Trojaner-Board - PC Performer Manager

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - PC Performer Manager (https://www.trojaner-board.de/133621-pc-performer-manager.html)

PC Performer Manager

Hallo Forumsgemeinde,

Spybot Search and Destroy hat bei mir die Datei pcmngr.exe gefunden und als Bedrohung eingestuft. Nach Verfolgung des Pfades, ist die Datei Bestandteil des PC Performer Managers. Pcmngr.exe habe ich mit Malwarebytes Anti – Malware gelöscht, seitdem erscheint die Meldung nicht mehr. Nach einem weiteren Suchlauf mit Malwarebytes Anti – Malware wurde keine Bedrohung mehr gefunden.
Mir ist aufgefallen, das mein Computer (schon vor dem Fund) etwas langsamer geworden ist, kann aber auch sein das es am Alter liegt.
Sonst gibt es keine verdächtigen Veränderungen.

Der Pfad der Datei:

C:\ Dokumente und Einstellungen \ All Users \ Anwendungsdaten \ PC Performer Manager

Meine Frage ist, soll ich die noch vorhandene Datei PC Performer Manager löschen und wenn ja wie ?

Danke für Eure Hilfe !

Hallo und :hallo:

Zitat:

Managers. Pcmngr.exe habe ich mit Malwarebytes Anti – Malware gelöscht, seitdem erscheint die Meldung nicht mehr.

Schön und wo sind die Logs dazu? :glaskugel:

Solche Angaben reichen nicht, bitte poste die vollständigen Angaben/Logs der Virenscanner siehe http://www.trojaner-board.de/125889-...tml#post941520

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

http://www.trojaner-board.de/picture...&pictureid=307

Code:

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org
 

Datenbank Version: v2013.04.12.05
 

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

xxxxxxxxx :: D63E0FC3CE2B498 [Administrator]
 

14.04.2013 09:59:21

mbam-log-2013-04-14 (09-59-21).txt
 

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)

Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM

Deaktivierte Suchlaufeinstellungen: P2P

Durchsuchte Objekte: 249716

Laufzeit: 3 Stunde(n), 37 Minute(n), 55 Sekunde(n)
 

Infizierte Speicherprozesse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien: 0

(Keine bösartigen Objekte gefunden)
 

(Ende)

Code:

defogger_disable by jpshortstuff (23.02.10.1)

Log created at 14:24 on 14/04/2013 (xxx)
 

Checking for autostart values...

HKCU\~\Run values retrieved.

HKLM\~\Run values retrieved.
 

Checking for services/drivers...
 
 

-=E.O.F=-

Code:

OTL logfile created on: 14.04.2013 14:42:52 - Run 2

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\xxxxxxxxxx\Eigene Dateien\Downloads\Sonstiges\Antivirenprogramme

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,00 Gb Total Physical Memory | 1,47 Gb Available Physical Memory | 73,66% Memory free

5,85 Gb Paging File | 5,37 Gb Available in Paging File | 91,76% Paging File free

Paging file location(s): c:\pagefile.sys 8188 8188 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 37,11 Gb Total Space | 11,13 Gb Free Space | 29,99% Space Free | Partition Type: NTFS

Drive D: | 37,41 Gb Total Space | 36,30 Gb Free Space | 97,03% Space Free | Partition Type: NTFS

 

Computer Name: D63E0FC3CE2B498 | User Name: xxx | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2013.04.12 21:15:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\xxx\Eigene Dateien\Downloads\Sonstiges\Antivirenprogramme\OTL.exe

PRC - [2013.04.12 15:47:02 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe

PRC - [2013.04.12 15:46:05 | 000,565,472 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe

PRC - [2013.04.12 15:46:02 | 000,079,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe

PRC - [2013.04.12 15:45:54 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe

PRC - [2013.04.12 15:45:52 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe

PRC - [2013.04.01 12:59:32 | 001,646,216 | ---- | M] (Ask) -- C:\Programme\Ask.com\Updater\Updater.exe

PRC - [2013.03.06 19:53:05 | 000,170,912 | ---- | M] (Oracle Corporation) -- C:\Programme\Java\jre7\bin\jqs.exe

PRC - [2012.07.03 10:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe

PRC - [2009.03.05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy_neu\TeaTimer.exe

PRC - [2008.04.14 07:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2004.05.24 12:35:52 | 000,322,104 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\drivers\KodakCCS.exe

PRC - [2002.06.18 18:44:20 | 000,046,592 | ---- | M] (Avance Logic, Inc.) -- C:\WINDOWS\SOUNDMAN.EXE

PRC - [2002.04.24 03:04:32 | 000,290,816 | ---- | M] (Hewlett-Packard Co.) -- C:\Programme\Hewlett-Packard\AiO\Shared\Bin\hposts07.exe

PRC - [2002.04.24 02:50:00 | 000,299,008 | ---- | M] (Hewlett-Packard Co.) -- C:\Programme\Hewlett-Packard\AiO\Shared\Bin\hpoevm07.exe

PRC - [2002.04.24 02:28:32 | 000,487,484 | ---- | M] (Hewlett-Packard Co.) -- C:\Programme\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe

PRC - [2001.07.03 10:17:04 | 000,065,536 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe

PRC - [2001.07.03 10:11:52 | 000,057,344 | ---- | M] (Hewlett-Packard) -- C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2013.04.12 15:47:12 | 000,397,704 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll

MOD - [2013.03.06 10:57:59 | 002,232,272 | ---- | M] () -- c:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Performer Manager\2.6.1125.80\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.dll

MOD - [2009.02.27 17:41:26 | 000,311,296 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\pdfshell.DEU

MOD - [2002.04.24 03:23:40 | 000,028,672 | ---- | M] () -- C:\Programme\Hewlett-Packard\AiO\Shared\Bin\hpopxs07.dll

MOD - [2001.07.03 10:17:06 | 000,024,576 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnfps.dll

MOD - [2001.07.03 10:17:04 | 000,065,536 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe

 

 
 ========== Services (SafeList) ==========

 

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)

SRV - [2013.04.12 15:47:02 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2013.04.12 15:46:05 | 000,565,472 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)

SRV - [2013.04.12 15:45:54 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2013.03.06 19:53:05 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)

SRV - [2004.05.24 12:35:52 | 000,322,104 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\WINDOWS\system32\drivers\KodakCCS.exe -- (KodakCCS)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)

DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)

DRV - File not found [Kernel | System | Stopped] --  -- (Changer)

DRV - [2013.04.12 15:47:46 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)

DRV - [2013.04.12 15:47:46 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)

DRV - [2013.04.12 15:47:46 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)

DRV - [2013.04.12 15:47:46 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)

DRV - [2010.02.11 14:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)

DRV - [2010.01.17 21:15:33 | 000,108,032 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SSHDRV62.sys -- (SSHDRV62)

DRV - [2008.04.14 00:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)

DRV - [2004.08.03 23:31:36 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)

DRV - [2004.06.02 13:19:00 | 000,038,705 | ---- | M] (Eastman Kodak Company) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\DCFS2k.sys -- (DCFS2K)

DRV - [2004.06.02 13:17:56 | 000,151,985 | ---- | M] (Eastman Kodak Company) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ExportIt.sys -- (Exportit)

DRV - [2004.05.20 08:45:20 | 000,068,950 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcPtp.sys -- (DcPTP)

DRV - [2004.05.20 08:41:54 | 000,061,564 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcFpoint.sys -- (DcFpoint)

DRV - [2004.05.20 08:39:42 | 000,008,022 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcLps.sys -- (DcLps)

DRV - [2004.05.20 08:21:10 | 000,036,918 | ---- | M] (Eastman Kodak Company) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DcCam.sys -- (DcCam)

DRV - [2002.06.21 19:26:22 | 000,655,596 | ---- | M] (Avance Logic, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)

DRV - [2002.04.19 02:15:46 | 000,013,780 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)

DRV - [2001.08.17 15:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\..\SearchScopes,DefaultScope = {54EB54F1-271F-452C-A0C2-4FD6E6836667}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKLM\..\SearchScopes\{54EB54F1-271F-452C-A0C2-4FD6E6836667}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.gmx.net

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/

IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)

IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

IE - HKCU\..\SearchScopes,DefaultScope = {54EB54F1-271F-452C-A0C2-4FD6E6836667}

IE - HKCU\..\SearchScopes\{7DB02800-4267-4367-BC3E-6140AC9B0A58}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=c38efc55-424e-4693-b841-809c35493fe8&apn_sauid=E6B020F3-53A3-4067-9566-7CDB9549B68A

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

 

 
 ========== FireFox ==========

 

FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Programme\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Programme\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Programme\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Programme\Web Assistant\Firefox

 

[2012.12.09 15:18:37 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions

[2012.10.20 08:26:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

 
 ========== Chrome  ==========

 

CHR - default_search_provider:  ()

CHR - default_search_provider: search_url = 

CHR - default_search_provider: suggest_url = 

CHR - homepage: hxxp://www.google.com

CHR - Extension: No name found = C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\

CHR - Extension: No name found = C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\

CHR - Extension: No name found = C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0\

CHR - Extension: No name found = C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\

 

O1 HOSTS File: ([2013.04.11 19:46:45 | 000,446,713 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O1 - Hosts: 127.0.0.1        www.007guard.com

O1 - Hosts: 127.0.0.1        007guard.com

O1 - Hosts: 127.0.0.1        008i.com

O1 - Hosts: 127.0.0.1        www.008k.com

O1 - Hosts: 127.0.0.1        008k.com

O1 - Hosts: 127.0.0.1        www.00hq.com

O1 - Hosts: 127.0.0.1        00hq.com

O1 - Hosts: 127.0.0.1        010402.com

O1 - Hosts: 127.0.0.1        www.032439.com

O1 - Hosts: 127.0.0.1        032439.com

O1 - Hosts: 127.0.0.1        www.0scan.com

O1 - Hosts: 127.0.0.1        0scan.com

O1 - Hosts: 127.0.0.1        1000gratisproben.com

O1 - Hosts: 127.0.0.1        www.1000gratisproben.com

O1 - Hosts: 127.0.0.1        1001namen.com

O1 - Hosts: 127.0.0.1        www.1001namen.com

O1 - Hosts: 127.0.0.1        100888290cs.com

O1 - Hosts: 127.0.0.1        www.100888290cs.com

O1 - Hosts: 127.0.0.1        www.100sexlinks.com

O1 - Hosts: 127.0.0.1        100sexlinks.com

O1 - Hosts: 127.0.0.1        10sek.com

O1 - Hosts: 127.0.0.1        www.10sek.com

O1 - Hosts: 127.0.0.1        www.1-2005-search.com

O1 - Hosts: 127.0.0.1        1-2005-search.com

O1 - Hosts: 15338 more lines...

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - No CLSID value found.

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy_neu\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found.

O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)

O4 - HKLM..\Run: []  File not found

O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [ApnUpdater] C:\Programme\Ask.com\Updater\Updater.exe (Ask)

O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)

O4 - HKLM..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)

O4 - HKLM..\Run: [Share-to-Web Namespace Daemon] C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe (Hewlett-Packard)

O4 - HKLM..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe (Silicon Integrated Systems Corp.)

O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Avance Logic, Inc.)

O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [UnlockerAssistant] "C:\Programme\Unlocker\UnlockerAssistant.exe" File not found

O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy_neu\TeaTimer.exe (Safer-Networking Ltd.)

O4 - HKLM..\RunOnceEx: []  File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy_neu\SDHelper.dll (Safer Networking Limited)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000046 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1284568858303 (WUWebControl Class)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1346448354968 (MUWebControl Class)

O16 - DPF: {DF6504AC-3EFE-4287-B259-FB299B069C95} https://img.web.de/v/mail/activex/fa_os_mms/upload_1141.cab (WEBDE Fotoalbum Upload Control)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4651F23D-E49B-49DA-A501-DF3B0F7BD325}: DhcpNameServer = 192.168.2.1

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O20 - AppInit_DLLs: (c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll) - c:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Performer Manager\2.6.1125.80\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.dll ()

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home

O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009.10.12 10:15:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\{2ed2df72-b710-11de-809e-0010dcdb8abc}\Shell - "" = AutoRun

O33 - MountPoints2\{2ed2df72-b710-11de-809e-0010dcdb8abc}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{2ed2df72-b710-11de-809e-0010dcdb8abc}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2013.04.14 13:42:19 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Alexander Nelle\Recent

[2013.04.13 09:22:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer

[2013.04.13 09:22:35 | 000,000,000 | ---D | C] -- C:\Programme\MSBuild

[2013.04.13 09:22:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US

[2013.04.13 09:22:05 | 000,000,000 | ---D | C] -- C:\Programme\Reference Assemblies

[2013.04.13 09:20:54 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll

[2013.04.13 09:20:54 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll

[2013.04.13 09:20:53 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe

[2013.04.13 09:20:53 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll

[2013.04.13 09:20:52 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll

[2013.04.13 09:20:52 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll

[2013.04.12 16:02:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Anwendungsdaten\DoNotTrackPlus

[2013.04.12 16:02:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\CallingID

[2013.04.12 16:02:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\AskToolbar

[2013.04.12 16:00:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Avira

[2013.04.12 15:56:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\AskToolbar

[2013.04.12 15:55:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Avira

[2013.04.12 15:54:43 | 000,000,000 | ---D | C] -- C:\Programme\Ask.com

[2013.04.12 15:54:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Anwendungsdaten\AskToolbar

[2013.04.12 15:53:54 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys

[2013.04.12 15:53:52 | 000,135,136 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys

[2013.04.12 15:53:52 | 000,084,744 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys

[2013.04.12 15:53:52 | 000,037,352 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avkmgr.sys

[2013.04.12 15:53:46 | 000,000,000 | ---D | C] -- C:\Programme\Avira

[2013.04.12 15:53:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira

[2013.04.07 19:25:45 | 000,000,000 | ---D | C] -- C:\Programme\Unlocker

[2013.04.07 19:19:27 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly

[2013.04.07 19:18:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET

[2013.04.07 12:08:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware

[2013.04.07 12:08:55 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2013.04.07 12:08:54 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware

[2013.04.05 17:38:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Ordner HP Share-to-Web

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2013.04.14 14:50:00 | 000,000,246 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

[2013.04.14 14:40:35 | 000,448,470 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat

[2013.04.14 14:40:35 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2013.04.14 14:40:35 | 000,079,910 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat

[2013.04.14 14:40:35 | 000,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2013.04.14 14:36:17 | 000,001,104 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2013.04.14 14:36:10 | 000,000,312 | ---- | M] () -- C:\WINDOWS\tasks\WinMaximizer-xxx-Startup.job

[2013.04.14 14:36:02 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2013.04.14 14:08:08 | 000,001,108 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2013.04.14 11:27:37 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe

[2013.04.14 11:27:34 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl

[2013.04.13 09:45:01 | 000,122,136 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2013.04.12 16:29:27 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk

[2013.04.12 15:55:36 | 000,001,671 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk

[2013.04.12 15:47:46 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys

[2013.04.12 15:47:46 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys

[2013.04.12 15:47:46 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avkmgr.sys

[2013.04.12 15:47:46 | 000,028,520 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys

[2013.04.11 20:47:00 | 015,425,536 | R--- | M] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\ESBK.mbb

[2013.04.11 20:47:00 | 006,408,192 | R--- | M] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\ESBK.mb

[2013.04.11 19:46:45 | 000,446,713 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2013.04.11 19:06:30 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2013.04.06 19:36:35 | 000,000,654 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk

[2013.04.06 17:56:30 | 000,446,345 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20130411-194645.backup

[2013.04.06 17:06:03 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2013.04.06 15:25:29 | 000,446,345 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20130406-175630.backup

[2013.04.05 21:05:23 | 000,000,211 | -HS- | M] () -- C:\boot.ini

[2013.04.04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2013.03.31 10:48:55 | 000,446,345 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20130406-152529.backup

[2013.03.29 21:49:06 | 000,150,528 | ---- | M] () -- C:\temp.raw

[2013.03.29 18:06:07 | 000,001,755 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache

[2013.03.29 18:05:39 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn

[2013.03.29 16:46:16 | 000,000,838 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\PDF-Viewer.lnk

[2013.03.29 11:41:34 | 000,446,345 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20130331-104855.backup

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2013.04.12 15:55:36 | 000,001,671 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk

[2013.04.12 15:55:21 | 000,000,246 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

[2013.04.07 12:09:00 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk

[2012.09.21 22:03:05 | 000,007,670 | ---- | C] () -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\.freeciv-client-rc-2.3

[2012.09.20 21:50:44 | 000,000,136 | ---- | C] () -- C:\WINDOWS\SIERRA.INI

[2012.06.07 21:43:31 | 000,003,307 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2012.02.15 11:29:35 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2011.12.09 21:28:43 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll

[2011.12.03 21:10:08 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2011.11.25 20:45:29 | 000,032,768 | ---- | C] () -- C:\WINDOWS\SIS_LIB.DLL

[2010.10.02 19:42:32 | 000,040,721 | ---- | C] () -- C:\Dokumente und Einstellungen\xxx\.jose.user.preferences

[2010.09.26 15:34:57 | 000,001,755 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache

[2010.07.15 17:37:30 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\sversion.ini

[2010.02.03 21:41:39 | 000,005,095 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\xnwfyhdk.mld

[2009.10.15 20:21:17 | 000,016,384 | ---- | C] () -- C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

 
 ========== ZeroAccess Check ==========

 

[2013.04.07 19:19:27 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shdocvw.dll -- [2010.06.24 14:10:50 | 001,509,888 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 07:52:34 | 000,273,920 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 88 bytes -> C:\Dokumente und Einstellungen\xxx\Desktop\Aktuelles.doc:SummaryInformation
 

< End of report >

Code:

OTL Extras logfile created on: 12.04.2013 21:19:24 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\xxx\Eigene Dateien\Downloads\Sonstiges

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,00 Gb Total Physical Memory | 1,31 Gb Available Physical Memory | 65,44% Memory free

5,85 Gb Paging File | 5,20 Gb Available in Paging File | 88,85% Paging File free

Paging file location(s): c:\pagefile.sys 8188 8188 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 37,11 Gb Total Space | 11,89 Gb Free Space | 32,04% Space Free | Partition Type: NTFS

Drive D: | 37,41 Gb Total Space | 36,30 Gb Free Space | 97,04% Space Free | Partition Type: NTFS

 

Computer Name: D63E0FC3CE2B498 | User Name: xxx | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

 
 ========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

htmlfile [edit] -- "C:\Programme\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Programme\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 
 ========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

"3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009

 
 ========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

"C:\Programme\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe" = C:\Programme\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater -- ()

"C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Temporary Internet Files\Content.IE5\6W6NRN68\SweetImSetup[1].exe" = C:\Dokumente und Einstellungen\Alexander Nelle\Lokale Einstellungen\Temporary Internet Files\Content.IE5\6W6NRN68\SweetImSetup[1].exe:*:Enabled:SweetIM Installer

"C:\WINDOWS\system32\msiexec.exe" = C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup -- (Microsoft Corporation)

"C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Anwendungsdaten\Freeciv-2.3.2-gtk2\freeciv-server.exe" = C:\Dokumente und Einstellungen\Alexander Nelle\Lokale Einstellungen\Anwendungsdaten\Freeciv-2.3.2-gtk2\freeciv-server.exe:*:Enabled:freeciv-server

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Premium

"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator

"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{10E98E14-832C-4AF7-A4D1-6A9EF83B282E}" = VCAMCEN

"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD

"{154508C0-07C5-4659-A7A0-E49968750D21}" = HLPPDOCK

"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = bProtector for Windows

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17

"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{38441BE7-79B0-42B8-8297-833704F949FE}" = HLPIndex

"{3CA39B0C-BA85-4D42-AC0F-1FF5F60C3353}" = OTtBPSDK

"{432C3720-37BF-4BD7-8E49-F38E090246D0}" = CR2

"{469730CC-78DF-4CD3-B286-562D459EA619}" = ESSCAM

"{48C82F7A-F100-4DAB-A310-8E18BF2159E1}" = ESSvpot

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4F677FC7-7AA8-412B-A957-F13CBE1C7331}" = ESSSONIC

"{54C8FE84-89C4-40E8-976C-439EB0729BD6}" = CardRd81

"{55FA89BD-21D3-42F7-9249-C94C0094A83C}" = Apple Software Update

"{5B2C4D32-A7CD-44B0-8619-4ADBE301B2D3}" = pdfforge Toolbar v5.8

"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr

"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD

"{69BD6399-3D8F-45B7-81D9-819361F5101D}" = PCDLNCH

"{6B103F43-069C-11D6-9EA2-0050BAE317E1}" = Power Cinema

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0

"{748F4870-8350-11D3-B0BF-080009FB4A19}" = HP Share-to-Web

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar

"{87843A41-7808-4F2E-B13F-25C1E67CF2FD}" = ESShelp

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8BB4B58A-A402-4DE8-8FCD-287E60B88DD8}" = ESSCT

"{8DD94CA3-BCD2-49C0-B537-F3B5D95FF0C8}" = HLPSFO

"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini

"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui

"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D1CF8B6-17B3-4832-B062-2C2DD0B57B04}" = CCHelp

"{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}" = ESScore

"{A0AF08BA-3630-4505-BFB2-A41F3837B0D0}" = SFR2

"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer

"{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero - Burning Rom

"{A5B3EB8A-4071-42F0-8E8E-7A8342AA8E69}" = ESSvpaht

"{A6F18A67-B771-4191-8A33-36D2E742D6D9}" = ESSANUP

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.4 - Deutsch

"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK

"{B02A7816-AA3D-4BCB-9FEC-3ED4D5CC6E5C}" = Royal Skat

"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore

"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU

"{C354C9B6-A4E0-4BB0-A368-6DC6BCA0E314}" = SFR

"{CA60320D-6A16-49C8-A34F-84EEF4799567}" = ESSTUTOR

"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector Pro

"{D15E9DB5-6BEB-4534-901E-80C0A29BAB97}" = ESSAdpt

"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare Software

"{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}" = QuickTime

"{F0BA5720-E189-11D4-9EA1-0050BAE317E1}" = PowerVCR II

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

"{F2D0C1B1-80FF-46F9-BA61-33B01A07FAFC}" = HLPCCTR

"{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}" = OTtBP

"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock

"{FEDE2483-87B7-44C1-A5BB-D75AEB8B6340}" = ESSEMAIL

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"ANSTOSS 3_is1" = ANSTOSS 3

"Avira AntiVir Desktop" = Avira Free Antivirus

"CCleaner" = CCleaner

"GPL Ghostscript 9.00" = GPL Ghostscript 9.00

"HP Fotodruck-Programm" = HP Fotodruck-Programm

"hp psc 700 series 1256489411" = hp psc 700 series

"hp psc 700 series 1290890653" = hp psc 700 series - 2

"ie8" = Windows Internet Explorer 8

"IrfanView" = IrfanView (remove only)

"jose-chess" = jose

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300

"MediaShow" = Medi@Show

"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0

"MSNINST" = MSN

"NMPUninstallKey" = Ahead NeroMediaPlayer

"PDF Blender" = PDF Blender

"VideoLive Mail" = VideoLive Mail 4.0

"VLC media player" = VLC media player 0.9.4

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Windows Media Player 11

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater

 
 ========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 12.04.2013 09:58:01 | Computer Name = D63E0FC3CE2B498 | Source = Application Error | ID = 1000

Description = Fehlgeschlagene Anwendung SaUpdate.exe, Version 0.0.0.0, fehlgeschlagenes

 Modul unknown, Version 0.0.0.0, Fehleradresse 0x4ebb7456.

 

Error - 12.04.2013 10:24:14 | Computer Name = D63E0FC3CE2B498 | Source = Application Error | ID = 1000

Description = Fehlgeschlagene Anwendung iexplore.exe, Version 8.0.6001.18702, fehlgeschlagenes

 Modul unknown, Version 0.0.0.0, Fehleradresse 0x4ebb74b2.

 

Error - 12.04.2013 15:15:34 | Computer Name = D63E0FC3CE2B498 | Source = Application Error | ID = 1000

Description = Fehlgeschlagene Anwendung iexplore.exe, Version 8.0.6001.18702, fehlgeschlagenes

 Modul unknown, Version 0.0.0.0, Fehleradresse 0x4ebb74b2.

 

[ Application Events ]

Error - 12.04.2013 09:58:01 | Computer Name = D63E0FC3CE2B498 | Source = Application Error | ID = 1000

Description = Fehlgeschlagene Anwendung SaUpdate.exe, Version 0.0.0.0, fehlgeschlagenes

 Modul unknown, Version 0.0.0.0, Fehleradresse 0x4ebb7456.

 

Error - 12.04.2013 10:24:14 | Computer Name = D63E0FC3CE2B498 | Source = Application Error | ID = 1000

Description = Fehlgeschlagene Anwendung iexplore.exe, Version 8.0.6001.18702, fehlgeschlagenes

 Modul unknown, Version 0.0.0.0, Fehleradresse 0x4ebb74b2.

 

Error - 12.04.2013 15:15:34 | Computer Name = D63E0FC3CE2B498 | Source = Application Error | ID = 1000

Description = Fehlgeschlagene Anwendung iexplore.exe, Version 8.0.6001.18702, fehlgeschlagenes

 Modul unknown, Version 0.0.0.0, Fehleradresse 0x4ebb74b2.

 

[ System Events ]

Error - 01.04.2013 04:57:10 | Computer Name = D63E0FC3CE2B498 | Source = W32Time | ID = 39452701

Description = Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren

 Zeitquellen  konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb  der

 nächsten 14 Minuten wird kein Versuch unternommen, eine Verbindung  mit der Quelle

 herzustellen.  Der NtpClient verfügt über keine Quelle mit genauer Zeit.

