 [ A34E894201D66E380E1FA96FE11B587E ] TrkWks C:\WINDOWS\system32\trkwks.dll
21:09:24.0656 0188 TrkWks - ok
21:09:24.0671 0188 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
21:09:24.0718 0188 Udfs - ok
21:09:24.0765 0188 [ 2E071263A409931F8AFF3A6A656E920C ] UI Assistant Service C:\Programme\1&1 Surf-Stick\AssistantServices.exe
21:09:24.0781 0188 UI Assistant Service - ok
21:09:24.0781 0188 ultra - ok
21:09:24.0812 0188 [ AB0A7CA90D9E3D6A193905DC1715DED0 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
21:09:24.0828 0188 UMWdf - ok
21:09:24.0843 0188 [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
21:09:24.0906 0188 Update - ok
21:09:24.0937 0188 [ 09D4A2D7C5A8ABEC227D118765FAADDF ] upnphost C:\WINDOWS\System32\upnphost.dll
21:09:24.0968 0188 upnphost - ok
21:09:24.0984 0188 [ A99F867E76CFDAA28EE305B93F70E84F ] UPS C:\WINDOWS\System32\ups.exe
21:09:25.0046 0188 UPS - ok
21:09:25.0062 0188 [ 45A0D14B26C35497AD93BCE7E15C9941 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
21:09:25.0109 0188 usbaudio - ok
21:09:25.0171 0188 [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:09:25.0234 0188 usbccgp - ok
21:09:25.0281 0188 [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:09:25.0328 0188 usbehci - ok
21:09:25.0328 0188 [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:09:25.0390 0188 usbhub - ok
21:09:25.0406 0188 [ A42369B7CD8886CD7C70F33DA6FCBCF5 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:09:25.0468 0188 usbprint - ok
21:09:25.0500 0188 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:09:25.0546 0188 USBSTOR - ok
21:09:25.0562 0188 [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:09:25.0609 0188 usbuhci - ok
21:09:25.0625 0188 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
21:09:25.0671 0188 VgaSave - ok
21:09:25.0687 0188 ViaIde - ok
21:09:25.0703 0188 [ D6888520FF56D72A50437E371CA25FC9 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
21:09:25.0750 0188 VolSnap - ok
21:09:25.0796 0188 [ 6635ECBF0D8090DC3A452D0D072B5D5B ] VSS C:\WINDOWS\System32\vssvc.exe
21:09:25.0828 0188 VSS - ok
21:09:25.0843 0188 [ C6D874CD2A5B83CD11CDEBD28A638584 ] W32Time C:\WINDOWS\system32\w32time.dll
21:09:25.0890 0188 W32Time - ok
21:09:25.0921 0188 [ 427A8BC96F16C40DF81C2D2F4EDD32DD ] wacommousefilter C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys
21:09:25.0921 0188 wacommousefilter - ok
21:09:25.0953 0188 [ 73E6F16A1F187D71FB26AF308551E54A ] wacomvhid C:\WINDOWS\system32\DRIVERS\wacomvhid.sys
21:09:25.0968 0188 wacomvhid - ok
21:09:25.0984 0188 [ 889459833432B161CB99CFDF84A1A9BB ] WacomVKHid C:\WINDOWS\system32\DRIVERS\WacomVKHid.sys
21:09:25.0984 0188 WacomVKHid - ok
21:09:26.0000 0188 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:09:26.0046 0188 Wanarp - ok
21:09:26.0062 0188 WDICA - ok
21:09:26.0078 0188 [ 2797F33EBF50466020C430EE4F037933 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
21:09:26.0140 0188 wdmaud - ok
21:09:26.0171 0188 [ 1EB51FEEA9D3208EAE60604F4346C02E ] WebClient C:\WINDOWS\System32\webclnt.dll
21:09:26.0218 0188 WebClient - ok
21:09:26.0281 0188 [ DA2DADB42916E59C6E4BBA593BCCDA73 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
21:09:26.0328 0188 winmgmt - ok
21:09:26.0359 0188 [ 140EF97B64F560FD78643CAE2CDAD838 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
21:09:26.0390 0188 WmdmPmSN - ok
21:09:26.0406 0188 [ 9CBB06E4438D6A0D52A46E0B44796D37 ] Wmi C:\WINDOWS\System32\advapi32.dll
21:09:26.0484 0188 Wmi - ok
21:09:26.0546 0188 [ 042A78FCD1ADFB0FBA9865D55C6F5CC1 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
21:09:26.0609 0188 WmiApSrv - ok
21:09:26.0625 0188 [ 1385E5AA9C9821790D33A9563B8D2DD0 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
21:09:26.0640 0188 WpdUsb - ok
21:09:26.0859 0188 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:09:26.0890 0188 WPFFontCache_v0400 - ok
21:09:26.0937 0188 [ BD3561AAE748150CF51C2CA876449EA7 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
21:09:26.0984 0188 wscsvc - ok
21:09:27.0015 0188 [ D5842484F05E12121C511AA93F6439EC ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:09:27.0062 0188 WSTCODEC - ok
21:09:27.0218 0188 [ A583F4BF607EBC5709578433207A76A8 ] WTGService C:\Programme\Verbindungsassistent\WTGService.exe