 

Error - 06.04.2013 11:06:04 | Computer Name = D63E0FC3CE2B498 | Source = SideBySide | ID = 16842813

Description = Syntaxfehler in Manifest- oder Richtliniendatei "C:\Programme\Apple

 Software Update\Plugins\EXEInstallPlugin.dll.Manifest" in Zeile 2.  Das erforderliche

 Attribut version fehlt in Element assemblyIdentity.

 

Error - 06.04.2013 11:06:04 | Computer Name = D63E0FC3CE2B498 | Source = SideBySide | ID = 16842810

Description = Syntaxfehler in der Manifest- oder Richtliniendatei "C:\Programme\Apple

 Software Update\Plugins\EXEInstallPlugin.dll.Manifest" in Zeile 2.

 

Error - 06.04.2013 11:06:04 | Computer Name = D63E0FC3CE2B498 | Source = SideBySide | ID = 16842811

Description = Generate Activation Context ist für C:\Programme\Apple Software Update\Plugins\EXEInstallPlugin.dll.Manifest

 fehlgeschlagen.  Referenzfehlermeldung: Der Vorgang wurde erfolgreich beendet.  .

 

Error - 06.04.2013 11:06:05 | Computer Name = D63E0FC3CE2B498 | Source = SideBySide | ID = 16842813

Description = Syntaxfehler in Manifest- oder Richtliniendatei "C:\Programme\Apple

 Software Update\Plugins\MSIInstallPlugin.dll.Manifest" in Zeile 2.  Das erforderliche

 Attribut version fehlt in Element assemblyIdentity.

 

Error - 06.04.2013 11:06:05 | Computer Name = D63E0FC3CE2B498 | Source = SideBySide | ID = 16842810

Description = Syntaxfehler in der Manifest- oder Richtliniendatei "C:\Programme\Apple

 Software Update\Plugins\MSIInstallPlugin.dll.Manifest" in Zeile 2.

 

Error - 06.04.2013 11:06:05 | Computer Name = D63E0FC3CE2B498 | Source = SideBySide | ID = 16842811

Description = Generate Activation Context ist für C:\Programme\Apple Software Update\Plugins\MSIInstallPlugin.dll.Manifest

 fehlgeschlagen.  Referenzfehlermeldung: Der Vorgang wurde erfolgreich beendet.  .

 

Error - 07.04.2013 13:40:31 | Computer Name = D63E0FC3CE2B498 | Source = Service Control Manager | ID = 7031

Description = Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet

 beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden

 in 30000 Millisekunden durchgeführt: Starten Sie den Dienst neu..

 

Error - 11.04.2013 13:07:44 | Computer Name = D63E0FC3CE2B498 | Source = W32Time | ID = 39452689

Description = Zeitabieter "NtpClient": Beim DNS-Lookup für den manuell konfigurierten

 Peer  "time.windows.com,0x1" ist ein Fehler aufgetreten. Der DNS-Lookup wird in 15

 Minuten  wiederholt.  Fehler: Der Host war bei einem Socketvorgang nicht erreichbar.

 (0x80072751)

 

Error - 11.04.2013 13:07:44 | Computer Name = D63E0FC3CE2B498 | Source = W32Time | ID = 39452701

Description = Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren

 Zeitquellen  konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb  der

 nächsten 13 Minuten wird kein Versuch unternommen, eine Verbindung  mit der Quelle

 herzustellen.  Der NtpClient verfügt über keine Quelle mit genauer Zeit.

 

 

< End of report >

Code:

GMER 2.1.19163 - hxxp://www.gmer.net

Rootkit scan 2013-04-14 17:12:26

Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST380022A rev.3.30 74,53GB

Running: gmer_2.1.19163.exe; Driver: C:\DOKUME~1\xxx\LOKALE~1\Temp\awgdraod.sys
 
 

---- System - GMER 2.1 ----
 

SSDT    B53AE3E4                                                                                                                                                  ZwClose

SSDT    B53AE39E                                                                                                                                                  ZwCreateKey

SSDT    B53AE3EE                                                                                                                                                  ZwCreateSection

SSDT    B53AE394                                                                                                                                                  ZwCreateThread

SSDT    B53AE3A3                                                                                                                                                  ZwDeleteKey

SSDT    B53AE3AD                                                                                                                                                  ZwDeleteValueKey

SSDT    B53AE3DF                                                                                                                                                  ZwDuplicateObject

SSDT    B53AE3B2                                                                                                                                                  ZwLoadKey

SSDT    B53AE380                                                                                                                                                  ZwOpenProcess

SSDT    B53AE385                                                                                                                                                  ZwOpenThread

SSDT    B53AE407                                                                                                                                                  ZwQueryValueKey

SSDT    B53AE3BC                                                                                                                                                  ZwReplaceKey

SSDT    B53AE3F8                                                                                                                                                  ZwRequestWaitReplyPort

SSDT    B53AE3B7                                                                                                                                                  ZwRestoreKey

SSDT    B53AE3F3                                                                                                                                                  ZwSetContextThread

SSDT    B53AE3FD                                                                                                                                                  ZwSetSecurityObject

SSDT    B53AE3A8                                                                                                                                                  ZwSetValueKey

SSDT    B53AE402                                                                                                                                                  ZwSystemDebugControl

SSDT    B53AE38F                                                                                                                                                  ZwTerminateProcess
 

---- User code sections - GMER 2.1 ----
 

.text   C:\WINDOWS\system32\svchost.exe[688] USER32.dll!DialogBoxParamW                                                                                           7E3747AB 5 Bytes  JMP 10004620 c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

.text   C:\WINDOWS\system32\winlogon.exe[740] USER32.dll!DialogBoxParamW                                                                                          7E3747AB 5 Bytes  JMP 10004620 c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

.text   C:\WINDOWS\system32\services.exe[784] USER32.dll!DialogBoxParamW                                                                                          7E3747AB 5 Bytes  JMP 10004620 c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

.text   C:\WINDOWS\system32\lsass.exe[796] USER32.dll!DialogBoxParamW                                                                                             7E3747AB 5 Bytes  JMP 10004620 c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

.text   C:\WINDOWS\system32\svchost.exe[956] USER32.dll!DialogBoxParamW                                                                                           7E3747AB 5 Bytes  JMP 10004620 c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

.text   ...                                                                                                                                                       

.text   C:\Programme\Internet Explorer\iexplore.exe[2336] USER32.dll!CreateWindowExW                                                                              7E37D0A3 5 Bytes  JMP 4126DB04 C:\WINDOWS\system32\IEFRAME.dll

.text   C:\Programme\Internet Explorer\iexplore.exe[2336] USER32.dll!DialogBoxIndirectParamW                                                                      7E382072 5 Bytes  JMP 4136727F C:\WINDOWS\system32\IEFRAME.dll

.text   C:\Programme\Internet Explorer\iexplore.exe[2336] USER32.dll!MessageBoxIndirectA                                                                          7E38A082 5 Bytes  JMP 413671B1 C:\WINDOWS\system32\IEFRAME.dll

.text   C:\Programme\Internet Explorer\iexplore.exe[2336] USER32.dll!DialogBoxParamA                                                                              7E38B144 5 Bytes  JMP 4136721C C:\WINDOWS\system32\IEFRAME.dll

.text   C:\Programme\Internet Explorer\iexplore.exe[2336] USER32.dll!MessageBoxExW                                                                                7E3A0838 5 Bytes  JMP 41367082 C:\WINDOWS\system32\IEFRAME.dll

.text   C:\Programme\Internet Explorer\iexplore.exe[2336] USER32.dll!MessageBoxExA                                                                                7E3A085C 5 Bytes  JMP 413670E4 C:\WINDOWS\system32\IEFRAME.dll

.text   C:\Programme\Internet Explorer\iexplore.exe[2336] USER32.dll!DialogBoxIndirectParamA                                                                      7E3A6D7D 5 Bytes  JMP 413672E2 C:\WINDOWS\system32\IEFRAME.dll

.text   C:\Programme\Internet Explorer\iexplore.exe[2336] USER32.dll!MessageBoxIndirectW                                                                          7E3B64D5 5 Bytes  JMP 41367146 C:\WINDOWS\system32\IEFRAME.dll

.text   C:\Programme\Internet Explorer\iexplore.exe[2504] USER32.dll!DialogBoxParamW                                                                              7E3747AB 5 Bytes  JMP 4119550D C:\WINDOWS\system32\IEFRAME.dll

.text   C:\Programme\Internet Explorer\iexplore.exe[2504] USER32.dll!SetWindowsHookExW                                                                            7E37820F 5 Bytes  JMP 41269A95 C:\WINDOWS\system32\IEFRAME.dll

.text   C:\Programme\Internet Explorer\iexplore.exe[2504] USER32.dll!CallNextHookEx                                                                               7E37B3C6 5 Bytes  JMP 4125D10D C:\WINDOWS\system32\IEFRAME.dll

.text   C:\Programme\Internet Explorer\iexplore.exe[2504] USER32.dll!CreateWindowExW                                                                              7E37D0A3 5 Bytes  JMP 4126DB04 C:\WINDOWS\system32\IEFRAME.dll

.text   C:\Programme\Internet Explorer\iexplore.exe[2504] USER32.dll!UnhookWindowsHookEx                                                                          7E37D5F3 5 Bytes  JMP 411D4674 C:\WINDOWS\system32\IEFRAME.dll

.text   C:\Programme\Internet Explorer\iexplore.exe[2504] USER32.dll!DialogBoxIndirectParamW                                                                      7E382072 5 Bytes  JMP 4136727F C:\WINDOWS\system32\IEFRAME.dll

.text   C:\Programme\Internet Explorer\iexplore.exe[2504] USER32.dll!MessageBoxIndirectA                                                                          7E38A082 5 Bytes  JMP 413671B1 C:\WINDOWS\system32\IEFRAME.dll

.text   C:\Programme\Internet Explorer\iexplore.exe[2504] USER32.dll!DialogBoxParamA                                                                              7E38B144 5 Bytes  JMP 4136721C C:\WINDOWS\system32\IEFRAME.dll

.text   C:\Programme\Internet Explorer\iexplore.exe[2504] USER32.dll!MessageBoxExW                                                                                7E3A0838 5 Bytes  JMP 41367082 C:\WINDOWS\system32\IEFRAME.dll

.text   C:\Programme\Internet Explorer\iexplore.exe[2504] USER32.dll!MessageBoxExA                                                                                7E3A085C 5 Bytes  JMP 413670E4 C:\WINDOWS\system32\IEFRAME.dll

.text   C:\Programme\Internet Explorer\iexplore.exe[2504] USER32.dll!DialogBoxIndirectParamA                                                                      7E3A6D7D 5 Bytes  JMP 413672E2 C:\WINDOWS\system32\IEFRAME.dll

.text   C:\Programme\Internet Explorer\iexplore.exe[2504] USER32.dll!MessageBoxIndirectW                                                                          7E3B64D5 5 Bytes  JMP 41367146 C:\WINDOWS\system32\IEFRAME.dll

.text   C:\Programme\Internet Explorer\iexplore.exe[2504] ole32.dll!CoCreateInstance                                                                              774CF1BC 5 Bytes  JMP 4126DB60 C:\WINDOWS\system32\IEFRAME.dll

.text   C:\Programme\Internet Explorer\iexplore.exe[2504] ole32.dll!OleLoadFromStream                                                                             774F983B 5 Bytes  JMP 41367600 C:\WINDOWS\system32\IEFRAME.dll

.text   C:\WINDOWS\System32\svchost.exe[2832] USER32.dll!DialogBoxParamW                                                                                          7E3747AB 5 Bytes  JMP 10004620 c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

.text   C:\Programme\Windows Media Player\WMPNetwk.exe[3448] USER32.dll!DialogBoxParamW                                                                           7E3747AB 5 Bytes  JMP 10004620 c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

.text   C:\Dokumente und Einstellungen\xxx\Eigene Dateien\Downloads\Sonstiges\Antivirenprogramme\gmer_2.1.19163.exe[3688] USER32.dll!DialogBoxParamW  7E3747AB 5 Bytes  JMP 10004620 c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
 

---- User IAT/EAT - GMER 2.1 ----
 

IAT     C:\WINDOWS\system32\svchost.exe[688] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA]                                                        [10009A00] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\svchost.exe[688] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtOpenKey]                                                              [1000DC10] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\svchost.exe[688] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtClose]                                                                [1000DCD0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\winlogon.exe[740] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!LoadLibraryW]                                                      [10009A50] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\winlogon.exe[740] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!LoadLibraryA]                                                      [10009A00] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\winlogon.exe[740] @ C:\WINDOWS\system32\winlogon.exe [ntdll.dll!NtOpenFile]                                                           [10009BC0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\winlogon.exe[740] @ C:\WINDOWS\system32\winlogon.exe [ntdll.dll!NtOpenKey]                                                            [1000DC10] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\winlogon.exe[740] @ C:\WINDOWS\system32\winlogon.exe [ntdll.dll!NtQueryValueKey]                                                      [1000DAC0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\winlogon.exe[740] @ C:\WINDOWS\system32\winlogon.exe [ntdll.dll!NtClose]                                                              [1000DCD0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\winlogon.exe[740] @ C:\WINDOWS\system32\winlogon.exe [ntdll.dll!NtSetValueKey]                                                        [1000DB30] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\winlogon.exe[740] @ C:\WINDOWS\system32\winlogon.exe [ntdll.dll!NtCreateKey]                                                          [1000DBA0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\services.exe[784] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!LoadLibraryA]                                                      [10009A00] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\services.exe[784] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!LoadLibraryW]                                                      [10009A50] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\services.exe[784] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtCreateKey]                                                          [1000DBA0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\services.exe[784] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtQueryValueKey]                                                      [1000DAC0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\services.exe[784] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtSetValueKey]                                                        [1000DB30] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\services.exe[784] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtDeleteValueKey]                                                     [1000DDA0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\services.exe[784] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtEnumerateKey]                                                       [1000D9E0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\services.exe[784] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtOpenKey]                                                            [1000DC10] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\services.exe[784] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtDeleteKey]                                                          [1000DD50] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\services.exe[784] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtSetInformationFile]                                                 [10009D70] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\services.exe[784] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtQueryInformationFile]                                               [10009440] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\services.exe[784] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtDeleteFile]                                                         [10009D20] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\services.exe[784] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtOpenFile]                                                           [10009BC0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\services.exe[784] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtQueryKey]                                                           [10009400] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\services.exe[784] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtClose]                                                              [1000DCD0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\svchost.exe[956] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA]                                                        [10009A00] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\svchost.exe[956] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtOpenKey]                                                              [1000DC10] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\svchost.exe[956] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtClose]                                                                [1000DCD0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA]                                                       [10009A00] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtOpenKey]                                                             [1000DC10] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtClose]                                                               [1000DCD0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\System32\svchost.exe[1144] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryA]                                                       [10009A00] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\System32\svchost.exe[1144] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtOpenKey]                                                             [1000DC10] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\System32\svchost.exe[1144] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtClose]                                                               [1000DCD0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA]                                                       [10009A00] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtOpenKey]                                                             [1000DC10] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtClose]                                                               [1000DCD0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\svchost.exe[1256] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA]                                                       [10009A00] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\svchost.exe[1256] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtOpenKey]                                                             [1000DC10] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\svchost.exe[1256] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtClose]                                                               [1000DCD0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\svchost.exe[1400] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA]                                                       [10009A00] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\svchost.exe[1400] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtOpenKey]                                                             [1000DC10] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\svchost.exe[1400] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtClose]                                                               [1000DCD0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\Explorer.EXE[1496] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryA]                                                                       [10009A00] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\Explorer.EXE[1496] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryW]                                                                       [10009A50] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\svchost.exe[1852] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA]                                                       [10009A00] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\svchost.exe[1852] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtOpenKey]                                                             [1000DC10] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\system32\svchost.exe[1852] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtClose]                                                               [1000DCD0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\System32\svchost.exe[2832] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryA]                                                       [10009A00] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\System32\svchost.exe[2832] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtOpenKey]                                                             [1000DC10] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll

IAT     C:\WINDOWS\System32\svchost.exe[2832] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtClose]                                                               [1000DCD0] c:\dokume~1\alluse~1\anwend~1\pcperf~1\261125~1.80\{61d8b~1\pcpmngr.dll
 

---- Devices - GMER 2.1 ----
 

Device  \Driver\BTHUSB \Device\00000066                                                                                                                           bthport.sys

Device  \Driver\BTHUSB \Device\00000068                                                                                                                           bthport.sys
 

---- Registry - GMER 2.1 ----
 

Reg     HKLM\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\001060a94821 (not active ControlSet)                                                           

Reg     HKLM\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\001060a94821@00265d50b7d2                                                                      0xC0 0x93 0x43 0xAF ...

Reg     HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001060a94821                                                                               

Reg     HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\001060a94821 (not active ControlSet)                                                           

Reg     HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF\Usage@CallingID                      1116604913
 

---- EOF - GMER 2.1 ----

Wieso postest du nur ein Log von MBAM ohne Funde? :confused:
Wo sind die MABM-Logs mit Funden? Bitte nachreichen

MABM hat, auch nach mehreren Suchläufen, nie etwas auf meinem Computer gefunden.
Alle MABM-Logs sind sauber, obwohl ja noch die Datei PC Performer Manager vorhanden ist.
(Siehe Pfad erster Beitrag)
Nach der Warnung von Spybot Search and Destroy, habe ich lediglich die Datei pcpmngr.exe gelöscht.
Daher auch meine Frage im ersten Beitrag, wie ich mit der noch verbliebenen Datei PC Performer Manager umgehen soll.

Aber du hast doch das hier geschrieben:

Zitat:

Pcmngr.exe habe ich mit Malwarebytes Anti – Malware gelöscht, seitdem erscheint die Meldung nicht mehr.

Oder haste da MBAM mit Spybot verwechselt?

Bevor wir uns an die weitere Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.

Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.
Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.
Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!
Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!
Die Logs der aufgegebenen Tools wie zB Malwarebytes sind immer zu posten - egal ob ein Fund dabei war oder nicht!
Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.

Bitte die drei Tools MBAR / aswMBR / TDSSkiller nun ausführen und die Logs in CODE-Tags posten

MBAR (Malwarebytes Anti-Rootkit)

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

aswMBR

Downloade dir bitte

aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe - (aswMBR.exe Anleitung)
Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS-Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).

TDSS-Killer

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Code:

---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.05.0.1001
 

(c) Malwarebytes Corporation 2011-2012
 

OS version: 5.1.2600 Windows XP Service Pack 3 x86
 

Account is Administrative
 

Internet Explorer version: 8.0.6001.18702
 

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED

CPU speed: 2.405000 GHz

Memory total: 2146947072, free: 1399939072
 

---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.05.0.1001
 

(c) Malwarebytes Corporation 2011-2012
 

OS version: 5.1.2600 Windows XP Service Pack 3 x86
 

Account is Administrative
 

Internet Explorer version: 8.0.6001.18702
 

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED

CPU speed: 2.405000 GHz

Memory total: 2146947072, free: 1400270848
 

------------ Kernel report ------------

     04/15/2013 21:49:12

------------ Loaded modules -----------

\WINDOWS\system32\ntoskrnl.exe

\WINDOWS\system32\hal.dll

\WINDOWS\system32\KDCOM.DLL

\WINDOWS\system32\BOOTVID.dll

ACPI.sys

\WINDOWS\system32\DRIVERS\WMILIB.SYS

pci.sys

isapnp.sys

ohci1394.sys

\WINDOWS\system32\DRIVERS\1394BUS.SYS

pciide.sys

\WINDOWS\system32\DRIVERS\PCIIDEX.SYS

MountMgr.sys

ftdisk.sys

PartMgr.sys

VolSnap.sys

atapi.sys

disk.sys

\WINDOWS\system32\DRIVERS\CLASSPNP.SYS

fltmgr.sys

sr.sys

PxHelp20.sys

KSecDD.sys

Ntfs.sys

NDIS.sys

sisagp.sys

Mup.sys

\SystemRoot\system32\DRIVERS\nic1394.sys

\SystemRoot\system32\DRIVERS\tunmp.sys

\SystemRoot\system32\DRIVERS\intelppm.sys

\SystemRoot\system32\DRIVERS\nv4_mini.sys

\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS

\SystemRoot\system32\DRIVERS\imapi.sys

\SystemRoot\system32\drivers\pfc.sys

\SystemRoot\system32\DRIVERS\cdrom.sys

\SystemRoot\system32\DRIVERS\redbook.sys

\SystemRoot\system32\DRIVERS\ks.sys

\SystemRoot\system32\drivers\ALCXWDM.SYS

\SystemRoot\system32\drivers\portcls.sys

\SystemRoot\system32\drivers\drmk.sys

\SystemRoot\system32\DRIVERS\usbohci.sys

\SystemRoot\system32\DRIVERS\USBPORT.SYS

\SystemRoot\system32\DRIVERS\usbehci.sys

\SystemRoot\system32\DRIVERS\sisnic.sys

\SystemRoot\system32\DRIVERS\fdc.sys

\SystemRoot\system32\DRIVERS\serial.sys

\SystemRoot\system32\DRIVERS\serenum.sys

\SystemRoot\system32\DRIVERS\parport.sys

\SystemRoot\system32\DRIVERS\i8042prt.sys

\SystemRoot\system32\DRIVERS\kbdclass.sys

\SystemRoot\system32\DRIVERS\gameenum.sys

\SystemRoot\system32\drivers\msmpu401.sys

\SystemRoot\system32\DRIVERS\audstub.sys

\SystemRoot\system32\DRIVERS\rasl2tp.sys

\SystemRoot\system32\DRIVERS\ndistapi.sys

\SystemRoot\system32\DRIVERS\ndiswan.sys

\SystemRoot\system32\DRIVERS\raspppoe.sys

\SystemRoot\system32\DRIVERS\raspptp.sys

\SystemRoot\system32\DRIVERS\TDI.SYS

\SystemRoot\system32\DRIVERS\psched.sys

\SystemRoot\system32\DRIVERS\msgpc.sys

\SystemRoot\system32\DRIVERS\ptilink.sys

\SystemRoot\system32\DRIVERS\raspti.sys

\SystemRoot\system32\DRIVERS\termdd.sys

\SystemRoot\system32\DRIVERS\mouclass.sys

\SystemRoot\system32\DRIVERS\swenum.sys

\SystemRoot\system32\DRIVERS\update.sys

\SystemRoot\system32\DRIVERS\mssmbios.sys

\SystemRoot\System32\Drivers\NDProxy.SYS

\SystemRoot\system32\DRIVERS\usbhub.sys

\SystemRoot\system32\DRIVERS\USBD.SYS

\SystemRoot\system32\DRIVERS\flpydisk.sys

\??\C:\WINDOWS\system32\drivers\SSHDRV62.sys

\SystemRoot\System32\Drivers\Fs_Rec.SYS

\SystemRoot\system32\DRIVERS\DcCam.sys

\SystemRoot\system32\DRIVERS\EXPORTIT.SYS

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\SystemRoot\System32\drivers\vga.sys

\SystemRoot\System32\Drivers\mnmdd.SYS

\SystemRoot\System32\DRIVERS\RDPCDD.sys

\SystemRoot\System32\Drivers\Msfs.SYS

\SystemRoot\System32\Drivers\Npfs.SYS

\SystemRoot\system32\DRIVERS\rasacd.sys

\SystemRoot\system32\DRIVERS\ipsec.sys

\SystemRoot\system32\DRIVERS\tcpip.sys

\SystemRoot\system32\DRIVERS\netbt.sys

\SystemRoot\system32\DRIVERS\tcpip6.sys

\SystemRoot\System32\drivers\afd.sys

\SystemRoot\system32\DRIVERS\netbios.sys

\SystemRoot\system32\DRIVERS\ssmdrv.sys

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\system32\DRIVERS\mrxsmb.sys

\SystemRoot\System32\Drivers\Fips.SYS

\SystemRoot\system32\DRIVERS\ipnat.sys

\SystemRoot\system32\drivers\ip6fw.sys

\SystemRoot\system32\DRIVERS\wanarp.sys

\SystemRoot\system32\DRIVERS\arp1394.sys

\SystemRoot\system32\DRIVERS\avkmgr.sys

\SystemRoot\system32\DRIVERS\avipbb.sys

\SystemRoot\System32\Drivers\BTHUSB.sys

\SystemRoot\System32\Drivers\bthport.sys

\SystemRoot\system32\DRIVERS\hidusb.sys

\SystemRoot\system32\DRIVERS\HIDCLASS.SYS

\SystemRoot\system32\DRIVERS\HIDPARSE.SYS

\SystemRoot\system32\DRIVERS\mouhid.sys

\SystemRoot\system32\DRIVERS\rfcomm.sys

\SystemRoot\system32\DRIVERS\BthEnum.sys

\SystemRoot\system32\DRIVERS\bthpan.sys

\SystemRoot\System32\Drivers\Cdfs.SYS

\SystemRoot\System32\Drivers\dump_atapi.sys

\SystemRoot\System32\Drivers\dump_WMILIB.SYS

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\drivers\Dxapi.sys

\SystemRoot\System32\watchdog.sys

\SystemRoot\System32\drivers\dxg.sys

\SystemRoot\System32\drivers\dxgthk.sys

\SystemRoot\System32\nv4_disp.dll

\SystemRoot\System32\ATMFD.DLL

\SystemRoot\system32\DRIVERS\avgntflt.sys

\SystemRoot\system32\drivers\dcfs2k.sys

\SystemRoot\system32\DRIVERS\ndisuio.sys

\SystemRoot\system32\drivers\wdmaud.sys

\SystemRoot\system32\drivers\sysaudio.sys

\SystemRoot\system32\DRIVERS\mrxdav.sys

\SystemRoot\System32\Drivers\ParVdm.SYS

\SystemRoot\system32\DRIVERS\srv.sys

\SystemRoot\System32\Drivers\HTTP.sys

\SystemRoot\system32\drivers\kmixer.sys

\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys

\??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys

\WINDOWS\system32\ntdll.dll

----------- End -----------

<<<1>>>

Upper Device Name: \Device\Harddisk0\DR0

Upper Device Object: 0xffffffff89bcaab8

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-3\

Lower Device Object: 0xffffffff89bbf940

Lower Device Driver Name: \Driver\atapi\

Driver name found: atapi

Initialization returned 0x0

Load Function returned 0x0

Downloaded database version: v2013.04.15.09

Downloaded database version: v2013.03.25.01

=======================================
 
 

---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.05.0.1001
 

(c) Malwarebytes Corporation 2011-2012
 

OS version: 5.1.2600 Windows XP Service Pack 3 x86
 

Account is Administrative
 

Internet Explorer version: 8.0.6001.18702
 

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED

CPU speed: 2.405000 GHz

Memory total: 2146947072, free: 1428725760
 

------------ Kernel report ------------

     04/19/2013 16:14:15

------------ Loaded modules -----------

\WINDOWS\system32\ntoskrnl.exe

\WINDOWS\system32\hal.dll

\WINDOWS\system32\KDCOM.DLL

\WINDOWS\system32\BOOTVID.dll

ACPI.sys

\WINDOWS\system32\DRIVERS\WMILIB.SYS

pci.sys

isapnp.sys

ohci1394.sys

\WINDOWS\system32\DRIVERS\1394BUS.SYS

pciide.sys

\WINDOWS\system32\DRIVERS\PCIIDEX.SYS

MountMgr.sys

ftdisk.sys

PartMgr.sys

VolSnap.sys

atapi.sys

disk.sys

\WINDOWS\system32\DRIVERS\CLASSPNP.SYS

fltmgr.sys

sr.sys

PxHelp20.sys

KSecDD.sys

Ntfs.sys

NDIS.sys

sisagp.sys

Mup.sys

\SystemRoot\system32\DRIVERS\nic1394.sys

\SystemRoot\system32\DRIVERS\tunmp.sys

\SystemRoot\system32\DRIVERS\intelppm.sys

\SystemRoot\system32\DRIVERS\nv4_mini.sys

\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS

\SystemRoot\system32\DRIVERS\imapi.sys

\SystemRoot\system32\drivers\pfc.sys

\SystemRoot\system32\DRIVERS\cdrom.sys

\SystemRoot\system32\DRIVERS\redbook.sys

\SystemRoot\system32\DRIVERS\ks.sys

\SystemRoot\system32\drivers\ALCXWDM.SYS

\SystemRoot\system32\drivers\portcls.sys

\SystemRoot\system32\drivers\drmk.sys

\SystemRoot\system32\DRIVERS\usbohci.sys

\SystemRoot\system32\DRIVERS\USBPORT.SYS

\SystemRoot\system32\DRIVERS\usbehci.sys

\SystemRoot\system32\DRIVERS\sisnic.sys

\SystemRoot\system32\DRIVERS\fdc.sys

\SystemRoot\system32\DRIVERS\serial.sys

\SystemRoot\system32\DRIVERS\serenum.sys

\SystemRoot\system32\DRIVERS\parport.sys

\SystemRoot\system32\DRIVERS\i8042prt.sys

\SystemRoot\system32\DRIVERS\kbdclass.sys

\SystemRoot\system32\DRIVERS\gameenum.sys

\SystemRoot\system32\drivers\msmpu401.sys

\SystemRoot\system32\DRIVERS\audstub.sys

\SystemRoot\system32\DRIVERS\rasl2tp.sys

\SystemRoot\system32\DRIVERS\ndistapi.sys

\SystemRoot\system32\DRIVERS\ndiswan.sys

\SystemRoot\system32\DRIVERS\raspppoe.sys

\SystemRoot\system32\DRIVERS\raspptp.sys

\SystemRoot\system32\DRIVERS\TDI.SYS

\SystemRoot\system32\DRIVERS\psched.sys

\SystemRoot\system32\DRIVERS\msgpc.sys

\SystemRoot\system32\DRIVERS\ptilink.sys

\SystemRoot\system32\DRIVERS\raspti.sys

\SystemRoot\system32\DRIVERS\termdd.sys

\SystemRoot\system32\DRIVERS\mouclass.sys

\SystemRoot\system32\DRIVERS\swenum.sys

\SystemRoot\system32\DRIVERS\update.sys

\SystemRoot\system32\DRIVERS\mssmbios.sys

\SystemRoot\System32\Drivers\NDProxy.SYS

\SystemRoot\system32\DRIVERS\usbhub.sys

\SystemRoot\system32\DRIVERS\USBD.SYS

\SystemRoot\system32\DRIVERS\flpydisk.sys

\??\C:\WINDOWS\system32\drivers\SSHDRV62.sys

\SystemRoot\System32\Drivers\Fs_Rec.SYS

\SystemRoot\system32\DRIVERS\DcCam.sys

\SystemRoot\system32\DRIVERS\EXPORTIT.SYS

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\SystemRoot\System32\drivers\vga.sys

\SystemRoot\System32\Drivers\mnmdd.SYS

\SystemRoot\System32\DRIVERS\RDPCDD.sys

\SystemRoot\System32\Drivers\Msfs.SYS

\SystemRoot\System32\Drivers\Npfs.SYS

\SystemRoot\system32\DRIVERS\rasacd.sys

\SystemRoot\system32\DRIVERS\ipsec.sys

\SystemRoot\system32\DRIVERS\tcpip.sys

\SystemRoot\system32\DRIVERS\netbt.sys

\SystemRoot\system32\DRIVERS\tcpip6.sys

\SystemRoot\System32\drivers\afd.sys

\SystemRoot\system32\DRIVERS\netbios.sys

\SystemRoot\system32\DRIVERS\ssmdrv.sys

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\system32\DRIVERS\mrxsmb.sys

\SystemRoot\System32\Drivers\Fips.SYS

\SystemRoot\system32\DRIVERS\ipnat.sys

\SystemRoot\system32\drivers\ip6fw.sys

\SystemRoot\system32\DRIVERS\wanarp.sys

\SystemRoot\system32\DRIVERS\arp1394.sys

\SystemRoot\system32\DRIVERS\avkmgr.sys

\SystemRoot\system32\DRIVERS\avipbb.sys

\SystemRoot\System32\Drivers\BTHUSB.sys

\SystemRoot\System32\Drivers\bthport.sys

\SystemRoot\system32\DRIVERS\hidusb.sys

\SystemRoot\system32\DRIVERS\HIDCLASS.SYS

\SystemRoot\system32\DRIVERS\HIDPARSE.SYS

\SystemRoot\system32\DRIVERS\mouhid.sys

\SystemRoot\system32\DRIVERS\rfcomm.sys

\SystemRoot\system32\DRIVERS\BthEnum.sys

\SystemRoot\system32\DRIVERS\bthpan.sys

\SystemRoot\System32\Drivers\Cdfs.SYS

\SystemRoot\System32\Drivers\dump_atapi.sys

\SystemRoot\System32\Drivers\dump_WMILIB.SYS

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\drivers\Dxapi.sys

\SystemRoot\System32\watchdog.sys

\SystemRoot\System32\drivers\dxg.sys

\SystemRoot\System32\drivers\dxgthk.sys

\SystemRoot\System32\nv4_disp.dll

\SystemRoot\System32\ATMFD.DLL

\SystemRoot\system32\DRIVERS\avgntflt.sys

\SystemRoot\system32\drivers\dcfs2k.sys

\SystemRoot\system32\DRIVERS\ndisuio.sys

\SystemRoot\system32\drivers\wdmaud.sys

\SystemRoot\system32\drivers\sysaudio.sys

\SystemRoot\system32\DRIVERS\mrxdav.sys

\SystemRoot\System32\Drivers\ParVdm.SYS

\SystemRoot\system32\DRIVERS\srv.sys

\SystemRoot\System32\Drivers\Fastfat.SYS

\SystemRoot\System32\Drivers\HTTP.sys

\SystemRoot\system32\drivers\kmixer.sys

\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys

\??\C:\WINDOWS\system32\drivers\421E2169.sys

\WINDOWS\system32\ntdll.dll

----------- End -----------

------------ Kernel report ------------

     04/19/2013 16:18:30

------------ Loaded modules -----------

\WINDOWS\system32\ntoskrnl.exe

\WINDOWS\system32\hal.dll

\WINDOWS\system32\KDCOM.DLL

\WINDOWS\system32\BOOTVID.dll

ACPI.sys

\WINDOWS\system32\DRIVERS\WMILIB.SYS

pci.sys

isapnp.sys

ohci1394.sys

\WINDOWS\system32\DRIVERS\1394BUS.SYS

pciide.sys

\WINDOWS\system32\DRIVERS\PCIIDEX.SYS

MountMgr.sys

ftdisk.sys

PartMgr.sys

VolSnap.sys

atapi.sys

disk.sys

\WINDOWS\system32\DRIVERS\CLASSPNP.SYS

fltmgr.sys

sr.sys

PxHelp20.sys

KSecDD.sys

Ntfs.sys

NDIS.sys

sisagp.sys

Mup.sys

\SystemRoot\system32\DRIVERS\nic1394.sys

\SystemRoot\system32\DRIVERS\tunmp.sys

\SystemRoot\system32\DRIVERS\intelppm.sys

\SystemRoot\system32\DRIVERS\nv4_mini.sys

\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS

\SystemRoot\system32\DRIVERS\imapi.sys

\SystemRoot\system32\drivers\pfc.sys

\SystemRoot\system32\DRIVERS\cdrom.sys

\SystemRoot\system32\DRIVERS\redbook.sys

\SystemRoot\system32\DRIVERS\ks.sys

\SystemRoot\system32\drivers\ALCXWDM.SYS

\SystemRoot\system32\drivers\portcls.sys

\SystemRoot\system32\drivers\drmk.sys

\SystemRoot\system32\DRIVERS\usbohci.sys

\SystemRoot\system32\DRIVERS\USBPORT.SYS

\SystemRoot\system32\DRIVERS\usbehci.sys

\SystemRoot\system32\DRIVERS\sisnic.sys

\SystemRoot\system32\DRIVERS\fdc.sys

\SystemRoot\system32\DRIVERS\serial.sys

\SystemRoot\system32\DRIVERS\serenum.sys

\SystemRoot\system32\DRIVERS\parport.sys

\SystemRoot\system32\DRIVERS\i8042prt.sys

\SystemRoot\system32\DRIVERS\kbdclass.sys

\SystemRoot\system32\DRIVERS\gameenum.sys

\SystemRoot\system32\drivers\msmpu401.sys

\SystemRoot\system32\DRIVERS\audstub.sys

\SystemRoot\system32\DRIVERS\rasl2tp.sys

\SystemRoot\system32\DRIVERS\ndistapi.sys

\SystemRoot\system32\DRIVERS\ndiswan.sys

\SystemRoot\system32\DRIVERS\raspppoe.sys

\SystemRoot\system32\DRIVERS\raspptp.sys

\SystemRoot\system32\DRIVERS\TDI.SYS

\SystemRoot\system32\DRIVERS\psched.sys

\SystemRoot\system32\DRIVERS\msgpc.sys

\SystemRoot\system32\DRIVERS\ptilink.sys

\SystemRoot\system32\DRIVERS\raspti.sys

\SystemRoot\system32\DRIVERS\termdd.sys

\SystemRoot\system32\DRIVERS\mouclass.sys

\SystemRoot\system32\DRIVERS\swenum.sys

\SystemRoot\system32\DRIVERS\update.sys

\SystemRoot\system32\DRIVERS\mssmbios.sys

\SystemRoot\System32\Drivers\NDProxy.SYS

\SystemRoot\system32\DRIVERS\usbhub.sys

\SystemRoot\system32\DRIVERS\USBD.SYS

\SystemRoot\system32\DRIVERS\flpydisk.sys

\??\C:\WINDOWS\system32\drivers\SSHDRV62.sys

\SystemRoot\System32\Drivers\Fs_Rec.SYS

\SystemRoot\system32\DRIVERS\DcCam.sys

\SystemRoot\system32\DRIVERS\EXPORTIT.SYS

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\SystemRoot\System32\drivers\vga.sys

\SystemRoot\System32\Drivers\mnmdd.SYS

\SystemRoot\System32\DRIVERS\RDPCDD.sys

\SystemRoot\System32\Drivers\Msfs.SYS

\SystemRoot\System32\Drivers\Npfs.SYS

\SystemRoot\system32\DRIVERS\rasacd.sys

\SystemRoot\system32\DRIVERS\ipsec.sys

\SystemRoot\system32\DRIVERS\tcpip.sys

\SystemRoot\system32\DRIVERS\netbt.sys

\SystemRoot\system32\DRIVERS\tcpip6.sys

\SystemRoot\System32\drivers\afd.sys

\SystemRoot\system32\DRIVERS\netbios.sys

\SystemRoot\system32\DRIVERS\ssmdrv.sys

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\system32\DRIVERS\mrxsmb.sys

\SystemRoot\System32\Drivers\Fips.SYS

\SystemRoot\system32\DRIVERS\ipnat.sys

\SystemRoot\system32\drivers\ip6fw.sys

\SystemRoot\system32\DRIVERS\wanarp.sys

\SystemRoot\system32\DRIVERS\arp1394.sys

\SystemRoot\system32\DRIVERS\avkmgr.sys

\SystemRoot\system32\DRIVERS\avipbb.sys

\SystemRoot\System32\Drivers\BTHUSB.sys

\SystemRoot\System32\Drivers\bthport.sys

\SystemRoot\system32\DRIVERS\hidusb.sys

\SystemRoot\system32\DRIVERS\HIDCLASS.SYS

\SystemRoot\system32\DRIVERS\HIDPARSE.SYS

\SystemRoot\system32\DRIVERS\mouhid.sys

\SystemRoot\system32\DRIVERS\rfcomm.sys

\SystemRoot\system32\DRIVERS\BthEnum.sys

\SystemRoot\system32\DRIVERS\bthpan.sys

\SystemRoot\System32\Drivers\Cdfs.SYS

\SystemRoot\System32\Drivers\dump_atapi.sys

\SystemRoot\System32\Drivers\dump_WMILIB.SYS

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\drivers\Dxapi.sys

\SystemRoot\System32\watchdog.sys

\SystemRoot\System32\drivers\dxg.sys

\SystemRoot\System32\drivers\dxgthk.sys

\SystemRoot\System32\nv4_disp.dll

\SystemRoot\System32\ATMFD.DLL

\SystemRoot\system32\DRIVERS\avgntflt.sys

\SystemRoot\system32\drivers\dcfs2k.sys

\SystemRoot\system32\DRIVERS\ndisuio.sys

\SystemRoot\system32\drivers\wdmaud.sys

\SystemRoot\system32\drivers\sysaudio.sys

\SystemRoot\system32\DRIVERS\mrxdav.sys

\SystemRoot\System32\Drivers\ParVdm.SYS

\SystemRoot\system32\DRIVERS\srv.sys

\SystemRoot\System32\Drivers\Fastfat.SYS

\SystemRoot\System32\Drivers\HTTP.sys

\SystemRoot\system32\drivers\kmixer.sys

\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys

\??\C:\WINDOWS\system32\drivers\67336FBF.sys

\WINDOWS\system32\ntdll.dll

----------- End -----------

------------ Kernel report ------------

     04/19/2013 16:35:55

------------ Loaded modules -----------

\WINDOWS\system32\ntoskrnl.exe

\WINDOWS\system32\hal.dll

\WINDOWS\system32\KDCOM.DLL

\WINDOWS\system32\BOOTVID.dll

ACPI.sys

\WINDOWS\system32\DRIVERS\WMILIB.SYS

pci.sys

isapnp.sys

ohci1394.sys

\WINDOWS\system32\DRIVERS\1394BUS.SYS

pciide.sys

\WINDOWS\system32\DRIVERS\PCIIDEX.SYS

MountMgr.sys

ftdisk.sys

PartMgr.sys

VolSnap.sys

atapi.sys

disk.sys

\WINDOWS\system32\DRIVERS\CLASSPNP.SYS

fltmgr.sys

sr.sys

PxHelp20.sys

KSecDD.sys

Ntfs.sys

NDIS.sys

sisagp.sys

Mup.sys

\SystemRoot\system32\DRIVERS\nic1394.sys

\SystemRoot\system32\DRIVERS\tunmp.sys

\SystemRoot\system32\DRIVERS\intelppm.sys

\SystemRoot\system32\DRIVERS\nv4_mini.sys

\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS

\SystemRoot\system32\DRIVERS\imapi.sys

\SystemRoot\system32\drivers\pfc.sys

\SystemRoot\system32\DRIVERS\cdrom.sys

\SystemRoot\system32\DRIVERS\redbook.sys

\SystemRoot\system32\DRIVERS\ks.sys

\SystemRoot\system32\drivers\ALCXWDM.SYS

\SystemRoot\system32\drivers\portcls.sys

\SystemRoot\system32\drivers\drmk.sys

\SystemRoot\system32\DRIVERS\usbohci.sys

\SystemRoot\system32\DRIVERS\USBPORT.SYS

\SystemRoot\system32\DRIVERS\usbehci.sys

\SystemRoot\system32\DRIVERS\sisnic.sys

\SystemRoot\system32\DRIVERS\fdc.sys

\SystemRoot\system32\DRIVERS\serial.sys

\SystemRoot\system32\DRIVERS\serenum.sys

\SystemRoot\system32\DRIVERS\parport.sys

\SystemRoot\system32\DRIVERS\i8042prt.sys

\SystemRoot\system32\DRIVERS\kbdclass.sys

\SystemRoot\system32\DRIVERS\gameenum.sys

\SystemRoot\system32\drivers\msmpu401.sys

\SystemRoot\system32\DRIVERS\audstub.sys

\SystemRoot\system32\DRIVERS\rasl2tp.sys

\SystemRoot\system32\DRIVERS\ndistapi.sys

\SystemRoot\system32\DRIVERS\ndiswan.sys

\SystemRoot\system32\DRIVERS\raspppoe.sys

\SystemRoot\system32\DRIVERS\raspptp.sys

\SystemRoot\system32\DRIVERS\TDI.SYS

\SystemRoot\system32\DRIVERS\psched.sys

\SystemRoot\system32\DRIVERS\msgpc.sys

\SystemRoot\system32\DRIVERS\ptilink.sys

\SystemRoot\system32\DRIVERS\raspti.sys

\SystemRoot\system32\DRIVERS\termdd.sys

\SystemRoot\system32\DRIVERS\mouclass.sys

\SystemRoot\system32\DRIVERS\swenum.sys

\SystemRoot\system32\DRIVERS\update.sys

\SystemRoot\system32\DRIVERS\mssmbios.sys

\SystemRoot\System32\Drivers\NDProxy.SYS

\SystemRoot\system32\DRIVERS\usbhub.sys

\SystemRoot\system32\DRIVERS\USBD.SYS

\SystemRoot\system32\DRIVERS\flpydisk.sys

\??\C:\WINDOWS\system32\drivers\SSHDRV62.sys

\SystemRoot\System32\Drivers\Fs_Rec.SYS

\SystemRoot\system32\DRIVERS\DcCam.sys

\SystemRoot\system32\DRIVERS\EXPORTIT.SYS

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\SystemRoot\System32\drivers\vga.sys

\SystemRoot\System32\Drivers\mnmdd.SYS

\SystemRoot\System32\DRIVERS\RDPCDD.sys

\SystemRoot\System32\Drivers\Msfs.SYS

\SystemRoot\System32\Drivers\Npfs.SYS

\SystemRoot\system32\DRIVERS\rasacd.sys

\SystemRoot\system32\DRIVERS\ipsec.sys

\SystemRoot\system32\DRIVERS\tcpip.sys

\SystemRoot\system32\DRIVERS\netbt.sys

\SystemRoot\system32\DRIVERS\tcpip6.sys

\SystemRoot\System32\drivers\afd.sys

\SystemRoot\system32\DRIVERS\netbios.sys

\SystemRoot\system32\DRIVERS\ssmdrv.sys

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\system32\DRIVERS\mrxsmb.sys

\SystemRoot\System32\Drivers\Fips.SYS

\SystemRoot\system32\DRIVERS\ipnat.sys

\SystemRoot\system32\drivers\ip6fw.sys

\SystemRoot\system32\DRIVERS\wanarp.sys

\SystemRoot\system32\DRIVERS\arp1394.sys

\SystemRoot\system32\DRIVERS\avkmgr.sys

\SystemRoot\system32\DRIVERS\avipbb.sys

\SystemRoot\System32\Drivers\BTHUSB.sys

\SystemRoot\System32\Drivers\bthport.sys

\SystemRoot\system32\DRIVERS\hidusb.sys

\SystemRoot\system32\DRIVERS\HIDCLASS.SYS

\SystemRoot\system32\DRIVERS\HIDPARSE.SYS

\SystemRoot\system32\DRIVERS\mouhid.sys

\SystemRoot\system32\DRIVERS\rfcomm.sys

\SystemRoot\system32\DRIVERS\BthEnum.sys

\SystemRoot\system32\DRIVERS\bthpan.sys

\SystemRoot\System32\Drivers\Cdfs.SYS

\SystemRoot\System32\Drivers\dump_atapi.sys

\SystemRoot\System32\Drivers\dump_WMILIB.SYS

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\drivers\Dxapi.sys

\SystemRoot\System32\watchdog.sys

\SystemRoot\System32\drivers\dxg.sys

\SystemRoot\System32\drivers\dxgthk.sys

\SystemRoot\System32\nv4_disp.dll

\SystemRoot\System32\ATMFD.DLL

\SystemRoot\system32\DRIVERS\avgntflt.sys

\SystemRoot\system32\drivers\dcfs2k.sys

\SystemRoot\system32\DRIVERS\ndisuio.sys

\SystemRoot\system32\drivers\wdmaud.sys

\SystemRoot\system32\drivers\sysaudio.sys

\SystemRoot\system32\DRIVERS\mrxdav.sys

\SystemRoot\System32\Drivers\ParVdm.SYS

\SystemRoot\system32\DRIVERS\srv.sys

\SystemRoot\System32\Drivers\Fastfat.SYS

\SystemRoot\System32\Drivers\HTTP.sys

\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys

\SystemRoot\system32\drivers\kmixer.sys

\??\C:\WINDOWS\system32\drivers\7B862918.sys

\WINDOWS\system32\ntdll.dll

----------- End -----------

---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.05.0.1001
 

(c) Malwarebytes Corporation 2011-2012
 

OS version: 5.1.2600 Windows XP Service Pack 3 x86
 

Account is Administrative
 

Internet Explorer version: 8.0.6001.18702
 

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED

CPU speed: 2.405000 GHz

Memory total: 2146947072, free: 1859301376
 

------------ Kernel report ------------

     04/19/2013 16:51:10

------------ Loaded modules -----------

\WINDOWS\system32\ntoskrnl.exe

\WINDOWS\system32\hal.dll

\WINDOWS\system32\KDCOM.DLL

\WINDOWS\system32\BOOTVID.dll

ACPI.sys

\WINDOWS\system32\DRIVERS\WMILIB.SYS

pci.sys

isapnp.sys

ohci1394.sys

\WINDOWS\system32\DRIVERS\1394BUS.SYS

pciide.sys

\WINDOWS\system32\DRIVERS\PCIIDEX.SYS

MountMgr.sys

ftdisk.sys

PartMgr.sys

VolSnap.sys

atapi.sys

disk.sys

\WINDOWS\system32\DRIVERS\CLASSPNP.SYS

fltmgr.sys

sr.sys

PxHelp20.sys

KSecDD.sys

Ntfs.sys

NDIS.sys

sisagp.sys

Mup.sys

\SystemRoot\system32\DRIVERS\nic1394.sys

\SystemRoot\system32\DRIVERS\tunmp.sys

\SystemRoot\system32\DRIVERS\intelppm.sys

\SystemRoot\system32\DRIVERS\nv4_mini.sys

\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS

\SystemRoot\system32\DRIVERS\imapi.sys

\SystemRoot\system32\drivers\pfc.sys

\SystemRoot\system32\DRIVERS\cdrom.sys

\SystemRoot\system32\DRIVERS\redbook.sys

\SystemRoot\system32\DRIVERS\ks.sys

\SystemRoot\system32\drivers\ALCXWDM.SYS

\SystemRoot\system32\drivers\portcls.sys

\SystemRoot\system32\drivers\drmk.sys

\SystemRoot\system32\DRIVERS\usbohci.sys

\SystemRoot\system32\DRIVERS\USBPORT.SYS

\SystemRoot\system32\DRIVERS\usbehci.sys

\SystemRoot\system32\DRIVERS\sisnic.sys

\SystemRoot\system32\DRIVERS\fdc.sys

\SystemRoot\system32\DRIVERS\serial.sys

\SystemRoot\system32\DRIVERS\serenum.sys

\SystemRoot\system32\DRIVERS\parport.sys

\SystemRoot\system32\DRIVERS\i8042prt.sys

\SystemRoot\system32\DRIVERS\kbdclass.sys

\SystemRoot\system32\DRIVERS\gameenum.sys

\SystemRoot\system32\drivers\msmpu401.sys

\SystemRoot\system32\DRIVERS\audstub.sys

\SystemRoot\system32\DRIVERS\rasl2tp.sys

\SystemRoot\system32\DRIVERS\ndistapi.sys

\SystemRoot\system32\DRIVERS\ndiswan.sys

\SystemRoot\system32\DRIVERS\raspppoe.sys

\SystemRoot\system32\DRIVERS\raspptp.sys

\SystemRoot\system32\DRIVERS\TDI.SYS

\SystemRoot\system32\DRIVERS\psched.sys

\SystemRoot\system32\DRIVERS\msgpc.sys

\SystemRoot\system32\DRIVERS\ptilink.sys

\SystemRoot\system32\DRIVERS\raspti.sys

\SystemRoot\system32\DRIVERS\termdd.sys

\SystemRoot\system32\DRIVERS\mouclass.sys

\SystemRoot\system32\DRIVERS\swenum.sys

\SystemRoot\system32\DRIVERS\update.sys

\SystemRoot\system32\DRIVERS\mssmbios.sys

\SystemRoot\System32\Drivers\NDProxy.SYS

\SystemRoot\system32\DRIVERS\usbhub.sys

\SystemRoot\system32\DRIVERS\USBD.SYS

\SystemRoot\system32\DRIVERS\flpydisk.sys

\??\C:\WINDOWS\system32\drivers\SSHDRV62.sys

\SystemRoot\System32\Drivers\Fs_Rec.SYS

\SystemRoot\system32\DRIVERS\DcCam.sys

\SystemRoot\system32\DRIVERS\EXPORTIT.SYS

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\SystemRoot\System32\drivers\vga.sys