21:09:27.0234 0188 WTGService - ok
21:09:27.0281 0188 [ 1EDDD5C0ECF3FA6EDFD8A25B2B4E7DF6 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
21:09:27.0328 0188 wuauserv - ok
21:09:27.0359 0188 [ AE83ADA96575DACF533C2BCB1FC163DC ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
21:09:27.0468 0188 WZCSVC - ok
21:09:27.0531 0188 [ 8302DE1C64618D72346DD0034DBC5D9B ] xmlprov C:\WINDOWS\System32\xmlprov.dll
21:09:27.0578 0188 xmlprov - ok
21:09:27.0593 0188 [ 9BDD8C51C56BE88B081E885085BD7286 ] ZTEusbmdm6k C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys
21:09:27.0609 0188 ZTEusbmdm6k - ok
21:09:27.0625 0188 [ 9BDD8C51C56BE88B081E885085BD7286 ] ZTEusbnmea C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys
21:09:27.0640 0188 ZTEusbnmea - ok
21:09:27.0656 0188 [ 9BDD8C51C56BE88B081E885085BD7286 ] ZTEusbser6k C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys
21:09:27.0656 0188 ZTEusbser6k - ok
21:09:27.0687 0188 ================ Scan global ===============================
21:09:27.0703 0188 [ 1B91BAC6996731EE8925F58205DCB016 ] C:\WINDOWS\system32\basesrv.dll
21:09:27.0718 0188 [ 6D4006EF6E45030BCA14CBFE8893E9B9 ] C:\WINDOWS\system32\winsrv.dll
21:09:27.0734 0188 [ 6D4006EF6E45030BCA14CBFE8893E9B9 ] C:\WINDOWS\system32\winsrv.dll
21:09:27.0734 0188 [ EDB6B81761BD60F32F740BBC40AFB676 ] C:\WINDOWS\system32\services.exe
21:09:27.0734 0188 [Global] - ok
21:09:27.0734 0188 ================ Scan MBR ==================================
21:09:27.0750 0188 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
21:09:27.0984 0188 \Device\Harddisk0\DR0 - ok
21:09:27.0984 0188 [ E5FA06ACA0D60BA9C870D0EF3D9898C9 ] \Device\Harddisk1\DR4
21:09:30.0546 0188 \Device\Harddisk1\DR4 - ok
21:09:30.0546 0188 ================ Scan VBR ==================================
21:09:30.0546 0188 [ 3D54310820BD09C6776435BF364A065D ] \Device\Harddisk0\DR0\Partition1
21:09:30.0546 0188 \Device\Harddisk0\DR0\Partition1 - ok
21:09:30.0578 0188 [ 0102B4FD1183758B608AE805FCE84765 ] \Device\Harddisk0\DR0\Partition2
21:09:30.0578 0188 \Device\Harddisk0\DR0\Partition2 - ok
21:09:30.0593 0188 [ 5A3E9D5113D86DF5E6A2FB7F15379516 ] \Device\Harddisk0\DR0\Partition3
21:09:30.0593 0188 \Device\Harddisk0\DR0\Partition3 - ok
21:09:30.0609 0188 [ 4F50A0AC88B46090A5BBCA7BFE6C0CB4 ] \Device\Harddisk1\DR4\Partition1
21:09:30.0609 0188 \Device\Harddisk1\DR4\Partition1 - ok
21:09:30.0609 0188 ============================================================
21:09:30.0609 0188 Scan finished
21:09:30.0609 0188 ============================================================
21:09:30.0734 0184 Detected object count: 10
21:09:30.0734 0184 Actual detected object count: 10
21:09:44.0703 0184 AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
21:09:44.0703 0184 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:09:44.0703 0184 EAPPkt ( UnsignedFile.Multi.Generic ) - skipped by user
21:09:44.0703 0184 EAPPkt ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:09:44.0718 0184 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
21:09:44.0718 0184 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:09:44.0718 0184 idsvc ( UnsignedFile.Multi.Generic ) - skipped by user
21:09:44.0718 0184 idsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:09:44.0734 0184 L6PODX3LV ( UnsignedFile.Multi.Generic ) - skipped by user
21:09:44.0734 0184 L6PODX3LV ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:09:44.0734 0184 NVIDIA Performance Driver Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:09:44.0734 0184 NVIDIA Performance Driver Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:09:44.0734 0184 oreans32 ( UnsignedFile.Multi.Generic ) - skipped by user
21:09:44.0734 0184 oreans32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:09:44.0750 0184 ProtexisLicensing ( UnsignedFile.Multi.Generic ) - skipped by user
21:09:44.0750 0184 ProtexisLicensing ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:09:44.0750 0184 RTL8187B ( UnsignedFile.Multi.Generic ) - skipped by user
21:09:44.0750 0184 RTL8187B ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:09:44.0750 0184 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
21:09:44.0750 0184 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
Vielen Dank für Eure Hilfe |
AdwCleaner auf deinen Desktop.