\SystemRoot\System32\Drivers\mnmdd.SYS

\SystemRoot\System32\DRIVERS\RDPCDD.sys

\SystemRoot\System32\Drivers\Msfs.SYS

\SystemRoot\System32\Drivers\Npfs.SYS

\SystemRoot\system32\DRIVERS\rasacd.sys

\SystemRoot\system32\DRIVERS\ipsec.sys

\SystemRoot\system32\DRIVERS\tcpip.sys

\SystemRoot\system32\DRIVERS\netbt.sys

\SystemRoot\system32\DRIVERS\tcpip6.sys

\SystemRoot\System32\drivers\afd.sys

\SystemRoot\system32\DRIVERS\netbios.sys

\SystemRoot\system32\DRIVERS\ssmdrv.sys

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\system32\DRIVERS\mrxsmb.sys

\SystemRoot\System32\Drivers\Fips.SYS

\SystemRoot\system32\DRIVERS\ipnat.sys

\SystemRoot\system32\drivers\ip6fw.sys

\SystemRoot\system32\DRIVERS\wanarp.sys

\SystemRoot\system32\DRIVERS\arp1394.sys

\SystemRoot\system32\DRIVERS\avkmgr.sys

\SystemRoot\system32\DRIVERS\avipbb.sys

\SystemRoot\System32\Drivers\BTHUSB.sys

\SystemRoot\System32\Drivers\bthport.sys

\SystemRoot\system32\DRIVERS\hidusb.sys

\SystemRoot\system32\DRIVERS\HIDCLASS.SYS

\SystemRoot\system32\DRIVERS\HIDPARSE.SYS

\SystemRoot\system32\DRIVERS\mouhid.sys

\SystemRoot\system32\DRIVERS\rfcomm.sys

\SystemRoot\system32\DRIVERS\BthEnum.sys

\SystemRoot\system32\DRIVERS\bthpan.sys

\SystemRoot\System32\Drivers\Cdfs.SYS

\SystemRoot\System32\Drivers\dump_atapi.sys

\SystemRoot\System32\Drivers\dump_WMILIB.SYS

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\drivers\Dxapi.sys

\SystemRoot\System32\watchdog.sys

\SystemRoot\System32\drivers\dxg.sys

\SystemRoot\System32\drivers\dxgthk.sys

\SystemRoot\System32\nv4_disp.dll

\SystemRoot\System32\ATMFD.DLL

\SystemRoot\system32\DRIVERS\avgntflt.sys

\SystemRoot\system32\drivers\dcfs2k.sys

\SystemRoot\system32\DRIVERS\ndisuio.sys

\SystemRoot\system32\drivers\wdmaud.sys

\SystemRoot\system32\drivers\sysaudio.sys

\SystemRoot\system32\DRIVERS\mrxdav.sys

\SystemRoot\System32\Drivers\ParVdm.SYS

\SystemRoot\system32\DRIVERS\srv.sys

\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys

\SystemRoot\System32\Drivers\HTTP.sys

\SystemRoot\system32\drivers\kmixer.sys

\??\C:\WINDOWS\system32\drivers\4EDA124E.sys

\WINDOWS\system32\ntdll.dll

----------- End -----------

------------ Kernel report ------------

     04/19/2013 16:53:11

------------ Loaded modules -----------

\WINDOWS\system32\ntoskrnl.exe

\WINDOWS\system32\hal.dll

\WINDOWS\system32\KDCOM.DLL

\WINDOWS\system32\BOOTVID.dll

ACPI.sys

\WINDOWS\system32\DRIVERS\WMILIB.SYS

pci.sys

isapnp.sys

ohci1394.sys

\WINDOWS\system32\DRIVERS\1394BUS.SYS

pciide.sys

\WINDOWS\system32\DRIVERS\PCIIDEX.SYS

MountMgr.sys

ftdisk.sys

PartMgr.sys

VolSnap.sys

atapi.sys

disk.sys

\WINDOWS\system32\DRIVERS\CLASSPNP.SYS

fltmgr.sys

sr.sys

PxHelp20.sys

KSecDD.sys

Ntfs.sys

NDIS.sys

sisagp.sys

Mup.sys

\SystemRoot\system32\DRIVERS\nic1394.sys

\SystemRoot\system32\DRIVERS\tunmp.sys

\SystemRoot\system32\DRIVERS\intelppm.sys

\SystemRoot\system32\DRIVERS\nv4_mini.sys

\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS

\SystemRoot\system32\DRIVERS\imapi.sys

\SystemRoot\system32\drivers\pfc.sys

\SystemRoot\system32\DRIVERS\cdrom.sys

\SystemRoot\system32\DRIVERS\redbook.sys

\SystemRoot\system32\DRIVERS\ks.sys

\SystemRoot\system32\drivers\ALCXWDM.SYS

\SystemRoot\system32\drivers\portcls.sys

\SystemRoot\system32\drivers\drmk.sys

\SystemRoot\system32\DRIVERS\usbohci.sys

\SystemRoot\system32\DRIVERS\USBPORT.SYS

\SystemRoot\system32\DRIVERS\usbehci.sys

\SystemRoot\system32\DRIVERS\sisnic.sys

\SystemRoot\system32\DRIVERS\fdc.sys

\SystemRoot\system32\DRIVERS\serial.sys

\SystemRoot\system32\DRIVERS\serenum.sys

\SystemRoot\system32\DRIVERS\parport.sys

\SystemRoot\system32\DRIVERS\i8042prt.sys

\SystemRoot\system32\DRIVERS\kbdclass.sys

\SystemRoot\system32\DRIVERS\gameenum.sys

\SystemRoot\system32\drivers\msmpu401.sys

\SystemRoot\system32\DRIVERS\audstub.sys

\SystemRoot\system32\DRIVERS\rasl2tp.sys

\SystemRoot\system32\DRIVERS\ndistapi.sys

\SystemRoot\system32\DRIVERS\ndiswan.sys

\SystemRoot\system32\DRIVERS\raspppoe.sys

\SystemRoot\system32\DRIVERS\raspptp.sys

\SystemRoot\system32\DRIVERS\TDI.SYS

\SystemRoot\system32\DRIVERS\psched.sys

\SystemRoot\system32\DRIVERS\msgpc.sys

\SystemRoot\system32\DRIVERS\ptilink.sys

\SystemRoot\system32\DRIVERS\raspti.sys

\SystemRoot\system32\DRIVERS\termdd.sys

\SystemRoot\system32\DRIVERS\mouclass.sys

\SystemRoot\system32\DRIVERS\swenum.sys

\SystemRoot\system32\DRIVERS\update.sys

\SystemRoot\system32\DRIVERS\mssmbios.sys

\SystemRoot\System32\Drivers\NDProxy.SYS

\SystemRoot\system32\DRIVERS\usbhub.sys

\SystemRoot\system32\DRIVERS\USBD.SYS

\SystemRoot\system32\DRIVERS\flpydisk.sys

\??\C:\WINDOWS\system32\drivers\SSHDRV62.sys

\SystemRoot\System32\Drivers\Fs_Rec.SYS

\SystemRoot\system32\DRIVERS\DcCam.sys

\SystemRoot\system32\DRIVERS\EXPORTIT.SYS

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\SystemRoot\System32\drivers\vga.sys

\SystemRoot\System32\Drivers\mnmdd.SYS

\SystemRoot\System32\DRIVERS\RDPCDD.sys

\SystemRoot\System32\Drivers\Msfs.SYS

\SystemRoot\System32\Drivers\Npfs.SYS

\SystemRoot\system32\DRIVERS\rasacd.sys

\SystemRoot\system32\DRIVERS\ipsec.sys

\SystemRoot\system32\DRIVERS\tcpip.sys

\SystemRoot\system32\DRIVERS\netbt.sys

\SystemRoot\system32\DRIVERS\tcpip6.sys

\SystemRoot\System32\drivers\afd.sys

\SystemRoot\system32\DRIVERS\netbios.sys

\SystemRoot\system32\DRIVERS\ssmdrv.sys

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\system32\DRIVERS\mrxsmb.sys

\SystemRoot\System32\Drivers\Fips.SYS

\SystemRoot\system32\DRIVERS\ipnat.sys

\SystemRoot\system32\drivers\ip6fw.sys

\SystemRoot\system32\DRIVERS\wanarp.sys

\SystemRoot\system32\DRIVERS\arp1394.sys

\SystemRoot\system32\DRIVERS\avkmgr.sys

\SystemRoot\system32\DRIVERS\avipbb.sys

\SystemRoot\System32\Drivers\BTHUSB.sys

\SystemRoot\System32\Drivers\bthport.sys

\SystemRoot\system32\DRIVERS\hidusb.sys

\SystemRoot\system32\DRIVERS\HIDCLASS.SYS

\SystemRoot\system32\DRIVERS\HIDPARSE.SYS

\SystemRoot\system32\DRIVERS\mouhid.sys

\SystemRoot\system32\DRIVERS\rfcomm.sys

\SystemRoot\system32\DRIVERS\BthEnum.sys

\SystemRoot\system32\DRIVERS\bthpan.sys

\SystemRoot\System32\Drivers\Cdfs.SYS

\SystemRoot\System32\Drivers\dump_atapi.sys

\SystemRoot\System32\Drivers\dump_WMILIB.SYS

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\drivers\Dxapi.sys

\SystemRoot\System32\watchdog.sys

\SystemRoot\System32\drivers\dxg.sys

\SystemRoot\System32\drivers\dxgthk.sys

\SystemRoot\System32\nv4_disp.dll

\SystemRoot\System32\ATMFD.DLL

\SystemRoot\system32\DRIVERS\avgntflt.sys

\SystemRoot\system32\drivers\dcfs2k.sys

\SystemRoot\system32\DRIVERS\ndisuio.sys

\SystemRoot\system32\drivers\wdmaud.sys

\SystemRoot\system32\drivers\sysaudio.sys

\SystemRoot\system32\DRIVERS\mrxdav.sys

\SystemRoot\System32\Drivers\ParVdm.SYS

\SystemRoot\system32\DRIVERS\srv.sys

\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys

\SystemRoot\System32\Drivers\HTTP.sys

\SystemRoot\system32\drivers\kmixer.sys

\??\C:\WINDOWS\system32\drivers\6D286685.sys

\WINDOWS\system32\ntdll.dll

----------- End -----------

------------ Kernel report ------------

     04/19/2013 17:27:32

------------ Loaded modules -----------

\WINDOWS\system32\ntoskrnl.exe

\WINDOWS\system32\hal.dll

\WINDOWS\system32\KDCOM.DLL

\WINDOWS\system32\BOOTVID.dll

ACPI.sys

\WINDOWS\system32\DRIVERS\WMILIB.SYS

pci.sys

isapnp.sys

ohci1394.sys

\WINDOWS\system32\DRIVERS\1394BUS.SYS

pciide.sys

\WINDOWS\system32\DRIVERS\PCIIDEX.SYS

MountMgr.sys

ftdisk.sys

PartMgr.sys

VolSnap.sys

atapi.sys

disk.sys

\WINDOWS\system32\DRIVERS\CLASSPNP.SYS

fltmgr.sys

sr.sys

PxHelp20.sys

KSecDD.sys

Ntfs.sys

NDIS.sys

sisagp.sys

Mup.sys

\SystemRoot\system32\DRIVERS\nic1394.sys

\SystemRoot\system32\DRIVERS\tunmp.sys

\SystemRoot\system32\DRIVERS\intelppm.sys

\SystemRoot\system32\DRIVERS\nv4_mini.sys

\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS

\SystemRoot\system32\DRIVERS\imapi.sys

\SystemRoot\system32\drivers\pfc.sys

\SystemRoot\system32\DRIVERS\cdrom.sys

\SystemRoot\system32\DRIVERS\redbook.sys

\SystemRoot\system32\DRIVERS\ks.sys

\SystemRoot\system32\drivers\ALCXWDM.SYS

\SystemRoot\system32\drivers\portcls.sys

\SystemRoot\system32\drivers\drmk.sys

\SystemRoot\system32\DRIVERS\usbohci.sys

\SystemRoot\system32\DRIVERS\USBPORT.SYS

\SystemRoot\system32\DRIVERS\usbehci.sys

\SystemRoot\system32\DRIVERS\sisnic.sys

\SystemRoot\system32\DRIVERS\fdc.sys

\SystemRoot\system32\DRIVERS\serial.sys

\SystemRoot\system32\DRIVERS\serenum.sys

\SystemRoot\system32\DRIVERS\parport.sys

\SystemRoot\system32\DRIVERS\i8042prt.sys

\SystemRoot\system32\DRIVERS\kbdclass.sys

\SystemRoot\system32\DRIVERS\gameenum.sys

\SystemRoot\system32\drivers\msmpu401.sys

\SystemRoot\system32\DRIVERS\audstub.sys

\SystemRoot\system32\DRIVERS\rasl2tp.sys

\SystemRoot\system32\DRIVERS\ndistapi.sys

\SystemRoot\system32\DRIVERS\ndiswan.sys

\SystemRoot\system32\DRIVERS\raspppoe.sys

\SystemRoot\system32\DRIVERS\raspptp.sys

\SystemRoot\system32\DRIVERS\TDI.SYS

\SystemRoot\system32\DRIVERS\psched.sys

\SystemRoot\system32\DRIVERS\msgpc.sys

\SystemRoot\system32\DRIVERS\ptilink.sys

\SystemRoot\system32\DRIVERS\raspti.sys

\SystemRoot\system32\DRIVERS\termdd.sys

\SystemRoot\system32\DRIVERS\mouclass.sys

\SystemRoot\system32\DRIVERS\swenum.sys

\SystemRoot\system32\DRIVERS\update.sys

\SystemRoot\system32\DRIVERS\mssmbios.sys

\SystemRoot\System32\Drivers\NDProxy.SYS

\SystemRoot\system32\DRIVERS\usbhub.sys

\SystemRoot\system32\DRIVERS\USBD.SYS

\SystemRoot\system32\DRIVERS\flpydisk.sys

\??\C:\WINDOWS\system32\drivers\SSHDRV62.sys

\SystemRoot\System32\Drivers\Fs_Rec.SYS

\SystemRoot\system32\DRIVERS\DcCam.sys

\SystemRoot\system32\DRIVERS\EXPORTIT.SYS

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\SystemRoot\System32\drivers\vga.sys

\SystemRoot\System32\Drivers\mnmdd.SYS

\SystemRoot\System32\DRIVERS\RDPCDD.sys

\SystemRoot\System32\Drivers\Msfs.SYS

\SystemRoot\System32\Drivers\Npfs.SYS

\SystemRoot\system32\DRIVERS\rasacd.sys

\SystemRoot\system32\DRIVERS\ipsec.sys

\SystemRoot\system32\DRIVERS\tcpip.sys

\SystemRoot\system32\DRIVERS\netbt.sys

\SystemRoot\system32\DRIVERS\tcpip6.sys

\SystemRoot\System32\drivers\afd.sys

\SystemRoot\system32\DRIVERS\netbios.sys

\SystemRoot\system32\DRIVERS\ssmdrv.sys

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\system32\DRIVERS\mrxsmb.sys

\SystemRoot\System32\Drivers\Fips.SYS

\SystemRoot\system32\DRIVERS\ipnat.sys

\SystemRoot\system32\drivers\ip6fw.sys

\SystemRoot\system32\DRIVERS\wanarp.sys

\SystemRoot\system32\DRIVERS\arp1394.sys

\SystemRoot\system32\DRIVERS\avkmgr.sys

\SystemRoot\system32\DRIVERS\avipbb.sys

\SystemRoot\System32\Drivers\BTHUSB.sys

\SystemRoot\System32\Drivers\bthport.sys

\SystemRoot\system32\DRIVERS\hidusb.sys

\SystemRoot\system32\DRIVERS\HIDCLASS.SYS

\SystemRoot\system32\DRIVERS\HIDPARSE.SYS

\SystemRoot\system32\DRIVERS\mouhid.sys

\SystemRoot\system32\DRIVERS\rfcomm.sys

\SystemRoot\system32\DRIVERS\BthEnum.sys

\SystemRoot\system32\DRIVERS\bthpan.sys

\SystemRoot\System32\Drivers\Cdfs.SYS

\SystemRoot\System32\Drivers\dump_atapi.sys

\SystemRoot\System32\Drivers\dump_WMILIB.SYS

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\drivers\Dxapi.sys

\SystemRoot\System32\watchdog.sys

\SystemRoot\System32\drivers\dxg.sys

\SystemRoot\System32\drivers\dxgthk.sys

\SystemRoot\System32\nv4_disp.dll

\SystemRoot\System32\ATMFD.DLL

\SystemRoot\system32\DRIVERS\avgntflt.sys

\SystemRoot\system32\drivers\dcfs2k.sys

\SystemRoot\system32\DRIVERS\ndisuio.sys

\SystemRoot\system32\drivers\wdmaud.sys

\SystemRoot\system32\drivers\sysaudio.sys

\SystemRoot\system32\DRIVERS\mrxdav.sys

\SystemRoot\System32\Drivers\ParVdm.SYS

\SystemRoot\system32\DRIVERS\srv.sys

\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys

\SystemRoot\System32\Drivers\HTTP.sys

\SystemRoot\system32\drivers\kmixer.sys

\??\C:\WINDOWS\system32\drivers\68596DA2.sys

\WINDOWS\system32\ntdll.dll

----------- End -----------

---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.05.0.1001
 

(c) Malwarebytes Corporation 2011-2012
 

OS version: 5.1.2600 Windows XP Service Pack 3 x86
 

Account is Administrative
 

Internet Explorer version: 8.0.6001.18702
 

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED

CPU speed: 2.405000 GHz

Memory total: 2146947072, free: 1860014080
 

=======================================

Code:

19:07:47.0562 3184  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

19:07:48.0406 3184  ============================================================

19:07:48.0406 3184  Current date / time: 2013/04/19 19:07:48.0406

19:07:48.0406 3184  SystemInfo:

19:07:48.0406 3184  

19:07:48.0406 3184  OS Version: 5.1.2600 ServicePack: 3.0

19:07:48.0406 3184  Product type: Workstation

19:07:48.0406 3184  ComputerName: D63E0FC3CE2B498

19:07:48.0421 3184  UserName: xxxxxx

19:07:48.0421 3184  Windows directory: C:\WINDOWS

19:07:48.0421 3184  System windows directory: C:\WINDOWS

19:07:48.0421 3184  Processor architecture: Intel x86

19:07:48.0421 3184  Number of processors: 1

19:07:48.0421 3184  Page size: 0x1000

19:07:48.0421 3184  Boot type: Normal boot

19:07:48.0421 3184  ============================================================

19:07:52.0859 3184  Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

19:07:52.0859 3184  ============================================================

19:07:52.0859 3184  \Device\Harddisk0\DR0:

19:07:52.0859 3184  MBR partitions:

19:07:52.0859 3184  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A3AA6E

19:07:52.0875 3184  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x4A3AAEC, BlocksNum 0x4ACFB14

19:07:52.0875 3184  ============================================================

19:07:52.0921 3184  C: <-> \Device\Harddisk0\DR0\Partition1

19:07:52.0968 3184  D: <-> \Device\Harddisk0\DR0\Partition2

19:07:52.0984 3184  ============================================================

19:07:52.0984 3184  Initialize success

19:07:52.0984 3184  ============================================================

19:08:29.0796 1772  ============================================================

19:08:29.0796 1772  Scan started

19:08:29.0796 1772  Mode: Manual; SigCheck; TDLFS; 

19:08:29.0796 1772  ============================================================

19:08:31.0421 1772  ================ Scan system memory ========================

19:08:31.0421 1772  System memory - ok

19:08:31.0437 1772  ================ Scan services =============================

19:08:31.0750 1772  [ D5A6658CBFBBF9A0F8827E83C9FDE806 ] 6to4            C:\WINDOWS\System32\6to4svc.dll

19:08:33.0296 1772  6to4 - ok

19:08:33.0343 1772  Abiosdsk - ok

19:08:33.0359 1772  abp480n5 - ok

19:08:33.0453 1772  [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys

19:08:36.0953 1772  ACPI - ok

19:08:37.0000 1772  [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys

19:08:37.0234 1772  ACPIEC - ok

19:08:37.0250 1772  adpu160m - ok

19:08:37.0328 1772  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys

19:08:37.0593 1772  aec - ok

19:08:37.0671 1772  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys

19:08:37.0828 1772  AFD - ok

19:08:37.0843 1772  Aha154x - ok

19:08:37.0859 1772  aic78u2 - ok

19:08:37.0875 1772  aic78xx - ok

19:08:38.0156 1772  [ 7BFE59F5EFF8896D043CFDE731B262E9 ] ALCXWDM         C:\WINDOWS\system32\drivers\ALCXWDM.SYS

19:08:38.0453 1772  ALCXWDM - ok

19:08:38.0484 1772  [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter         C:\WINDOWS\system32\alrsvc.dll

19:08:38.0718 1772  Alerter - ok

19:08:38.0750 1772  [ 190CD73D4984F94D823F9444980513E5 ] ALG             C:\WINDOWS\System32\alg.exe

19:08:39.0140 1772  ALG - ok

19:08:39.0156 1772  AliIde - ok

19:08:39.0156 1772  amsint - ok

19:08:39.0281 1772  [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe

19:08:39.0328 1772  AntiVirSchedulerService - ok

19:08:39.0390 1772  [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService  C:\Programme\Avira\AntiVir Desktop\avguard.exe

19:08:39.0562 1772  AntiVirService - ok

19:08:39.0796 1772  [ 5A123AABB571AEA78AE63AF5E372F796 ] AntiVirWebService C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE

19:08:39.0906 1772  AntiVirWebService - ok

19:08:39.0921 1772  AppMgmt - ok

19:08:39.0968 1772  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys

19:08:40.0312 1772  Arp1394 - ok

19:08:40.0312 1772  asc - ok

19:08:40.0312 1772  asc3350p - ok

19:08:40.0328 1772  asc3550 - ok

19:08:40.0453 1772  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

19:08:40.0546 1772  aspnet_state - ok

19:08:40.0562 1772  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys

19:08:40.0765 1772  AsyncMac - ok

19:08:40.0843 1772  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys

19:08:41.0250 1772  atapi - ok

19:08:41.0265 1772  Atdisk - ok

19:08:41.0312 1772  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys

19:08:41.0546 1772  Atmarpc - ok

19:08:41.0593 1772  [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll

19:08:41.0843 1772  AudioSrv - ok

19:08:41.0875 1772  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys

19:08:42.0078 1772  audstub - ok

19:08:42.0140 1772  [ 87425709A251386064C99B684BF96F72 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys

19:08:42.0171 1772  avgntflt - ok

19:08:42.0375 1772  [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys

19:08:42.0406 1772  avipbb - ok

19:08:42.0437 1772  [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys

19:08:42.0468 1772  avkmgr - ok

19:08:42.0500 1772  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys

19:08:42.0718 1772  Beep - ok

19:08:42.0843 1772  [ D6F603772A789BB3228F310D650B8BD1 ] BITS            C:\WINDOWS\system32\qmgr.dll

19:08:43.0468 1772  BITS - ok

19:08:43.0531 1772  [ B71549F23736ADF83A571061C47777FD ] Browser         C:\WINDOWS\System32\browser.dll

19:08:43.0656 1772  Browser - ok

19:08:43.0687 1772  [ B279426E3C0C344893ED78A613A73BDE ] BthEnum         C:\WINDOWS\system32\DRIVERS\BthEnum.sys

19:08:43.0921 1772  BthEnum - ok

19:08:43.0953 1772  [ FCA6F069597B62D42495191ACE3FC6C1 ] BTHMODEM        C:\WINDOWS\system32\DRIVERS\bthmodem.sys

19:08:44.0234 1772  BTHMODEM - ok

19:08:44.0296 1772  [ 80602B8746D3738F5886CE3D67EF06B6 ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys

19:08:44.0609 1772  BthPan - ok

19:08:44.0750 1772  [ 592E1CEDBE314D0EF184DC6F46141E76 ] BTHPORT         C:\WINDOWS\system32\Drivers\BTHport.sys

19:08:44.0859 1772  BTHPORT - ok

19:08:44.0890 1772  [ 26C601EF7525E31379744ABFC6F35A1B ] BthServ         C:\WINDOWS\System32\bthserv.dll

19:08:45.0109 1772  BthServ - ok

19:08:45.0125 1772  [ 61364CD71EF63B0F038B7E9DF00F1EFA ] BTHUSB          C:\WINDOWS\system32\Drivers\BTHUSB.sys

19:08:45.0406 1772  BTHUSB - ok

19:08:45.0781 1772  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys

19:08:46.0093 1772  cbidf2k - ok

19:08:46.0093 1772  cd20xrnt - ok

19:08:46.0125 1772  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys

19:08:46.0343 1772  Cdaudio - ok

19:08:46.0375 1772  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys

19:08:47.0015 1772  Cdfs - ok

19:08:47.0062 1772  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys

19:08:47.0296 1772  Cdrom - ok

19:08:47.0296 1772  Changer - ok

19:08:47.0328 1772  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc           C:\WINDOWS\system32\cisvc.exe

19:08:47.0656 1772  CiSvc - ok

19:08:47.0718 1772  [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe

19:08:48.0125 1772  ClipSrv - ok

19:08:48.0203 1772  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

19:08:48.0343 1772  clr_optimization_v2.0.50727_32 - ok

19:08:48.0359 1772  CmdIde - ok

19:08:48.0390 1772  COMSysApp - ok

19:08:48.0437 1772  Cpqarray - ok

19:08:48.0500 1772  [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll

19:08:48.0921 1772  CryptSvc - ok

19:08:48.0937 1772  dac2w2k - ok

19:08:48.0953 1772  dac960nt - ok

19:08:49.0015 1772  [ B1AD007F9A7DD8CFC981958D5C167D2D ] DcCam           C:\WINDOWS\system32\DRIVERS\DcCam.sys

19:08:49.0109 1772  DcCam - ok

19:08:49.0156 1772  [ 5FD20284CAAF112201311619FF89FA44 ] DcFpoint        C:\WINDOWS\system32\DRIVERS\DcFpoint.sys

19:08:49.0281 1772  DcFpoint - ok

19:08:49.0328 1772  [ 867F7E6841B15D32481C3F1B83364E3A ] DCFS2K          C:\WINDOWS\system32\drivers\dcfs2k.sys

19:08:49.0437 1772  DCFS2K - ok

19:08:49.0468 1772  [ 1B889AC45FAF088FF2AF690779368956 ] DcLps           C:\WINDOWS\system32\DRIVERS\DcLps.sys

19:08:49.0515 1772  DcLps - ok

19:08:49.0828 1772  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll

19:08:50.0046 1772  DcomLaunch - ok

19:08:50.0093 1772  [ 47B1CCEC23AEC5AE6A2005D1A0D8ED65 ] DcPTP           C:\WINDOWS\system32\DRIVERS\DcPTP.sys

19:08:50.0171 1772  DcPTP - ok

19:08:50.0250 1772  [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll

19:08:50.0453 1772  Dhcp - ok

19:08:50.0500 1772  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys

19:08:50.0906 1772  Disk - ok

19:08:50.0921 1772  dmadmin - ok

19:08:51.0046 1772  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys

19:08:51.0640 1772  dmboot - ok

19:08:51.0703 1772  [ 53720AB12B48719D00E327DA470A619A ] dmio            C:\WINDOWS\system32\drivers\dmio.sys

19:08:52.0109 1772  dmio - ok

19:08:52.0140 1772  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys

19:08:52.0453 1772  dmload - ok

19:08:52.0500 1772  [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver        C:\WINDOWS\System32\dmserver.dll

19:08:53.0062 1772  dmserver - ok

19:08:53.0093 1772  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys

19:08:53.0671 1772  DMusic - ok

19:08:53.0718 1772  [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll

19:08:53.0796 1772  Dnscache - ok

19:08:53.0843 1772  [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll

19:08:54.0421 1772  Dot3svc - ok

19:08:54.0500 1772  [ 3E4B043F8BC6BE1D4820CC6C9C500306 ] dot4            C:\WINDOWS\system32\DRIVERS\Dot4.sys

19:08:54.0828 1772  dot4 - ok

19:08:54.0859 1772  [ 77CE63A8A34AE23D9FE4C7896D1DEBE7 ] Dot4Print       C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys

19:08:55.0078 1772  Dot4Print - ok

19:08:55.0281 1772  [ BD05306428DA63369692477DDC0F6F5F ] Dot4Scan        C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys

19:08:55.0562 1772  Dot4Scan - ok

19:08:55.0593 1772  [ 29E86AF2F3457D0441348020FE3CFBD0 ] dot4usb         C:\WINDOWS\system32\DRIVERS\dot4usb.sys

19:08:55.0812 1772  dot4usb - ok

19:08:55.0812 1772  dpti2o - ok

19:08:55.0859 1772  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys

19:08:56.0046 1772  drmkaud - ok

19:08:56.0078 1772  [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost         C:\WINDOWS\System32\eapsvc.dll

19:08:56.0437 1772  EapHost - ok

19:08:56.0468 1772  [ 877C18558D70587AA7823A1A308AC96B ] ERSvc           C:\WINDOWS\System32\ersvc.dll

19:08:56.0671 1772  ERSvc - ok

19:08:56.0734 1772  [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog        C:\WINDOWS\system32\services.exe

19:08:56.0921 1772  Eventlog - ok

19:08:57.0015 1772  [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem     C:\WINDOWS\system32\es.dll

19:08:57.0109 1772  EventSystem - ok

19:08:57.0171 1772  [ 20FF28FB3B268E7C76B10841A9F81BA4 ] Exportit        C:\WINDOWS\system32\DRIVERS\exportit.sys

19:08:57.0437 1772  Exportit - ok

19:08:57.0500 1772  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys

19:08:57.0687 1772  Fastfat - ok

19:08:57.0765 1772  [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

19:08:57.0843 1772  FastUserSwitchingCompatibility - ok

19:08:57.0875 1772  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys

19:08:58.0062 1772  Fdc - ok

19:08:58.0093 1772  [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys

19:08:58.0437 1772  Fips - ok

19:08:58.0468 1772  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys

19:08:58.0656 1772  Flpydisk - ok

19:08:58.0718 1772  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys

19:08:59.0078 1772  FltMgr - ok

19:08:59.0156 1772  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

19:08:59.0218 1772  FontCache3.0.0.0 - ok

19:08:59.0234 1772  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys

19:08:59.0625 1772  Fs_Rec - ok

19:08:59.0671 1772  [ 8F1955CE42E1484714B542F341647778 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys

19:08:59.0984 1772  Ftdisk - ok

19:09:00.0015 1772  [ 065639773D8B03F33577F6CDAEA21063 ] gameenum        C:\WINDOWS\system32\DRIVERS\gameenum.sys

19:09:00.0203 1772  gameenum - ok

19:09:00.0250 1772  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys

19:09:00.0625 1772  Gpc - ok

19:09:00.0734 1772  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Programme\Google\Update\GoogleUpdate.exe

19:09:00.0765 1772  gupdate - ok

19:09:00.0812 1772  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Programme\Google\Update\GoogleUpdate.exe

19:09:00.0843 1772  gupdatem - ok

19:09:00.0921 1772  [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

19:09:01.0171 1772  helpsvc - ok

19:09:01.0171 1772  HidServ - ok

19:09:01.0218 1772  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys

19:09:01.0421 1772  HidUsb - ok

19:09:01.0468 1772  [ ED29F14101523A6E0E808107405D452C ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll

19:09:01.0812 1772  hkmsvc - ok

19:09:01.0828 1772  hpn - ok

19:09:01.0953 1772  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys

19:09:02.0062 1772  HTTP - ok

19:09:02.0093 1772  [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll

19:09:02.0625 1772  HTTPFilter - ok

19:09:02.0640 1772  i2omgmt - ok

19:09:02.0656 1772  i2omp - ok

19:09:02.0703 1772  [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys

19:09:02.0937 1772  i8042prt - ok

19:09:03.0406 1772  [ BE4D946B5D8745DD7CD4CA9CA04F4989 ] IBUpdaterService C:\WINDOWS\system32\dmwu.exe

19:09:03.0906 1772  IBUpdaterService - ok

19:09:04.0250 1772  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

19:09:05.0437 1772  idsvc - ok

19:09:05.0468 1772  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys

19:09:05.0734 1772  Imapi - ok

19:09:05.0812 1772  [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService    C:\WINDOWS\system32\imapi.exe

19:09:06.0093 1772  ImapiService - ok

19:09:06.0109 1772  ini910u - ok

19:09:06.0296 1772  IntelIde - ok

19:09:06.0375 1772  [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys

19:09:06.0859 1772  intelppm - ok

19:09:06.0921 1772  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys

19:09:07.0187 1772  Ip6Fw - ok

19:09:07.0218 1772  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

19:09:07.0718 1772  IpFilterDriver - ok

19:09:07.0828 1772  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys

19:09:08.0093 1772  IpInIp - ok

19:09:08.0187 1772  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys

19:09:08.0437 1772  IpNat - ok

19:09:08.0484 1772  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys

19:09:08.0796 1772  IPSec - ok

19:09:08.0828 1772  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys

19:09:09.0015 1772  IRENUM - ok

19:09:09.0078 1772  [ 6DFB88F64135C525433E87648BDA30DE ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys

19:09:09.0421 1772  isapnp - ok

19:09:09.0671 1772  [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe

19:09:09.0750 1772  JavaQuickStarterService - ok

19:09:09.0781 1772  [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys

19:09:10.0078 1772  Kbdclass - ok

19:09:10.0156 1772  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys

19:09:10.0484 1772  kmixer - ok

19:09:10.0609 1772  [ 4E1060D2F3B745931CF83B3649BE8A57 ] KodakCCS        C:\WINDOWS\system32\drivers\KodakCCS.exe

19:09:10.0734 1772  KodakCCS - ok

19:09:10.0890 1772  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys

19:09:11.0171 1772  KSecDD - ok

19:09:11.0250 1772  [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll

19:09:11.0453 1772  lanmanserver - ok

19:09:11.0609 1772  [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

19:09:11.0937 1772  lanmanworkstation - ok

19:09:11.0968 1772  lbrtfdc - ok

19:09:12.0031 1772  [ 636714B7D43C8D0C80449123FD266920 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll

19:09:12.0265 1772  LmHosts - ok

19:09:12.0328 1772  [ B7550A7107281D170CE85524B1488C98 ] Messenger       C:\WINDOWS\System32\msgsvc.dll

19:09:12.0656 1772  Messenger - ok

19:09:12.0703 1772  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys

19:09:12.0937 1772  mnmdd - ok

19:09:12.0968 1772  [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe

19:09:13.0296 1772  mnmsrvc - ok

19:09:13.0359 1772  [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys

19:09:13.0593 1772  Modem - ok

19:09:13.0625 1772  [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys

19:09:13.0828 1772  Mouclass - ok

19:09:13.0859 1772  [ 66A6F73C74E1791464160A7065CE711A ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys

19:09:14.0062 1772  mouhid - ok

19:09:14.0109 1772  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys

19:09:14.0406 1772  MountMgr - ok

19:09:14.0406 1772  mraid35x - ok

19:09:14.0531 1772  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys

19:09:14.0796 1772  MRxDAV - ok

19:09:14.0984 1772  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

19:09:15.0140 1772  MRxSmb - ok

19:09:15.0171 1772  [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC           C:\WINDOWS\system32\msdtc.exe

19:09:15.0421 1772  MSDTC - ok

19:09:15.0453 1772  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys

19:09:15.0671 1772  Msfs - ok

19:09:15.0687 1772  MSIServer - ok

19:09:15.0718 1772  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys

19:09:15.0937 1772  MSKSSRV - ok

19:09:15.0953 1772  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys

19:09:16.0187 1772  MSPCLOCK - ok

19:09:16.0218 1772  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys

19:09:16.0453 1772  MSPQM - ok

19:09:16.0468 1772  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys

19:09:16.0640 1772  mssmbios - ok

19:09:16.0671 1772  [ CA3E22598F411199ADC2DFEE76CD0AE0 ] ms_mpu401       C:\WINDOWS\system32\drivers\msmpu401.sys

19:09:16.0875 1772  ms_mpu401 - ok

19:09:16.0937 1772  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys

19:09:17.0015 1772  Mup - ok

19:09:17.0109 1772  [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent        C:\WINDOWS\System32\qagentrt.dll

19:09:17.0531 1772  napagent - ok

19:09:17.0609 1772  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys

19:09:18.0125 1772  NDIS - ok

19:09:18.0171 1772  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys

19:09:18.0234 1772  NdisTapi - ok

19:09:18.0250 1772  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys

19:09:18.0515 1772  Ndisuio - ok

19:09:18.0578 1772  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys

19:09:18.0812 1772  NdisWan - ok

19:09:18.0875 1772  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys

19:09:18.0984 1772  NDProxy - ok

19:09:19.0015 1772  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys

19:09:19.0250 1772  NetBIOS - ok

19:09:19.0359 1772  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys

19:09:19.0593 1772  NetBT - ok

19:09:19.0656 1772  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE          C:\WINDOWS\system32\netdde.exe

19:09:19.0937 1772  NetDDE - ok

19:09:20.0000 1772  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe

19:09:20.0156 1772  NetDDEdsdm - ok

19:09:20.0203 1772  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon        C:\WINDOWS\system32\lsass.exe

19:09:20.0484 1772  Netlogon - ok

19:09:20.0578 1772  [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman          C:\WINDOWS\System32\netman.dll

19:09:20.0781 1772  Netman - ok

19:09:20.0859 1772  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

19:09:20.0968 1772  NetTcpPortSharing - ok

19:09:21.0015 1772  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys

19:09:21.0250 1772  NIC1394 - ok

19:09:21.0375 1772  [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla             C:\WINDOWS\System32\mswsock.dll

19:09:21.0406 1772  Nla - ok

19:09:21.0437 1772  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys

19:09:21.0640 1772  Npfs - ok

19:09:21.0828 1772  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys

19:09:22.0593 1772  Ntfs - ok

19:09:22.0625 1772  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe

19:09:22.0812 1772  NtLmSsp - ok

19:09:22.0953 1772  [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll

19:09:23.0468 1772  NtmsSvc - ok

19:09:23.0484 1772  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys

19:09:23.0671 1772  Null - ok

19:09:24.0312 1772  [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

19:09:25.0937 1772  nv - ok

19:09:25.0968 1772  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

19:09:26.0203 1772  NwlnkFlt - ok

19:09:26.0250 1772  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

19:09:26.0500 1772  NwlnkFwd - ok

19:09:26.0546 1772  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys

19:09:26.0750 1772  ohci1394 - ok

19:09:26.0796 1772  [ F84785660305B9B903FB3BCA8BA29837 ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys

19:09:27.0031 1772  Parport - ok

19:09:27.0078 1772  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys

19:09:27.0312 1772  PartMgr - ok

19:09:27.0343 1772  [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys

19:09:27.0562 1772  ParVdm - ok

19:09:27.0609 1772  [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys

19:09:27.0843 1772  PCI - ok

19:09:27.0843 1772  PCIDump - ok

19:09:27.0890 1772  [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys

19:09:28.0078 1772  PCIIde - ok

19:09:28.0140 1772  [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys

19:09:28.0437 1772  Pcmcia - ok

19:09:28.0453 1772  PDCOMP - ok

19:09:28.0468 1772  PDFRAME - ok

19:09:28.0484 1772  PDRELI - ok

19:09:28.0500 1772  PDRFRAME - ok

19:09:28.0515 1772  perc2 - ok

19:09:28.0531 1772  perc2hib - ok

19:09:28.0593 1772  [ C4AA89518E8A2934EAF503C9587FF157 ] pfc             C:\WINDOWS\system32\drivers\pfc.sys

19:09:28.0625 1772  pfc ( UnsignedFile.Multi.Generic ) - warning

19:09:28.0625 1772  pfc - detected UnsignedFile.Multi.Generic (1)

19:09:28.0671 1772  [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay        C:\WINDOWS\system32\services.exe

19:09:28.0687 1772  PlugPlay - ok

19:09:28.0703 1772  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe

19:09:28.0890 1772  PolicyAgent - ok

19:09:28.0953 1772  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys

19:09:29.0171 1772  PptpMiniport - ok

19:09:29.0203 1772  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

19:09:29.0406 1772  ProtectedStorage - ok

19:09:29.0453 1772  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys

19:09:29.0703 1772  PSched - ok

19:09:29.0734 1772  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys

19:09:29.0937 1772  Ptilink - ok

19:09:29.0968 1772  [ B572ED0C3E6165643FA116AF20425A54 ] PxHelp20        C:\WINDOWS\system32\DRIVERS\PxHelp20.sys

19:09:30.0015 1772  PxHelp20 ( UnsignedFile.Multi.Generic ) - warning

19:09:30.0015 1772  PxHelp20 - detected UnsignedFile.Multi.Generic (1)

19:09:30.0031 1772  ql1080 - ok

19:09:30.0046 1772  Ql10wnt - ok

19:09:30.0062 1772  ql12160 - ok

19:09:30.0078 1772  ql1240 - ok

19:09:30.0093 1772  ql1280 - ok

19:09:30.0125 1772  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys

19:09:30.0328 1772  RasAcd - ok

19:09:30.0406 1772  [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto         C:\WINDOWS\System32\rasauto.dll

19:09:30.0640 1772  RasAuto - ok

19:09:30.0687 1772  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

19:09:30.0906 1772  Rasl2tp - ok

19:09:31.0000 1772  [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan          C:\WINDOWS\System32\rasmans.dll

19:09:31.0234 1772  RasMan - ok

19:09:31.0265 1772  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys

19:09:31.0515 1772  RasPppoe - ok

19:09:31.0531 1772  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys

19:09:31.0734 1772  Raspti - ok

19:09:31.0812 1772  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys

19:09:32.0078 1772  Rdbss - ok

19:09:32.0093 1772  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

19:09:32.0312 1772  RDPCDD - ok

19:09:32.0437 1772  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys

19:09:32.0531 1772  RDPWD - ok

19:09:32.0593 1772  [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe

19:09:32.0953 1772  RDSessMgr - ok

19:09:33.0000 1772  [ ED761D453856F795A7FE056E42C36365 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys

19:09:33.0234 1772  redbook - ok

19:09:33.0265 1772  [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll

19:09:33.0531 1772  RemoteAccess - ok

19:09:33.0593 1772  [ 851C30DF2807FCFA21E4C681A7D6440E ] RFCOMM          C:\WINDOWS\system32\DRIVERS\rfcomm.sys

19:09:33.0812 1772  RFCOMM - ok

19:09:33.0875 1772  [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator      C:\WINDOWS\system32\locator.exe

19:09:34.0125 1772  RpcLocator - ok

19:09:34.0281 1772  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs           C:\WINDOWS\system32\rpcss.dll

19:09:34.0406 1772  RpcSs - ok

19:09:34.0484 1772  [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP            C:\WINDOWS\system32\rsvp.exe

19:09:34.0843 1772  RSVP - ok

19:09:34.0859 1772  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs           C:\WINDOWS\system32\lsass.exe

19:09:35.0046 1772  SamSs - ok

19:09:35.0109 1772  [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe

19:09:35.0390 1772  SCardSvr - ok

19:09:35.0484 1772  [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule        C:\WINDOWS\system32\schedsvc.dll

19:09:35.0687 1772  Schedule - ok

19:09:35.0750 1772  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys

19:09:35.0828 1772  Secdrv - ok

19:09:35.0875 1772  [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon        C:\WINDOWS\System32\seclogon.dll

19:09:36.0093 1772  seclogon - ok

19:09:36.0140 1772  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS            C:\WINDOWS\system32\sens.dll

19:09:36.0390 1772  SENS - ok

19:09:36.0406 1772  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys

19:09:36.0625 1772  serenum - ok

19:09:36.0656 1772  [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys

19:09:36.0906 1772  Serial - ok

19:09:36.0953 1772  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys

19:09:37.0156 1772  Sfloppy - ok

19:09:37.0296 1772  [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll

19:09:37.0625 1772  SharedAccess - ok

19:09:37.0687 1772  [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

19:09:37.0718 1772  ShellHWDetection - ok

19:09:37.0718 1772  Simbad - ok

19:09:37.0765 1772  [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp          C:\WINDOWS\system32\DRIVERS\sisagp.sys

19:09:38.0031 1772  sisagp - ok

19:09:38.0078 1772  [ 3FBB6EF8B5A71A2FA11F5F461BB73219 ] SISNIC          C:\WINDOWS\system32\DRIVERS\sisnic.sys

19:09:38.0296 1772  SISNIC - ok

19:09:38.0312 1772  Sparrow - ok

19:09:38.0343 1772  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys

19:09:38.0562 1772  splitter - ok

19:09:38.0609 1772  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe

19:09:38.0656 1772  Spooler - ok

19:09:38.0703 1772  [ 50FA898F8C032796D3B1B9951BB5A90F ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys

19:09:38.0843 1772  sr - ok

19:09:38.0921 1772  [ FE77A85495065F3AD59C5C65B6C54182 ] srservice       C:\WINDOWS\system32\srsvc.dll

19:09:39.0015 1772  srservice - ok

19:09:39.0156 1772  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys

19:09:39.0390 1772  Srv - ok

19:09:39.0453 1772  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll

19:09:39.0562 1772  SSDPSRV - ok

19:09:39.0640 1772  [ 5FFB52404158ABC5D9FF4081BCD67033 ] SSHDRV62        C:\WINDOWS\system32\drivers\SSHDRV62.sys

19:09:39.0687 1772  SSHDRV62 ( UnsignedFile.Multi.Generic ) - warning

19:09:39.0687 1772  SSHDRV62 - detected UnsignedFile.Multi.Generic (1)

19:09:39.0734 1772  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\WINDOWS\system32\DRIVERS\ssmdrv.sys

19:09:39.0750 1772  ssmdrv - ok

19:09:39.0890 1772  [ BC2C5985611C5356B24AEB370953DED9 ] stisvc          C:\WINDOWS\system32\wiaservc.dll

19:09:40.0234 1772  stisvc - ok

19:09:40.0281 1772  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys

19:09:40.0500 1772  swenum - ok

19:09:40.0531 1772  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys

19:09:40.0765 1772  swmidi - ok

19:09:40.0781 1772  SwPrv - ok

19:09:40.0796 1772  symc810 - ok

19:09:40.0812 1772  symc8xx - ok

19:09:40.0828 1772  sym_hi - ok

19:09:40.0843 1772  sym_u3 - ok

19:09:40.0906 1772  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys

19:09:41.0140 1772  sysaudio - ok

19:09:41.0187 1772  [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe

19:09:41.0515 1772  SysmonLog - ok

19:09:41.0625 1772  [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll

19:09:41.0843 1772  TapiSrv - ok

19:09:42.0000 1772  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys

19:09:42.0156 1772  Tcpip - ok

19:09:42.0265 1772  [ 4E53BBCC4BE37D7A4BD6EF1098C89FF7 ] Tcpip6          C:\WINDOWS\system32\DRIVERS\tcpip6.sys

19:09:42.0312 1772  Tcpip6 - ok

19:09:42.0343 1772  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys

19:09:42.0562 1772  TDPIPE - ok

19:09:42.0578 1772  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys

19:09:42.0781 1772  TDTCP - ok

19:09:42.0796 1772  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys

19:09:43.0046 1772  TermDD - ok

19:09:43.0171 1772  [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService     C:\WINDOWS\System32\termsrv.dll

19:09:43.0437 1772  TermService - ok

19:09:43.0515 1772  [ 2DB7D303C36DDD055215052F118E8E75 ] Themes          C:\WINDOWS\System32\shsvcs.dll

19:09:43.0531 1772  Themes - ok

19:09:43.0546 1772  TosIde - ok

19:09:43.0625 1772  [ 626504572B175867F30F3215C04B3E2F ] TrkWks          C:\WINDOWS\system32\trkwks.dll

19:09:43.0812 1772  TrkWks - ok

19:09:43.0843 1772  [ 8F861EDA21C05857EB8197300A92501C ] tunmp           C:\WINDOWS\system32\DRIVERS\tunmp.sys

19:09:44.0046 1772  tunmp - ok

19:09:44.0093 1772  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys

19:09:44.0406 1772  Udfs - ok

19:09:44.0406 1772  ultra - ok

19:09:44.0562 1772  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys

19:09:45.0000 1772  Update - ok

19:09:45.0093 1772  [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost        C:\WINDOWS\System32\upnphost.dll

19:09:45.0203 1772  upnphost - ok

19:09:45.0250 1772  [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS             C:\WINDOWS\System32\ups.exe

19:09:45.0515 1772  UPS - ok

19:09:45.0562 1772  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys

19:09:45.0781 1772  usbehci - ok

19:09:45.0843 1772  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys

19:09:46.0062 1772  usbhub - ok

19:09:46.0078 1772  [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys

19:09:46.0281 1772  usbohci - ok

19:09:46.0312 1772  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

19:09:46.0562 1772  USBSTOR - ok

19:09:46.0609 1772  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys

19:09:46.0828 1772  VgaSave - ok

19:09:46.0843 1772  ViaIde - ok

19:09:46.0875 1772  [ A5A712F4E880874A477AF790B5186E1D ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys

19:09:47.0125 1772  VolSnap - ok

19:09:47.0203 1772  [ 68F106273BE29E7B7EF8266977268E78 ] VSS             C:\WINDOWS\System32\vssvc.exe

19:09:47.0453 1772  VSS - ok

19:09:47.0531 1772  [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time         C:\WINDOWS\system32\w32time.dll

19:09:47.0718 1772  W32Time - ok

19:09:47.0765 1772  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys

19:09:48.0000 1772  Wanarp - ok

19:09:48.0015 1772  WDICA - ok

19:09:48.0078 1772  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys

19:09:48.0296 1772  wdmaud - ok

19:09:48.0406 1772  [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient       C:\WINDOWS\System32\webclnt.dll

19:09:48.0640 1772  WebClient - ok

19:09:48.0765 1772  [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll

19:09:48.0968 1772  winmgmt - ok

19:09:49.0031 1772  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll

19:09:49.0140 1772  WmdmPmSN - ok

19:09:49.0218 1772  [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe

19:09:49.0437 1772  WmiApSrv - ok

19:09:49.0703 1772  [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc   C:\Programme\Windows Media Player\WMPNetwk.exe

19:09:50.0000 1772  WMPNetworkSvc - ok

19:09:50.0062 1772  [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc          C:\WINDOWS\system32\wscsvc.dll

19:09:50.0296 1772  wscsvc - ok

19:09:50.0328 1772  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll

19:09:50.0531 1772  wuauserv - ok

19:09:50.0578 1772  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys

19:09:50.0687 1772  WudfPf - ok

19:09:50.0734 1772  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys

19:09:50.0796 1772  WudfRd - ok

19:09:50.0828 1772  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll

19:09:50.0906 1772  WudfSvc - ok

19:09:51.0109 1772  [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll

19:09:51.0546 1772  WZCSVC - ok

19:09:51.0640 1772  [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll

19:09:51.0921 1772  xmlprov - ok

19:09:51.0968 1772  ================ Scan global ===============================

19:09:52.0015 1772  [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll

19:09:52.0125 1772  [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll

19:09:52.0265 1772  [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll

19:09:52.0312 1772  [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe

19:09:52.0312 1772  [Global] - ok

19:09:52.0328 1772  ================ Scan MBR ==================================

19:09:52.0359 1772  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0

19:09:52.0843 1772  \Device\Harddisk0\DR0 - ok

19:09:52.0843 1772  ================ Scan VBR ==================================

19:09:52.0875 1772  [ AD0D9DED0D52821FBB8F3A5B99AEE9F4 ] \Device\Harddisk0\DR0\Partition1

19:09:52.0875 1772  \Device\Harddisk0\DR0\Partition1 - ok

19:09:52.0906 1772  [ 5546AFAB2D47C5BA5F8E4311C325B3D9 ] \Device\Harddisk0\DR0\Partition2

19:09:52.0906 1772  \Device\Harddisk0\DR0\Partition2 - ok

19:09:52.0921 1772  ============================================================

19:09:52.0921 1772  Scan finished

19:09:52.0921 1772  ============================================================

19:09:53.0062 3416  Detected object count: 3

19:09:53.0062 3416  Actual detected object count: 3

19:17:10.0156 3416  pfc ( UnsignedFile.Multi.Generic ) - skipped by user

19:17:10.0156 3416  pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip 

19:17:10.0171 3416  PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user

19:17:10.0171 3416  PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

19:17:10.0171 3416  SSHDRV62 ( UnsignedFile.Multi.Generic ) - skipped by user

19:17:10.0171 3416  SSHDRV62 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

19:17:25.0140 3248  ============================================================

19:17:25.0156 3248  Scan started

19:17:25.0156 3248  Mode: Manual; SigCheck; TDLFS; 

19:17:25.0156 3248  ============================================================

19:17:25.0656 3248  ================ Scan system memory ========================

19:17:25.0671 3248  System memory - ok

19:17:25.0671 3248  ================ Scan services =============================

19:17:25.0984 3248  [ D5A6658CBFBBF9A0F8827E83C9FDE806 ] 6to4            C:\WINDOWS\System32\6to4svc.dll

19:17:26.0062 3248  6to4 - ok

19:17:26.0125 3248  Abiosdsk - ok

19:17:26.0125 3248  abp480n5 - ok

19:17:26.0218 3248  [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys

19:17:26.0421 3248  ACPI - ok

19:17:26.0468 3248  [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys

19:17:26.0640 3248  ACPIEC - ok

19:17:26.0656 3248  adpu160m - ok

19:17:26.0718 3248  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys

19:17:26.0906 3248  aec - ok

19:17:26.0984 3248  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys

19:17:27.0000 3248  AFD - ok

19:17:27.0015 3248  Aha154x - ok

19:17:27.0031 3248  aic78u2 - ok

19:17:27.0046 3248  aic78xx - ok

19:17:27.0296 3248  [ 7BFE59F5EFF8896D043CFDE731B262E9 ] ALCXWDM         C:\WINDOWS\system32\drivers\ALCXWDM.SYS

19:17:27.0500 3248  ALCXWDM - ok

19:17:27.0546 3248  [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter         C:\WINDOWS\system32\alrsvc.dll

19:17:27.0734 3248  Alerter - ok

19:17:27.0765 3248  [ 190CD73D4984F94D823F9444980513E5 ] ALG             C:\WINDOWS\System32\alg.exe

19:17:27.0843 3248  ALG - ok

19:17:27.0859 3248  AliIde - ok

19:17:27.0875 3248  amsint - ok

19:17:28.0015 3248  [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe

19:17:28.0031 3248  AntiVirSchedulerService - ok

19:17:28.0093 3248  [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService  C:\Programme\Avira\AntiVir Desktop\avguard.exe

19:17:28.0109 3248  AntiVirService - ok

19:17:28.0343 3248  [ 5A123AABB571AEA78AE63AF5E372F796 ] AntiVirWebService C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE

19:17:28.0453 3248  AntiVirWebService - ok

19:17:28.0453 3248  AppMgmt - ok

19:17:28.0515 3248  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys

19:17:28.0687 3248  Arp1394 - ok

19:17:28.0703 3248  asc - ok

19:17:28.0718 3248  asc3350p - ok

19:17:28.0734 3248  asc3550 - ok

19:17:28.0875 3248  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

19:17:28.0890 3248  aspnet_state - ok

19:17:28.0921 3248  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys

19:17:29.0093 3248  AsyncMac - ok

19:17:29.0156 3248  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys

19:17:29.0328 3248  atapi - ok

19:17:29.0343 3248  Atdisk - ok

19:17:29.0390 3248  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys

19:17:29.0562 3248  Atmarpc - ok

19:17:29.0609 3248  [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll

19:17:29.0781 3248  AudioSrv - ok

19:17:29.0828 3248  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys

19:17:30.0000 3248  audstub - ok

19:17:30.0046 3248  [ 87425709A251386064C99B684BF96F72 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys

19:17:30.0078 3248  avgntflt - ok

19:17:30.0171 3248  [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys

19:17:30.0203 3248  avipbb - ok

19:17:30.0250 3248  [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys

19:17:30.0265 3248  avkmgr - ok

19:17:30.0328 3248  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys

19:17:30.0500 3248  Beep - ok

19:17:30.0625 3248  [ D6F603772A789BB3228F310D650B8BD1 ] BITS            C:\WINDOWS\system32\qmgr.dll

19:17:30.0875 3248  BITS - ok

19:17:30.0937 3248  [ B71549F23736ADF83A571061C47777FD ] Browser         C:\WINDOWS\System32\browser.dll

19:17:30.0953 3248  Browser - ok

19:17:31.0000 3248  [ B279426E3C0C344893ED78A613A73BDE ] BthEnum         C:\WINDOWS\system32\DRIVERS\BthEnum.sys

19:17:31.0187 3248  BthEnum - ok

19:17:31.0218 3248  [ FCA6F069597B62D42495191ACE3FC6C1 ] BTHMODEM        C:\WINDOWS\system32\DRIVERS\bthmodem.sys

19:17:31.0390 3248  BTHMODEM - ok

19:17:31.0453 3248  [ 80602B8746D3738F5886CE3D67EF06B6 ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys

19:17:31.0625 3248  BthPan - ok

19:17:31.0750 3248  [ 592E1CEDBE314D0EF184DC6F46141E76 ] BTHPORT         C:\WINDOWS\system32\Drivers\BTHport.sys

19:17:31.0781 3248  BTHPORT - ok

19:17:31.0828 3248  [ 26C601EF7525E31379744ABFC6F35A1B ] BthServ         C:\WINDOWS\System32\bthserv.dll

19:17:31.0984 3248  BthServ - ok

19:17:32.0015 3248  [ 61364CD71EF63B0F038B7E9DF00F1EFA ] BTHUSB          C:\WINDOWS\system32\Drivers\BTHUSB.sys

19:17:32.0218 3248  BTHUSB - ok

19:17:32.0265 3248  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys

19:17:32.0437 3248  cbidf2k - ok

19:17:32.0453 3248  cd20xrnt - ok

19:17:32.0484 3248  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys

19:17:32.0656 3248  Cdaudio - ok

19:17:32.0687 3248  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys

19:17:32.0859 3248  Cdfs - ok

19:17:32.0921 3248  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys

19:17:33.0093 3248  Cdrom - ok

19:17:33.0093 3248  Changer - ok

19:17:33.0140 3248  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc           C:\WINDOWS\system32\cisvc.exe

19:17:33.0312 3248  CiSvc - ok

19:17:33.0343 3248  [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe

19:17:33.0515 3248  ClipSrv - ok

19:17:33.0562 3248  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

19:17:33.0578 3248  clr_optimization_v2.0.50727_32 - ok

19:17:33.0593 3248  CmdIde - ok

19:17:33.0609 3248  COMSysApp - ok

19:17:33.0625 3248  Cpqarray - ok

19:17:33.0687 3248  [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll

19:17:33.0859 3248  CryptSvc - ok

19:17:33.0859 3248  dac2w2k - ok

19:17:33.0875 3248  dac960nt - ok

19:17:33.0921 3248  [ B1AD007F9A7DD8CFC981958D5C167D2D ] DcCam           C:\WINDOWS\system32\DRIVERS\DcCam.sys

19:17:33.0953 3248  DcCam - ok

19:17:34.0000 3248  [ 5FD20284CAAF112201311619FF89FA44 ] DcFpoint        C:\WINDOWS\system32\DRIVERS\DcFpoint.sys

19:17:34.0015 3248  DcFpoint - ok

19:17:34.0062 3248  [ 867F7E6841B15D32481C3F1B83364E3A ] DCFS2K          C:\WINDOWS\system32\drivers\dcfs2k.sys

19:17:34.0093 3248  DCFS2K - ok

19:17:34.0109 3248  [ 1B889AC45FAF088FF2AF690779368956 ] DcLps           C:\WINDOWS\system32\DRIVERS\DcLps.sys

19:17:34.0125 3248  DcLps - ok

19:17:34.0296 3248  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll

19:17:34.0406 3248  DcomLaunch - ok

19:17:34.0453 3248  [ 47B1CCEC23AEC5AE6A2005D1A0D8ED65 ] DcPTP           C:\WINDOWS\system32\DRIVERS\DcPTP.sys

19:17:34.0468 3248  DcPTP - ok

19:17:34.0546 3248  [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll

19:17:34.0718 3248  Dhcp - ok

19:17:34.0750 3248  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys

19:17:34.0921 3248  Disk - ok

19:17:34.0921 3248  dmadmin - ok

19:17:35.0031 3248  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys

19:17:35.0375 3248  dmboot - ok

19:17:35.0437 3248  [ 53720AB12B48719D00E327DA470A619A ] dmio            C:\WINDOWS\system32\drivers\dmio.sys

19:17:35.0609 3248  dmio - ok

19:17:35.0640 3248  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys

19:17:35.0796 3248  dmload - ok

19:17:35.0843 3248  [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver        C:\WINDOWS\System32\dmserver.dll

19:17:36.0031 3248  dmserver - ok

19:17:36.0078 3248  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys

19:17:36.0250 3248  DMusic - ok

19:17:36.0296 3248  [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll

19:17:36.0328 3248  Dnscache - ok

19:17:36.0390 3248  [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll

19:17:36.0562 3248  Dot3svc - ok

19:17:36.0640 3248  [ 3E4B043F8BC6BE1D4820CC6C9C500306 ] dot4            C:\WINDOWS\system32\DRIVERS\Dot4.sys

19:17:36.0812 3248  dot4 - ok

19:17:36.0843 3248  [ 77CE63A8A34AE23D9FE4C7896D1DEBE7 ] Dot4Print       C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys

19:17:37.0015 3248  Dot4Print - ok

19:17:37.0046 3248  [ BD05306428DA63369692477DDC0F6F5F ] Dot4Scan        C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys

19:17:37.0218 3248  Dot4Scan - ok

19:17:37.0250 3248  [ 29E86AF2F3457D0441348020FE3CFBD0 ] dot4usb         C:\WINDOWS\system32\DRIVERS\dot4usb.sys

19:17:37.0421 3248  dot4usb - ok

19:17:37.0437 3248  dpti2o - ok

19:17:37.0468 3248  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys

19:17:37.0640 3248  drmkaud - ok

19:17:37.0687 3248  [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost         C:\WINDOWS\System32\eapsvc.dll

19:17:37.0859 3248  EapHost - ok

19:17:37.0890 3248  [ 877C18558D70587AA7823A1A308AC96B ] ERSvc           C:\WINDOWS\System32\ersvc.dll

19:17:38.0046 3248  ERSvc - ok

19:17:38.0125 3248  [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog        C:\WINDOWS\system32\services.exe

19:17:38.0156 3248  Eventlog - ok

19:17:38.0265 3248  [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem     C:\WINDOWS\system32\es.dll

19:17:38.0296 3248  EventSystem - ok

19:17:38.0359 3248  [ 20FF28FB3B268E7C76B10841A9F81BA4 ] Exportit        C:\WINDOWS\system32\DRIVERS\exportit.sys

19:17:38.0390 3248  Exportit - ok

19:17:38.0453 3248  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys

19:17:38.0609 3248  Fastfat - ok

19:17:38.0687 3248  [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

19:17:38.0718 3248  FastUserSwitchingCompatibility - ok

19:17:38.0750 3248  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys

19:17:38.0937 3248  Fdc - ok

19:17:38.0984 3248  [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys

19:17:39.0140 3248  Fips - ok

19:17:39.0171 3248  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys

19:17:39.0343 3248  Flpydisk - ok

19:17:39.0406 3248  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys

19:17:39.0578 3248  FltMgr - ok

19:17:39.0656 3248  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

19:17:39.0671 3248  FontCache3.0.0.0 - ok

19:17:39.0687 3248  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys

19:17:39.0875 3248  Fs_Rec - ok

19:17:39.0921 3248  [ 8F1955CE42E1484714B542F341647778 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys

19:17:40.0093 3248  Ftdisk - ok

19:17:40.0109 3248  [ 065639773D8B03F33577F6CDAEA21063 ] gameenum        C:\WINDOWS\system32\DRIVERS\gameenum.sys

19:17:40.0296 3248  gameenum - ok

19:17:40.0328 3248  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys

19:17:40.0500 3248  Gpc - ok

19:17:40.0625 3248  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Programme\Google\Update\GoogleUpdate.exe

19:17:40.0640 3248  gupdate - ok

19:17:40.0703 3248  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Programme\Google\Update\GoogleUpdate.exe

19:17:40.0718 3248  gupdatem - ok

19:17:40.0796 3248  [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

19:17:40.0953 3248  helpsvc - ok

19:17:40.0968 3248  HidServ - ok

19:17:41.0046 3248  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys

19:17:41.0218 3248  HidUsb - ok

19:17:41.0265 3248  [ ED29F14101523A6E0E808107405D452C ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll

19:17:41.0437 3248  hkmsvc - ok

19:17:41.0437 3248  hpn - ok

19:17:41.0578 3248  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys

19:17:41.0593 3248  HTTP - ok

19:17:41.0625 3248  [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll

19:17:41.0781 3248  HTTPFilter - ok

19:17:41.0796 3248  i2omgmt - ok

19:17:41.0812 3248  i2omp - ok

19:17:41.0859 3248  [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys

19:17:42.0015 3248  i8042prt - ok

19:17:42.0375 3248  [ BE4D946B5D8745DD7CD4CA9CA04F4989 ] IBUpdaterService C:\WINDOWS\system32\dmwu.exe

19:17:42.0656 3248  IBUpdaterService - ok

19:17:42.0984 3248  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

19:17:43.0265 3248  idsvc - ok

19:17:43.0296 3248  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys

19:17:43.0468 3248  Imapi - ok

19:17:43.0546 3248  [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService    C:\WINDOWS\system32\imapi.exe

19:17:43.0703 3248  ImapiService - ok

19:17:43.0718 3248  ini910u - ok

19:17:43.0750 3248  IntelIde - ok

19:17:43.0796 3248  [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys

19:17:43.0968 3248  intelppm - ok

19:17:44.0015 3248  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys

19:17:44.0187 3248  Ip6Fw - ok

19:17:44.0234 3248  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

19:17:44.0390 3248  IpFilterDriver - ok

19:17:44.0421 3248  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys

19:17:44.0578 3248  IpInIp - ok

19:17:44.0656 3248  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys

19:17:44.0828 3248  IpNat - ok

19:17:44.0859 3248  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys

19:17:45.0031 3248  IPSec - ok

19:17:45.0046 3248  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys

19:17:45.0125 3248  IRENUM - ok

19:17:45.0171 3248  [ 6DFB88F64135C525433E87648BDA30DE ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys

19:17:45.0359 3248  isapnp - ok

19:17:45.0500 3248  [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe

19:17:45.0515 3248  JavaQuickStarterService - ok

19:17:45.0546 3248  [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys

19:17:45.0703 3248  Kbdclass - ok

19:17:45.0765 3248  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys

19:17:45.0937 3248  kmixer - ok

19:17:46.0093 3248  [ 4E1060D2F3B745931CF83B3649BE8A57 ] KodakCCS        C:\WINDOWS\system32\drivers\KodakCCS.exe

19:17:46.0125 3248  KodakCCS - ok

19:17:46.0187 3248  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys

19:17:46.0203 3248  KSecDD - ok

19:17:46.0281 3248  [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll

19:17:46.0312 3248  lanmanserver - ok

19:17:46.0390 3248  [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

19:17:46.0406 3248  lanmanworkstation - ok

19:17:46.0421 3248  lbrtfdc - ok

19:17:46.0468 3248  [ 636714B7D43C8D0C80449123FD266920 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll

19:17:46.0656 3248  LmHosts - ok

19:17:46.0703 3248  [ B7550A7107281D170CE85524B1488C98 ] Messenger       C:\WINDOWS\System32\msgsvc.dll

19:17:46.0859 3248  Messenger - ok

19:17:46.0906 3248  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys

19:17:47.0046 3248  mnmdd - ok

19:17:47.0093 3248  [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe

19:17:47.0281 3248  mnmsrvc - ok

19:17:47.0312 3248  [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys

19:17:47.0484 3248  Modem - ok

19:17:47.0515 3248  [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys

19:17:47.0687 3248  Mouclass - ok

19:17:47.0687 3248  [ 66A6F73C74E1791464160A7065CE711A ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys

19:17:47.0859 3248  mouhid - ok

19:17:47.0906 3248  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys

19:17:48.0046 3248  MountMgr - ok

19:17:48.0062 3248  mraid35x - ok

19:17:48.0156 3248  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys

19:17:48.0328 3248  MRxDAV - ok

19:17:48.0515 3248  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

19:17:48.0625 3248  MRxSmb - ok

19:17:48.0656 3248  [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC           C:\WINDOWS\system32\msdtc.exe

19:17:48.0812 3248  MSDTC - ok

19:17:48.0843 3248  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys

19:17:49.0000 3248  Msfs - ok

19:17:49.0015 3248  MSIServer - ok

19:17:49.0046 3248  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys

19:17:49.0203 3248  MSKSSRV - ok

19:17:49.0218 3248  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys

19:17:49.0390 3248  MSPCLOCK - ok

19:17:49.0390 3248  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys

19:17:49.0562 3248  MSPQM - ok

19:17:49.0593 3248  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys

19:17:49.0734 3248  mssmbios - ok

19:17:49.0781 3248  [ CA3E22598F411199ADC2DFEE76CD0AE0 ] ms_mpu401       C:\WINDOWS\system32\drivers\msmpu401.sys

19:17:49.0937 3248  ms_mpu401 - ok

19:17:50.0000 3248  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys

19:17:50.0015 3248  Mup - ok

19:17:50.0109 3248  [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent        C:\WINDOWS\System32\qagentrt.dll

19:17:50.0312 3248  napagent - ok

19:17:50.0390 3248  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys

19:17:50.0562 3248  NDIS - ok

19:17:50.0593 3248  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys

19:17:50.0625 3248  NdisTapi - ok

19:17:50.0640 3248  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys

19:17:50.0812 3248  Ndisuio - ok

19:17:50.0875 3248  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys

19:17:51.0031 3248  NdisWan - ok

19:17:51.0109 3248  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys

19:17:51.0140 3248  NDProxy - ok

19:17:51.0171 3248  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys

19:17:51.0328 3248  NetBIOS - ok

19:17:51.0406 3248  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys

19:17:51.0562 3248  NetBT - ok

19:17:51.0625 3248  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE          C:\WINDOWS\system32\netdde.exe

19:17:51.0796 3248  NetDDE - ok

19:17:51.0828 3248  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe

19:17:52.0000 3248  NetDDEdsdm - ok

19:17:52.0031 3248  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon        C:\WINDOWS\system32\lsass.exe

19:17:52.0203 3248  Netlogon - ok

19:17:52.0296 3248  [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman          C:\WINDOWS\System32\netman.dll

19:17:52.0468 3248  Netman - ok

19:17:52.0546 3248  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

19:17:52.0562 3248  NetTcpPortSharing - ok

19:17:52.0625 3248  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys

19:17:52.0796 3248  NIC1394 - ok

19:17:52.0921 3248  [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla             C:\WINDOWS\System32\mswsock.dll

19:17:52.0937 3248  Nla - ok

19:17:52.0968 3248  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys

19:17:53.0125 3248  Npfs - ok

19:17:53.0359 3248  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys

19:17:53.0609 3248  Ntfs - ok

19:17:53.0625 3248  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe

19:17:53.0796 3248  NtLmSsp - ok

19:17:53.0937 3248  [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll

19:17:54.0203 3248  NtmsSvc - ok

19:17:54.0234 3248  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys

19:17:54.0375 3248  Null - ok

19:17:55.0015 3248  [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

19:17:55.0703 3248  nv - ok

19:17:55.0734 3248  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

19:17:55.0890 3248  NwlnkFlt - ok

19:17:55.0937 3248  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

19:17:56.0109 3248  NwlnkFwd - ok

19:17:56.0156 3248  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys

19:17:56.0328 3248  ohci1394 - ok

19:17:56.0375 3248  [ F84785660305B9B903FB3BCA8BA29837 ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys

19:17:56.0546 3248  Parport - ok

19:17:56.0593 3248  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys

19:17:56.0750 3248  PartMgr - ok

19:17:56.0781 3248  [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys

19:17:56.0937 3248  ParVdm - ok

19:17:57.0000 3248  [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys

19:17:57.0156 3248  PCI - ok

19:17:57.0187 3248  PCIDump - ok

19:17:57.0218 3248  [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys

19:17:57.0375 3248  PCIIde - ok

19:17:57.0437 3248  [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys

19:17:57.0578 3248  Pcmcia - ok

19:17:57.0593 3248  PDCOMP - ok

19:17:57.0609 3248  PDFRAME - ok

19:17:57.0625 3248  PDRELI - ok

19:17:57.0640 3248  PDRFRAME - ok

19:17:57.0656 3248  perc2 - ok

19:17:57.0671 3248  perc2hib - ok

19:17:57.0734 3248  [ C4AA89518E8A2934EAF503C9587FF157 ] pfc             C:\WINDOWS\system32\drivers\pfc.sys

19:17:57.0734 3248  pfc ( UnsignedFile.Multi.Generic ) - warning

19:17:57.0734 3248  pfc - detected UnsignedFile.Multi.Generic (1)

19:17:57.0796 3248  [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay        C:\WINDOWS\system32\services.exe

19:17:57.0812 3248  PlugPlay - ok

19:17:57.0843 3248  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe

19:17:58.0000 3248  PolicyAgent - ok

19:17:58.0062 3248  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys

19:17:58.0250 3248  PptpMiniport - ok

19:17:58.0265 3248  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

19:17:58.0421 3248  ProtectedStorage - ok

19:17:58.0468 3248  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys

19:17:58.0625 3248  PSched - ok

19:17:58.0640 3248  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys

19:17:58.0812 3248  Ptilink - ok

19:17:58.0843 3248  [ B572ED0C3E6165643FA116AF20425A54 ] PxHelp20        C:\WINDOWS\system32\DRIVERS\PxHelp20.sys

19:17:58.0859 3248  PxHelp20 ( UnsignedFile.Multi.Generic ) - warning

19:17:58.0859 3248  PxHelp20 - detected UnsignedFile.Multi.Generic (1)

19:17:58.0875 3248  ql1080 - ok

19:17:58.0890 3248  Ql10wnt - ok

19:17:58.0906 3248  ql12160 - ok

19:17:58.0921 3248  ql1240 - ok

19:17:58.0937 3248  ql1280 - ok

19:17:58.0968 3248  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys

19:17:59.0125 3248  RasAcd - ok

19:17:59.0187 3248  [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto         C:\WINDOWS\System32\rasauto.dll

19:17:59.0343 3248  RasAuto - ok

19:17:59.0375 3248  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

19:17:59.0546 3248  Rasl2tp - ok

19:17:59.0625 3248  [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan          C:\WINDOWS\System32\rasmans.dll

19:17:59.0796 3248  RasMan - ok

19:17:59.0828 3248  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys

19:17:59.0984 3248  RasPppoe - ok

19:18:00.0015 3248  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys

19:18:00.0156 3248  Raspti - ok

19:18:00.0250 3248  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys

19:18:00.0406 3248  Rdbss - ok

19:18:00.0421 3248  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

19:18:00.0593 3248  RDPCDD - ok

19:18:00.0687 3248  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys

19:18:00.0718 3248  RDPWD - ok

19:18:00.0781 3248  [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe

19:18:00.0937 3248  RDSessMgr - ok

19:18:01.0000 3248  [ ED761D453856F795A7FE056E42C36365 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys

19:18:01.0203 3248  redbook - ok

19:18:01.0234 3248  [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll

19:18:01.0406 3248  RemoteAccess - ok

19:18:01.0468 3248  [ 851C30DF2807FCFA21E4C681A7D6440E ] RFCOMM          C:\WINDOWS\system32\DRIVERS\rfcomm.sys

19:18:01.0640 3248  RFCOMM - ok

19:18:01.0687 3248  [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator      C:\WINDOWS\system32\locator.exe

19:18:01.0859 3248  RpcLocator - ok

19:18:02.0000 3248  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs           C:\WINDOWS\system32\rpcss.dll

19:18:02.0109 3248  RpcSs - ok

19:18:02.0187 3248  [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP            C:\WINDOWS\system32\rsvp.exe

19:18:02.0359 3248  RSVP - ok

19:18:02.0375 3248  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs           C:\WINDOWS\system32\lsass.exe

19:18:02.0546 3248  SamSs - ok

19:18:02.0609 3248  [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe

19:18:02.0750 3248  SCardSvr - ok

19:18:02.0859 3248  [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule        C:\WINDOWS\system32\schedsvc.dll

19:18:03.0015 3248  Schedule - ok

19:18:03.0078 3248  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys

19:18:03.0156 3248  Secdrv - ok

19:18:03.0187 3248  [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon        C:\WINDOWS\System32\seclogon.dll

19:18:03.0343 3248  seclogon - ok

19:18:03.0406 3248  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS            C:\WINDOWS\system32\sens.dll

19:18:03.0578 3248  SENS - ok

19:18:03.0593 3248  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys

19:18:03.0750 3248  serenum - ok

19:18:03.0796 3248  [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys

19:18:03.0953 3248  Serial - ok

19:18:04.0015 3248  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys

19:18:04.0187 3248  Sfloppy - ok

19:18:04.0328 3248  [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll

19:18:04.0562 3248  SharedAccess - ok

19:18:04.0625 3248  [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

19:18:04.0656 3248  ShellHWDetection - ok

19:18:04.0671 3248  Simbad - ok

19:18:04.0718 3248  [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp          C:\WINDOWS\system32\DRIVERS\sisagp.sys

19:18:04.0875 3248  sisagp - ok

19:18:04.0921 3248  [ 3FBB6EF8B5A71A2FA11F5F461BB73219 ] SISNIC          C:\WINDOWS\system32\DRIVERS\sisnic.sys

19:18:05.0078 3248  SISNIC - ok

19:18:05.0093 3248  Sparrow - ok

19:18:05.0125 3248  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys

19:18:05.0281 3248  splitter - ok

19:18:05.0328 3248  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe

19:18:05.0343 3248  Spooler - ok

19:18:05.0375 3248  [ 50FA898F8C032796D3B1B9951BB5A90F ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys

19:18:05.0468 3248  sr - ok

19:18:05.0546 3248  [ FE77A85495065F3AD59C5C65B6C54182 ] srservice       C:\WINDOWS\system32\srsvc.dll

19:18:05.0625 3248  srservice - ok

19:18:05.0781 3248  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys

19:18:05.0875 3248  Srv - ok

19:18:05.0921 3248  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll

19:18:06.0000 3248  SSDPSRV - ok

19:18:06.0062 3248  [ 5FFB52404158ABC5D9FF4081BCD67033 ] SSHDRV62        C:\WINDOWS\system32\drivers\SSHDRV62.sys

19:18:06.0078 3248  SSHDRV62 ( UnsignedFile.Multi.Generic ) - warning

19:18:06.0078 3248  SSHDRV62 - detected UnsignedFile.Multi.Generic (1)

19:18:06.0156 3248  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\WINDOWS\system32\DRIVERS\ssmdrv.sys

19:18:06.0187 3248  ssmdrv - ok

19:18:06.0312 3248  [ BC2C5985611C5356B24AEB370953DED9 ] stisvc          C:\WINDOWS\system32\wiaservc.dll

19:18:06.0562 3248  stisvc - ok

19:18:06.0593 3248  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys

19:18:06.0765 3248  swenum - ok

19:18:06.0812 3248  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys

19:18:06.0984 3248  swmidi - ok

19:18:07.0000 3248  SwPrv - ok

19:18:07.0015 3248  symc810 - ok

19:18:07.0031 3248  symc8xx - ok

19:18:07.0046 3248  sym_hi - ok

19:18:07.0062 3248  sym_u3 - ok

19:18:07.0109 3248  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys

19:18:07.0296 3248  sysaudio - ok

19:18:07.0343 3248  [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe

19:18:07.0500 3248  SysmonLog - ok

19:18:07.0609 3248  [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll

19:18:07.0781 3248  TapiSrv - ok

19:18:07.0937 3248  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys

19:18:08.0046 3248  Tcpip - ok

19:18:08.0140 3248  [ 4E53BBCC4BE37D7A4BD6EF1098C89FF7 ] Tcpip6          C:\WINDOWS\system32\DRIVERS\tcpip6.sys

19:18:08.0203 3248  Tcpip6 - ok

19:18:08.0234 3248  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys

19:18:08.0390 3248  TDPIPE - ok

19:18:08.0406 3248  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys

19:18:08.0578 3248  TDTCP - ok

19:18:08.0609 3248  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys

19:18:08.0765 3248  TermDD - ok

19:18:08.0906 3248  [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService     C:\WINDOWS\System32\termsrv.dll

19:18:09.0062 3248  TermService - ok

19:18:09.0125 3248  [ 2DB7D303C36DDD055215052F118E8E75 ] Themes          C:\WINDOWS\System32\shsvcs.dll

19:18:09.0140 3248  Themes - ok

19:18:09.0156 3248  TosIde - ok

19:18:09.0218 3248  [ 626504572B175867F30F3215C04B3E2F ] TrkWks          C:\WINDOWS\system32\trkwks.dll

19:18:09.0390 3248  TrkWks - ok

19:18:09.0421 3248  [ 8F861EDA21C05857EB8197300A92501C ] tunmp           C:\WINDOWS\system32\DRIVERS\tunmp.sys

19:18:09.0578 3248  tunmp - ok

19:18:09.0625 3248  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys

19:18:09.0781 3248  Udfs - ok

19:18:09.0796 3248  ultra - ok

19:18:09.0953 3248  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys

19:18:10.0203 3248  Update - ok

19:18:10.0296 3248  [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost        C:\WINDOWS\System32\upnphost.dll

19:18:10.0375 3248  upnphost - ok

19:18:10.0421 3248  [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS             C:\WINDOWS\System32\ups.exe

19:18:10.0578 3248  UPS - ok

19:18:10.0625 3248  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys

19:18:10.0765 3248  usbehci - ok

19:18:10.0828 3248  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys

19:18:10.0984 3248  usbhub - ok

19:18:11.0015 3248  [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys

19:18:11.0203 3248  usbohci - ok

19:18:11.0250 3248  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

19:18:11.0406 3248  USBSTOR - ok

19:18:11.0437 3248  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys

19:18:11.0593 3248  VgaSave - ok

19:18:11.0609 3248  ViaIde - ok

19:18:11.0640 3248  [ A5A712F4E880874A477AF790B5186E1D ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys

19:18:11.0796 3248  VolSnap - ok

19:18:11.0890 3248  [ 68F106273BE29E7B7EF8266977268E78 ] VSS             C:\WINDOWS\System32\vssvc.exe

19:18:11.0968 3248  VSS - ok

19:18:12.0062 3248  [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time         C:\WINDOWS\system32\w32time.dll

19:18:12.0234 3248  W32Time - ok

19:18:12.0281 3248  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys

19:18:12.0437 3248  Wanarp - ok

19:18:12.0453 3248  WDICA - ok

19:18:12.0515 3248  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys

19:18:12.0671 3248  wdmaud - ok

19:18:12.0718 3248  [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient       C:\WINDOWS\System32\webclnt.dll

19:18:12.0859 3248  WebClient - ok

19:18:13.0000 3248  [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll

19:18:13.0156 3248  winmgmt - ok

19:18:13.0218 3248  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll

19:18:13.0234 3248  WmdmPmSN - ok

19:18:13.0312 3248  [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe

19:18:13.0468 3248  WmiApSrv - ok

19:18:13.0734 3248  [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc   C:\Programme\Windows Media Player\WMPNetwk.exe

19:18:14.0000 3248  WMPNetworkSvc - ok

19:18:14.0062 3248  [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc          C:\WINDOWS\system32\wscsvc.dll

19:18:14.0250 3248  wscsvc - ok

19:18:14.0281 3248  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll

19:18:14.0437 3248  wuauserv - ok

19:18:14.0484 3248  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys

19:18:14.0515 3248  WudfPf - ok

19:18:14.0562 3248  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys

19:18:14.0578 3248  WudfRd - ok

19:18:14.0609 3248  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll

19:18:14.0625 3248  WudfSvc - ok

19:18:14.0812 3248  [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll

19:18:15.0046 3248  WZCSVC - ok

19:18:15.0109 3248  [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll

19:18:15.0296 3248  xmlprov - ok

19:18:15.0328 3248  ================ Scan global ===============================

19:18:15.0390 3248  [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll

19:18:15.0515 3248  [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll

19:18:15.0625 3248  [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll

19:18:15.0687 3248  [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe

19:18:15.0703 3248  [Global] - ok

19:18:15.0703 3248  ================ Scan MBR ==================================

19:18:15.0718 3248  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0

19:18:16.0203 3248  \Device\Harddisk0\DR0 - ok

19:18:16.0218 3248  ================ Scan VBR ==================================

19:18:16.0250 3248  [ AD0D9DED0D52821FBB8F3A5B99AEE9F4 ] \Device\Harddisk0\DR0\Partition1

19:18:16.0250 3248  \Device\Harddisk0\DR0\Partition1 - ok

19:18:16.0296 3248  [ 5546AFAB2D47C5BA5F8E4311C325B3D9 ] \Device\Harddisk0\DR0\Partition2

19:18:16.0296 3248  \Device\Harddisk0\DR0\Partition2 - ok

19:18:16.0296 3248  ============================================================

19:18:16.0296 3248  Scan finished

19:18:16.0296 3248  ============================================================

19:18:16.0328 3836  Detected object count: 3

19:18:16.0328 3836  Actual detected object count: 3

19:18:27.0671 3836  pfc ( UnsignedFile.Multi.Generic ) - skipped by user

19:18:27.0671 3836  pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip 

19:18:27.0687 3836  PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user

19:18:27.0687 3836  PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

19:18:27.0687 3836  SSHDRV62 ( UnsignedFile.Multi.Generic ) - skipped by user

19:18:27.0687 3836  SSHDRV62 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

19:20:27.0218 3284  ============================================================

19:20:27.0218 3284  Scan started

19:20:27.0218 3284  Mode: Manual; SigCheck; TDLFS; 

19:20:27.0218 3284  ============================================================

19:20:27.0968 3284  ================ Scan system memory ========================

19:20:27.0968 3284  System memory - ok

19:20:27.0984 3284  ================ Scan services =============================

19:20:28.0296 3284  [ D5A6658CBFBBF9A0F8827E83C9FDE806 ] 6to4            C:\WINDOWS\System32\6to4svc.dll

19:20:28.0359 3284  6to4 - ok

19:20:28.0406 3284  Abiosdsk - ok

19:20:28.0421 3284  abp480n5 - ok

19:20:28.0515 3284  [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys

19:20:28.0718 3284  ACPI - ok

19:20:28.0750 3284  [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys

19:20:28.0921 3284  ACPIEC - ok

19:20:28.0937 3284  adpu160m - ok

19:20:29.0000 3284  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys

19:20:29.0203 3284  aec - ok

19:20:29.0281 3284  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys

19:20:29.0296 3284  AFD - ok

19:20:29.0312 3284  Aha154x - ok

19:20:29.0328 3284  aic78u2 - ok

19:20:29.0343 3284  aic78xx - ok

19:20:29.0593 3284  [ 7BFE59F5EFF8896D043CFDE731B262E9 ] ALCXWDM         C:\WINDOWS\system32\drivers\ALCXWDM.SYS

19:20:29.0812 3284  ALCXWDM - ok

19:20:29.0859 3284  [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter         C:\WINDOWS\system32\alrsvc.dll

19:20:30.0015 3284  Alerter - ok

19:20:30.0046 3284  [ 190CD73D4984F94D823F9444980513E5 ] ALG             C:\WINDOWS\System32\alg.exe

19:20:30.0125 3284  ALG - ok

19:20:30.0140 3284  AliIde - ok

19:20:30.0156 3284  amsint - ok

19:20:30.0296 3284  [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe

19:20:30.0312 3284  AntiVirSchedulerService - ok

19:20:30.0375 3284  [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService  C:\Programme\Avira\AntiVir Desktop\avguard.exe

19:20:30.0406 3284  AntiVirService - ok

19:20:30.0640 3284  [ 5A123AABB571AEA78AE63AF5E372F796 ] AntiVirWebService C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE

19:20:30.0750 3284  AntiVirWebService - ok

19:20:30.0765 3284  AppMgmt - ok

19:20:30.0828 3284  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys

19:20:30.0968 3284  Arp1394 - ok

19:20:30.0984 3284  asc - ok

19:20:31.0000 3284  asc3350p - ok

19:20:31.0015 3284  asc3550 - ok

19:20:31.0171 3284  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

19:20:31.0203 3284  aspnet_state - ok

19:20:31.0234 3284  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys

19:20:31.0375 3284  AsyncMac - ok

19:20:31.0421 3284  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys

19:20:31.0593 3284  atapi - ok

19:20:31.0609 3284  Atdisk - ok

19:20:31.0656 3284  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys

19:20:31.0812 3284  Atmarpc - ok

19:20:31.0859 3284  [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll

19:20:32.0015 3284  AudioSrv - ok

19:20:32.0046 3284  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys

19:20:32.0203 3284  audstub - ok

19:20:32.0265 3284  [ 87425709A251386064C99B684BF96F72 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys

19:20:32.0281 3284  avgntflt - ok

19:20:32.0375 3284  [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys

19:20:32.0390 3284  avipbb - ok

19:20:32.0437 3284  [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys

19:20:32.0468 3284  avkmgr - ok

19:20:32.0515 3284  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys

19:20:32.0687 3284  Beep - ok

19:20:32.0812 3284  [ D6F603772A789BB3228F310D650B8BD1 ] BITS            C:\WINDOWS\system32\qmgr.dll

19:20:33.0062 3284  BITS - ok

19:20:33.0125 3284  [ B71549F23736ADF83A571061C47777FD ] Browser         C:\WINDOWS\System32\browser.dll

19:20:33.0140 3284  Browser - ok

19:20:33.0187 3284  [ B279426E3C0C344893ED78A613A73BDE ] BthEnum         C:\WINDOWS\system32\DRIVERS\BthEnum.sys

19:20:33.0328 3284  BthEnum - ok

19:20:33.0359 3284  [ FCA6F069597B62D42495191ACE3FC6C1 ] BTHMODEM        C:\WINDOWS\system32\DRIVERS\bthmodem.sys

19:20:33.0531 3284  BTHMODEM - ok

19:20:33.0593 3284  [ 80602B8746D3738F5886CE3D67EF06B6 ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys

19:20:33.0765 3284  BthPan - ok

19:20:33.0875 3284  [ 592E1CEDBE314D0EF184DC6F46141E76 ] BTHPORT         C:\WINDOWS\system32\Drivers\BTHport.sys

19:20:33.0906 3284  BTHPORT - ok

19:20:33.0953 3284  [ 26C601EF7525E31379744ABFC6F35A1B ] BthServ         C:\WINDOWS\System32\bthserv.dll

19:20:34.0093 3284  BthServ - ok

19:20:34.0125 3284  [ 61364CD71EF63B0F038B7E9DF00F1EFA ] BTHUSB          C:\WINDOWS\system32\Drivers\BTHUSB.sys

19:20:34.0281 3284  BTHUSB - ok

19:20:34.0312 3284  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys

19:20:34.0468 3284  cbidf2k - ok

19:20:34.0468 3284  cd20xrnt - ok

19:20:34.0531 3284  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys

19:20:34.0671 3284  Cdaudio - ok

19:20:34.0718 3284  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys

19:20:34.0859 3284  Cdfs - ok

19:20:34.0921 3284  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys

19:20:35.0078 3284  Cdrom - ok

19:20:35.0078 3284  Changer - ok

19:20:35.0109 3284  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc           C:\WINDOWS\system32\cisvc.exe

19:20:35.0281 3284  CiSvc - ok

19:20:35.0312 3284  [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe

19:20:35.0468 3284  ClipSrv - ok

19:20:35.0531 3284  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

19:20:35.0546 3284  clr_optimization_v2.0.50727_32 - ok

19:20:35.0562 3284  CmdIde - ok

19:20:35.0578 3284  COMSysApp - ok

19:20:35.0609 3284  Cpqarray - ok

19:20:35.0656 3284  [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll

19:20:35.0812 3284  CryptSvc - ok

19:20:35.0828 3284  dac2w2k - ok

19:20:35.0843 3284  dac960nt - ok

19:20:35.0890 3284  [ B1AD007F9A7DD8CFC981958D5C167D2D ] DcCam           C:\WINDOWS\system32\DRIVERS\DcCam.sys

19:20:35.0921 3284  DcCam - ok

19:20:35.0968 3284  [ 5FD20284CAAF112201311619FF89FA44 ] DcFpoint        C:\WINDOWS\system32\DRIVERS\DcFpoint.sys

19:20:35.0984 3284  DcFpoint - ok

19:20:36.0031 3284  [ 867F7E6841B15D32481C3F1B83364E3A ] DCFS2K          C:\WINDOWS\system32\drivers\dcfs2k.sys

19:20:36.0046 3284  DCFS2K - ok

19:20:36.0078 3284  [ 1B889AC45FAF088FF2AF690779368956 ] DcLps           C:\WINDOWS\system32\DRIVERS\DcLps.sys

19:20:36.0093 3284  DcLps - ok

19:20:36.0265 3284  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll

19:20:36.0375 3284  DcomLaunch - ok

19:20:36.0421 3284  [ 47B1CCEC23AEC5AE6A2005D1A0D8ED65 ] DcPTP           C:\WINDOWS\system32\DRIVERS\DcPTP.sys

19:20:36.0453 3284  DcPTP - ok

19:20:36.0546 3284  [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll

19:20:36.0687 3284  Dhcp - ok

19:20:36.0718 3284  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys

19:20:36.0875 3284  Disk - ok

19:20:36.0890 3284  dmadmin - ok

19:20:37.0000 3284  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys

19:20:37.0328 3284  dmboot - ok

19:20:37.0390 3284  [ 53720AB12B48719D00E327DA470A619A ] dmio            C:\WINDOWS\system32\drivers\dmio.sys

19:20:37.0562 3284  dmio - ok

19:20:37.0609 3284  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys

19:20:37.0765 3284  dmload - ok

19:20:37.0796 3284  [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver        C:\WINDOWS\System32\dmserver.dll

19:20:37.0937 3284  dmserver - ok

19:20:38.0000 3284  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys

19:20:38.0140 3284  DMusic - ok

19:20:38.0203 3284  [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll

19:20:38.0234 3284  Dnscache - ok

19:20:38.0296 3284  [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll

19:20:38.0453 3284  Dot3svc - ok

19:20:38.0515 3284  [ 3E4B043F8BC6BE1D4820CC6C9C500306 ] dot4            C:\WINDOWS\system32\DRIVERS\Dot4.sys

19:20:38.0703 3284  dot4 - ok

19:20:38.0734 3284  [ 77CE63A8A34AE23D9FE4C7896D1DEBE7 ] Dot4Print       C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys

19:20:38.0890 3284  Dot4Print - ok

19:20:38.0921 3284  [ BD05306428DA63369692477DDC0F6F5F ] Dot4Scan        C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys

19:20:39.0078 3284  Dot4Scan - ok

19:20:39.0109 3284  [ 29E86AF2F3457D0441348020FE3CFBD0 ] dot4usb         C:\WINDOWS\system32\DRIVERS\dot4usb.sys

19:20:39.0296 3284  dot4usb - ok

19:20:39.0312 3284  dpti2o - ok

19:20:39.0343 3284  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys

19:20:39.0500 3284  drmkaud - ok

19:20:39.0546 3284  [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost         C:\WINDOWS\System32\eapsvc.dll

19:20:39.0703 3284  EapHost - ok

19:20:39.0734 3284  [ 877C18558D70587AA7823A1A308AC96B ] ERSvc           C:\WINDOWS\System32\ersvc.dll

19:20:39.0890 3284  ERSvc - ok

19:20:39.0953 3284  [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog        C:\WINDOWS\system32\services.exe

19:20:39.0984 3284  Eventlog - ok

19:20:40.0093 3284  [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem     C:\WINDOWS\system32\es.dll

19:20:40.0125 3284  EventSystem - ok

19:20:40.0187 3284  [ 20FF28FB3B268E7C76B10841A9F81BA4 ] Exportit        C:\WINDOWS\system32\DRIVERS\exportit.sys

19:20:40.0218 3284  Exportit - ok

19:20:40.0281 3284  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys

19:20:40.0421 3284  Fastfat - ok

19:20:40.0500 3284  [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

19:20:40.0562 3284  FastUserSwitchingCompatibility - ok

19:20:40.0593 3284  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys

19:20:40.0750 3284  Fdc - ok

19:20:40.0781 3284  [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys

19:20:40.0937 3284  Fips - ok

19:20:40.0953 3284  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys

19:20:41.0109 3284  Flpydisk - ok

19:20:41.0171 3284  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys

19:20:41.0343 3284  FltMgr - ok

19:20:41.0406 3284  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

19:20:41.0421 3284  FontCache3.0.0.0 - ok

19:20:41.0453 3284  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys

19:20:41.0609 3284  Fs_Rec - ok

19:20:41.0656 3284  [ 8F1955CE42E1484714B542F341647778 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys

19:20:41.0812 3284  Ftdisk - ok

19:20:41.0843 3284  [ 065639773D8B03F33577F6CDAEA21063 ] gameenum        C:\WINDOWS\system32\DRIVERS\gameenum.sys

19:20:41.0984 3284  gameenum - ok

19:20:42.0031 3284  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys

19:20:42.0171 3284  Gpc - ok

19:20:42.0296 3284  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Programme\Google\Update\GoogleUpdate.exe

19:20:42.0328 3284  gupdate - ok

19:20:42.0375 3284  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Programme\Google\Update\GoogleUpdate.exe

19:20:42.0390 3284  gupdatem - ok

19:20:42.0468 3284  [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

19:20:42.0640 3284  helpsvc - ok

19:20:42.0640 3284  HidServ - ok

19:20:42.0687 3284  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys

19:20:42.0843 3284  HidUsb - ok

19:20:42.0890 3284  [ ED29F14101523A6E0E808107405D452C ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll

19:20:43.0046 3284  hkmsvc - ok

19:20:43.0046 3284  hpn - ok

19:20:43.0171 3284  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys

19:20:43.0203 3284  HTTP - ok

19:20:43.0234 3284  [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll

19:20:43.0390 3284  HTTPFilter - ok

19:20:43.0406 3284  i2omgmt - ok

19:20:43.0421 3284  i2omp - ok

19:20:43.0484 3284  [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys

19:20:43.0656 3284  i8042prt - ok

19:20:44.0046 3284  [ BE4D946B5D8745DD7CD4CA9CA04F4989 ] IBUpdaterService C:\WINDOWS\system32\dmwu.exe

19:20:44.0328 3284  IBUpdaterService - ok

19:20:44.0656 3284  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

19:20:44.0937 3284  idsvc - ok

19:20:44.0984 3284  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys

19:20:45.0125 3284  Imapi - ok

19:20:45.0218 3284  [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService    C:\WINDOWS\system32\imapi.exe

19:20:45.0375 3284  ImapiService - ok

19:20:45.0390 3284  ini910u - ok

19:20:45.0406 3284  IntelIde - ok

19:20:45.0453 3284  [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys

19:20:45.0640 3284  intelppm - ok

19:20:45.0671 3284  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys

19:20:45.0828 3284  Ip6Fw - ok

19:20:45.0875 3284  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

19:20:46.0031 3284  IpFilterDriver - ok

19:20:46.0078 3284  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys

19:20:46.0234 3284  IpInIp - ok

19:20:46.0296 3284  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys

19:20:46.0453 3284  IpNat - ok

19:20:46.0484 3284  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys

19:20:46.0671 3284  IPSec - ok

19:20:46.0687 3284  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys

19:20:46.0765 3284  IRENUM - ok

19:20:46.0828 3284  [ 6DFB88F64135C525433E87648BDA30DE ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys

19:20:46.0984 3284  isapnp - ok

19:20:47.0125 3284  [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe

19:20:47.0140 3284  JavaQuickStarterService - ok

19:20:47.0171 3284  [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys

19:20:47.0328 3284  Kbdclass - ok

19:20:47.0406 3284  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys

19:20:47.0593 3284  kmixer - ok

19:20:47.0718 3284  [ 4E1060D2F3B745931CF83B3649BE8A57 ] KodakCCS        C:\WINDOWS\system32\drivers\KodakCCS.exe

19:20:47.0734 3284  KodakCCS - ok

19:20:47.0796 3284  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys

19:20:47.0812 3284  KSecDD - ok

19:20:47.0890 3284  [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll

19:20:47.0906 3284  lanmanserver - ok

19:20:47.0984 3284  [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

19:20:48.0015 3284  lanmanworkstation - ok

19:20:48.0031 3284  lbrtfdc - ok

19:20:48.0093 3284  [ 636714B7D43C8D0C80449123FD266920 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll

19:20:48.0250 3284  LmHosts - ok

19:20:48.0296 3284  [ B7550A7107281D170CE85524B1488C98 ] Messenger       C:\WINDOWS\System32\msgsvc.dll

19:20:48.0453 3284  Messenger - ok

19:20:48.0484 3284  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys

19:20:48.0640 3284  mnmdd - ok

19:20:48.0687 3284  [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe

19:20:48.0875 3284  mnmsrvc - ok

19:20:48.0906 3284  [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys

19:20:49.0046 3284  Modem - ok

19:20:49.0078 3284  [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys

19:20:49.0265 3284  Mouclass - ok

19:20:49.0281 3284  [ 66A6F73C74E1791464160A7065CE711A ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys

19:20:49.0437 3284  mouhid - ok

19:20:49.0484 3284  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys

19:20:49.0656 3284  MountMgr - ok

19:20:49.0671 3284  mraid35x - ok

19:20:49.0750 3284  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys

19:20:49.0906 3284  MRxDAV - ok

19:20:50.0093 3284  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

19:20:50.0203 3284  MRxSmb - ok

19:20:50.0234 3284  [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC           C:\WINDOWS\system32\msdtc.exe

19:20:50.0390 3284  MSDTC - ok

19:20:50.0437 3284  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys

19:20:50.0593 3284  Msfs - ok

19:20:50.0609 3284  MSIServer - ok

19:20:50.0625 3284  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys

19:20:50.0781 3284  MSKSSRV - ok

19:20:50.0796 3284  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys

19:20:50.0953 3284  MSPCLOCK - ok

19:20:50.0968 3284  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys

19:20:51.0109 3284  MSPQM - ok

19:20:51.0156 3284  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys

19:20:51.0296 3284  mssmbios - ok

19:20:51.0343 3284  [ CA3E22598F411199ADC2DFEE76CD0AE0 ] ms_mpu401       C:\WINDOWS\system32\drivers\msmpu401.sys

19:20:51.0500 3284  ms_mpu401 - ok

19:20:51.0578 3284  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys

19:20:51.0609 3284  Mup - ok

19:20:51.0703 3284  [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent        C:\WINDOWS\System32\qagentrt.dll

19:20:51.0859 3284  napagent - ok

19:20:51.0937 3284  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys

19:20:52.0109 3284  NDIS - ok

19:20:52.0156 3284  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys

19:20:52.0171 3284  NdisTapi - ok

19:20:52.0203 3284  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys

19:20:52.0359 3284  Ndisuio - ok

19:20:52.0421 3284  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys

19:20:52.0609 3284  NdisWan - ok

19:20:52.0656 3284  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys

19:20:52.0671 3284  NDProxy - ok

19:20:52.0703 3284  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys

19:20:52.0859 3284  NetBIOS - ok

19:20:52.0921 3284  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys

19:20:53.0078 3284  NetBT - ok

19:20:53.0156 3284  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE          C:\WINDOWS\system32\netdde.exe

19:20:53.0312 3284  NetDDE - ok

19:20:53.0343 3284  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe

19:20:53.0515 3284  NetDDEdsdm - ok

19:20:53.0546 3284  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon        C:\WINDOWS\system32\lsass.exe

19:20:53.0687 3284  Netlogon - ok

19:20:53.0812 3284  [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman          C:\WINDOWS\System32\netman.dll

19:20:53.0968 3284  Netman - ok

19:20:54.0046 3284  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

19:20:54.0062 3284  NetTcpPortSharing - ok

19:20:54.0125 3284  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys

19:20:54.0281 3284  NIC1394 - ok

19:20:54.0390 3284  [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla             C:\WINDOWS\System32\mswsock.dll

19:20:54.0421 3284  Nla - ok

19:20:54.0453 3284  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys

19:20:54.0625 3284  Npfs - ok

19:20:54.0796 3284  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys

19:20:55.0046 3284  Ntfs - ok

19:20:55.0062 3284  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe

19:20:55.0218 3284  NtLmSsp - ok

19:20:55.0359 3284  [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll

19:20:55.0625 3284  NtmsSvc - ok

19:20:55.0640 3284  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys

19:20:55.0781 3284  Null - ok

19:20:56.0406 3284  [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

19:20:57.0078 3284  nv - ok

19:20:57.0125 3284  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

19:20:57.0281 3284  NwlnkFlt - ok

19:20:57.0328 3284  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

19:20:57.0484 3284  NwlnkFwd - ok

19:20:57.0531 3284  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys

19:20:57.0703 3284  ohci1394 - ok

19:20:57.0750 3284  [ F84785660305B9B903FB3BCA8BA29837 ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys

19:20:57.0906 3284  Parport - ok

19:20:57.0937 3284  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys

19:20:58.0093 3284  PartMgr - ok

19:20:58.0140 3284  [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys

19:20:58.0296 3284  ParVdm - ok

19:20:58.0343 3284  [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys

19:20:58.0500 3284  PCI - ok

19:20:58.0500 3284  PCIDump - ok

19:20:58.0593 3284  [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys

19:20:58.0781 3284  PCIIde - ok

19:20:58.0828 3284  [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys

19:20:58.0984 3284  Pcmcia - ok

19:20:59.0000 3284  PDCOMP - ok

19:20:59.0015 3284  PDFRAME - ok

19:20:59.0031 3284  PDRELI - ok

19:20:59.0046 3284  PDRFRAME - ok

19:20:59.0062 3284  perc2 - ok

19:20:59.0078 3284  perc2hib - ok

19:20:59.0156 3284  [ C4AA89518E8A2934EAF503C9587FF157 ] pfc             C:\WINDOWS\system32\drivers\pfc.sys

19:20:59.0156 3284  pfc ( UnsignedFile.Multi.Generic ) - warning

19:20:59.0156 3284  pfc - detected UnsignedFile.Multi.Generic (1)

19:20:59.0218 3284  [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay        C:\WINDOWS\system32\services.exe

19:20:59.0281 3284  PlugPlay - ok

19:20:59.0296 3284  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe

19:20:59.0453 3284  PolicyAgent - ok

19:20:59.0515 3284  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys

19:20:59.0687 3284  PptpMiniport - ok

19:20:59.0718 3284  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

19:20:59.0859 3284  ProtectedStorage - ok

19:20:59.0921 3284  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys

19:21:00.0062 3284  PSched - ok

19:21:00.0093 3284  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys

19:21:00.0250 3284  Ptilink - ok

19:21:00.0296 3284  [ B572ED0C3E6165643FA116AF20425A54 ] PxHelp20        C:\WINDOWS\system32\DRIVERS\PxHelp20.sys

19:21:00.0296 3284  PxHelp20 ( UnsignedFile.Multi.Generic ) - warning

19:21:00.0296 3284  PxHelp20 - detected UnsignedFile.Multi.Generic (1)

19:21:00.0312 3284  ql1080 - ok

19:21:00.0328 3284  Ql10wnt - ok

19:21:00.0343 3284  ql12160 - ok

19:21:00.0359 3284  ql1240 - ok

19:21:00.0375 3284  ql1280 - ok

19:21:00.0406 3284  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys

19:21:00.0562 3284  RasAcd - ok

19:21:00.0609 3284  [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto         C:\WINDOWS\System32\rasauto.dll

19:21:00.0765 3284  RasAuto - ok

19:21:00.0812 3284  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

19:21:00.0953 3284  Rasl2tp - ok

19:21:01.0062 3284  [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan          C:\WINDOWS\System32\rasmans.dll

19:21:01.0218 3284  RasMan - ok

19:21:01.0250 3284  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys

19:21:01.0406 3284  RasPppoe - ok

19:21:01.0437 3284  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys

19:21:01.0593 3284  Raspti - ok

19:21:01.0656 3284  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys

19:21:01.0828 3284  Rdbss - ok

19:21:01.0843 3284  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

19:21:02.0000 3284  RDPCDD - ok

19:21:02.0093 3284  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys

19:21:02.0109 3284  RDPWD - ok

19:21:02.0171 3284  [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe

19:21:02.0343 3284  RDSessMgr - ok

19:21:02.0390 3284  [ ED761D453856F795A7FE056E42C36365 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys

19:21:02.0578 3284  redbook - ok

19:21:02.0625 3284  [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll

19:21:02.0781 3284  RemoteAccess - ok

19:21:02.0828 3284  [ 851C30DF2807FCFA21E4C681A7D6440E ] RFCOMM          C:\WINDOWS\system32\DRIVERS\rfcomm.sys

19:21:02.0984 3284  RFCOMM - ok

19:21:03.0031 3284  [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator      C:\WINDOWS\system32\locator.exe

19:21:03.0187 3284  RpcLocator - ok

19:21:03.0343 3284  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs           C:\WINDOWS\system32\rpcss.dll

19:21:03.0453 3284  RpcSs - ok

19:21:03.0531 3284  [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP            C:\WINDOWS\system32\rsvp.exe

19:21:03.0703 3284  RSVP - ok

19:21:03.0765 3284  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs           C:\WINDOWS\system32\lsass.exe

19:21:03.0921 3284  SamSs - ok

19:21:03.0968 3284  [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe

19:21:04.0125 3284  SCardSvr - ok

19:21:04.0218 3284  [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule        C:\WINDOWS\system32\schedsvc.dll

19:21:04.0390 3284  Schedule - ok

19:21:04.0437 3284  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys

19:21:04.0515 3284  Secdrv - ok

19:21:04.0578 3284  [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon        C:\WINDOWS\System32\seclogon.dll

19:21:04.0734 3284  seclogon - ok

19:21:04.0781 3284  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS            C:\WINDOWS\system32\sens.dll

19:21:04.0921 3284  SENS - ok

19:21:04.0937 3284  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys

19:21:05.0093 3284  serenum - ok

19:21:05.0140 3284  [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys

19:21:05.0296 3284  Serial - ok

19:21:05.0359 3284  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys

19:21:05.0515 3284  Sfloppy - ok

19:21:05.0671 3284  [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll

19:21:05.0906 3284  SharedAccess - ok

19:21:05.0968 3284  [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

19:21:06.0000 3284  ShellHWDetection - ok

19:21:06.0015 3284  Simbad - ok

19:21:06.0062 3284  [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp          C:\WINDOWS\system32\DRIVERS\sisagp.sys

19:21:06.0218 3284  sisagp - ok

19:21:06.0265 3284  [ 3FBB6EF8B5A71A2FA11F5F461BB73219 ] SISNIC          C:\WINDOWS\system32\DRIVERS\sisnic.sys

19:21:06.0421 3284  SISNIC - ok

19:21:06.0437 3284  Sparrow - ok

19:21:06.0468 3284  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys

19:21:06.0625 3284  splitter - ok

19:21:06.0687 3284  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe

19:21:06.0703 3284  Spooler - ok

19:21:06.0750 3284  [ 50FA898F8C032796D3B1B9951BB5A90F ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys

19:21:06.0828 3284  sr - ok

19:21:06.0921 3284  [ FE77A85495065F3AD59C5C65B6C54182 ] srservice       C:\WINDOWS\system32\srsvc.dll

19:21:07.0000 3284  srservice - ok

19:21:07.0140 3284  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys

19:21:07.0250 3284  Srv - ok

19:21:07.0312 3284  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll

19:21:07.0390 3284  SSDPSRV - ok

19:21:07.0453 3284  [ 5FFB52404158ABC5D9FF4081BCD67033 ] SSHDRV62        C:\WINDOWS\system32\drivers\SSHDRV62.sys

19:21:07.0468 3284  SSHDRV62 ( UnsignedFile.Multi.Generic ) - warning

19:21:07.0468 3284  SSHDRV62 - detected UnsignedFile.Multi.Generic (1)

19:21:07.0515 3284  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\WINDOWS\system32\DRIVERS\ssmdrv.sys

19:21:07.0531 3284  ssmdrv - ok

19:21:07.0687 3284  [ BC2C5985611C5356B24AEB370953DED9 ] stisvc          C:\WINDOWS\system32\wiaservc.dll

19:21:07.0921 3284  stisvc - ok

19:21:07.0968 3284  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys

19:21:08.0125 3284  swenum - ok

19:21:08.0156 3284  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys

19:21:08.0312 3284  swmidi - ok

19:21:08.0328 3284  SwPrv - ok

19:21:08.0343 3284  symc810 - ok

19:21:08.0359 3284  symc8xx - ok

19:21:08.0375 3284  sym_hi - ok

19:21:08.0390 3284  sym_u3 - ok

19:21:08.0453 3284  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys

19:21:08.0625 3284  sysaudio - ok

19:21:08.0671 3284  [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe

19:21:08.0859 3284  SysmonLog - ok

19:21:08.0953 3284  [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll

19:21:09.0125 3284  TapiSrv - ok

19:21:09.0265 3284  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys

19:21:09.0406 3284  Tcpip - ok

19:21:09.0515 3284  [ 4E53BBCC4BE37D7A4BD6EF1098C89FF7 ] Tcpip6          C:\WINDOWS\system32\DRIVERS\tcpip6.sys

19:21:09.0562 3284  Tcpip6 - ok

19:21:09.0593 3284  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys

19:21:09.0765 3284  TDPIPE - ok

19:21:09.0781 3284  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys

19:21:09.0937 3284  TDTCP - ok

19:21:09.0984 3284  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys

19:21:10.0140 3284  TermDD - ok

19:21:10.0265 3284  [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService     C:\WINDOWS\System32\termsrv.dll

19:21:10.0437 3284  TermService - ok

19:21:10.0500 3284  [ 2DB7D303C36DDD055215052F118E8E75 ] Themes          C:\WINDOWS\System32\shsvcs.dll

19:21:10.0531 3284  Themes - ok

19:21:10.0546 3284  TosIde - ok

19:21:10.0625 3284  [ 626504572B175867F30F3215C04B3E2F ] TrkWks          C:\WINDOWS\system32\trkwks.dll

19:21:10.0765 3284  TrkWks - ok

19:21:10.0812 3284  [ 8F861EDA21C05857EB8197300A92501C ] tunmp           C:\WINDOWS\system32\DRIVERS\tunmp.sys

19:21:10.0984 3284  tunmp - ok

19:21:11.0031 3284  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys

19:21:11.0187 3284  Udfs - ok

19:21:11.0203 3284  ultra - ok

19:21:11.0359 3284  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys

19:21:11.0625 3284  Update - ok

19:21:11.0718 3284  [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost        C:\WINDOWS\System32\upnphost.dll

19:21:11.0796 3284  upnphost - ok

19:21:11.0843 3284  [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS             C:\WINDOWS\System32\ups.exe

19:21:12.0015 3284  UPS - ok

19:21:12.0062 3284  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys

19:21:12.0218 3284  usbehci - ok

19:21:12.0281 3284  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys

19:21:12.0437 3284  usbhub - ok

19:21:12.0453 3284  [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys

19:21:12.0609 3284  usbohci - ok

19:21:12.0640 3284  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

19:21:12.0781 3284  USBSTOR - ok

19:21:12.0843 3284  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys

19:21:13.0000 3284  VgaSave - ok

19:21:13.0015 3284  ViaIde - ok

19:21:13.0046 3284  [ A5A712F4E880874A477AF790B5186E1D ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys

19:21:13.0203 3284  VolSnap - ok

19:21:13.0296 3284  [ 68F106273BE29E7B7EF8266977268E78 ] VSS             C:\WINDOWS\System32\vssvc.exe

19:21:13.0390 3284  VSS - ok

19:21:13.0484 3284  [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time         C:\WINDOWS\system32\w32time.dll

19:21:13.0656 3284  W32Time - ok

19:21:13.0718 3284  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys

19:21:13.0906 3284  Wanarp - ok

19:21:13.0906 3284  WDICA - ok

19:21:13.0984 3284  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys

19:21:14.0125 3284  wdmaud - ok

19:21:14.0171 3284  [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient       C:\WINDOWS\System32\webclnt.dll

19:21:14.0328 3284  WebClient - ok

19:21:14.0453 3284  [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll

19:21:14.0640 3284  winmgmt - ok

19:21:14.0687 3284  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll

19:21:14.0703 3284  WmdmPmSN - ok

19:21:14.0781 3284  [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe

19:21:14.0937 3284  WmiApSrv - ok

19:21:15.0187 3284  [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc   C:\Programme\Windows Media Player\WMPNetwk.exe

19:21:15.0468 3284  WMPNetworkSvc - ok

19:21:15.0531 3284  [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc          C:\WINDOWS\system32\wscsvc.dll

19:21:15.0687 3284  wscsvc - ok

19:21:15.0734 3284  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll

19:21:15.0890 3284  wuauserv - ok

19:21:15.0937 3284  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys

19:21:15.0968 3284  WudfPf - ok

19:21:16.0015 3284  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys

19:21:16.0046 3284  WudfRd - ok

19:21:16.0062 3284  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll

19:21:16.0093 3284  WudfSvc - ok

19:21:16.0281 3284  [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll

19:21:16.0531 3284  WZCSVC - ok

19:21:16.0609 3284  [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll

19:21:16.0765 3284  xmlprov - ok

19:21:16.0828 3284  ================ Scan global ===============================

19:21:16.0875 3284  [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll

19:21:17.0000 3284  [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll

19:21:17.0125 3284  [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll

19:21:17.0171 3284  [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe

19:21:17.0187 3284  [Global] - ok

19:21:17.0187 3284  ================ Scan MBR ==================================

19:21:17.0218 3284  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0

19:21:17.0703 3284  \Device\Harddisk0\DR0 - ok

19:21:17.0703 3284  ================ Scan VBR ==================================

19:21:17.0734 3284  [ AD0D9DED0D52821FBB8F3A5B99AEE9F4 ] \Device\Harddisk0\DR0\Partition1

19:21:17.0734 3284  \Device\Harddisk0\DR0\Partition1 - ok

19:21:17.0765 3284  [ 5546AFAB2D47C5BA5F8E4311C325B3D9 ] \Device\Harddisk0\DR0\Partition2

19:21:17.0765 3284  \Device\Harddisk0\DR0\Partition2 - ok

19:21:17.0781 3284  ============================================================

19:21:17.0781 3284  Scan finished

19:21:17.0781 3284  ============================================================

19:21:17.0796 3408  Detected object count: 3

19:21:17.0796 3408  Actual detected object count: 3

19:21:39.0203 3408  pfc ( UnsignedFile.Multi.Generic ) - skipped by user

19:21:39.0203 3408  pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip 

19:21:39.0218 3408  PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user

19:21:39.0218 3408  PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

19:21:39.0218 3408  SSHDRV62 ( UnsignedFile.Multi.Generic ) - skipped by user

19:21:39.0218 3408  SSHDRV62 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

19:21:52.0656 2872  Deinitialize success

MBAR (Malwarebytes Anti-Rootkit) und TDSS-Killer habe ich heruntergeladen und wie in den Anweisungen ausgeführt. Logs sind gepostet.

Große Schwierigkeiten bereitet mir der Download von aswMBR (egal von welcher Internetseite), da dies immer mit der Meldung "Das Zeitlimit für den Download wurde erreicht" endet.

aswMBR bitte nochmal ausprobieren
Du hast das falsche Log von MBAR gepostet

Mal eine kleine Zusammenfassung der Ereignisse:

Der Ordner Anwendungsdaten in dem sich der PC Performer Manager befindet existiert nicht mehr.

MBAR erstellt keinen Log Ordner, so wie in der Einleitung beschrieben, deshalb auch der falsche Post.
Update zur neusten Version ist nicht möglich.

AswMBR kann ich wie bereits beschrieben nicht herunterladen.

Ich habe mir beim herunterladen der Virenprogramme einiges eingefangen
(u.a. Delta Search ???).
Siehe aktueller Log von MABM.

Im Hintergrund öffnen sich ständig irgendwelche Downloadmanager.

Spybot Search and Destroy läuft gerade und findet:

11 Einträge Sweet IM (AdwareC),
5 Einträge Babylon Toolbar (Adware),
1 Eintrag Fraud.Foxit.daws. TrojansC-03
1 Eintrag Right Media (Browser)
1 Eintrag Smoto.BetterInstaller TrojansC-05

:killpc:

Code:

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org
 

Datenbank Version: v2013.04.20.03
 

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

xxxxxx :: D63E0FC3CE2B498 [Administrator]
 

20.04.2013 13:29:47

MBAM-log-2013-04-20 (16-53-35).txt
 

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)

Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM

Deaktivierte Suchlaufeinstellungen: P2P

Durchsuchte Objekte: 250411

Laufzeit: 3 Stunde(n), 19 Minute(n), 57 Sekunde(n)
 

Infizierte Speicherprozesse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien: 6

C:\Dokumente und Einstellungen\xxxxxx\Lokale Einstellungen\Temp\pricepeep_130001_1001.exe (Adware.Shopper) -> Keine Aktion durchgeführt.

C:\System Volume Information\_restore{01088E30-F386-4706-8EE0-6146068E81DD}\RP186\A0045121.exe (Adware.Shopper) -> Keine Aktion durchgeführt.

D:\Driver\USB 2.0\VIA\USB20_VIA_Package.zip (Spyware.Zbot) -> Keine Aktion durchgeführt.

D:\Driver\USB 2.0\VIA\_ISDel.exe (Spyware.Zbot) -> Keine Aktion durchgeführt.

D:\Tools\Power Cinema\MShow\_ISDel.exe (Spyware.Zbot) -> Keine Aktion durchgeführt.

D:\Tools\Power Cinema\VLM\_ISDel.exe (Spyware.Zbot) -> Keine Aktion durchgeführt.
 

(Ende)

Zitat:

MBAR erstellt keinen Log Ordner, so wie in der Einleitung beschrieben,

Bitte die Anleitungen genauer lesen:

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Tut mir Leid, da ist im erstellten Ordner (mbar) keine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) , sondern nur System-Log Textdokumment.

Sry aber das ist Quatsch. MBAR legt da immer sein Logfile ab. Bitte sieh genauer nach. Ggf. Anleitung nochmal genau lesen und auch genau so umsetzen

Ich habe aswMBR, MBAR (Malwarebytes Anti-Rootkit), TDSS - Killer und MBAM noch einmal neu installiert und die Scans durchgeführt. Die aktuellen Logs sind gepostet.

aswMBR

Code:

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software

Run date: 2013-04-27 18:19:11

-----------------------------

18:19:11.843    OS Version: Windows 5.1.2600 Service Pack 3

18:19:11.843    Number of processors: 1 586 0x207

18:19:11.843    ComputerName: D63E0FC3CE2B498  UserName: xxxxxxx

18:19:13.421    Initialize success

18:25:48.375    AVAST engine defs: 13042700

18:29:53.875    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3

18:29:53.875    Disk 0 Vendor: ST380022A 3.30 Size: 76319MB BusType: 3

18:29:54.031    Disk 0 MBR read successfully

18:29:54.031    Disk 0 MBR scan

18:29:54.109    Disk 0 Windows XP default MBR code

18:29:54.125    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS        38005 MB offset 63

18:29:54.125    Disk 0 Partition - 00     0F Extended LBA             38303 MB offset 77834925

18:29:55.187    Disk 0 scanning sectors +156280320

18:29:55.421    Disk 0 scanning C:\WINDOWS\system32\drivers

18:30:22.640    Service scanning

18:31:04.546    Modules scanning

18:31:29.437    Disk 0 trace - called modules:

18:31:29.453    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys 

18:31:29.453    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89bcaab8]

18:31:29.453    3 CLASSPNP.SYS[f7657fd7] -> nt!IofCallDriver -> \Device\0000005a[0x89b6ae98]

18:31:29.453    5 ACPI.sys[f75ad620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x89bbf940]

18:31:30.328    AVAST engine scan C:\WINDOWS

18:31:36.328    AVAST engine scan C:\WINDOWS\system32

18:37:43.515    AVAST engine scan C:\WINDOWS\system32\drivers

18:38:16.171    AVAST engine scan C:\Dokumente und Einstellungen\xxxxxx

18:46:07.281    AVAST engine scan C:\Dokumente und Einstellungen\All Users

18:47:04.859    Scan finished successfully

18:49:24.781    Disk 0 MBR has been saved successfully to "C:\Dokumente und Einstellungen\xxxxxx\Eigene Dateien\Downloads\Sonstiges\MBR.dat"

18:49:24.781    The log file has been saved successfully to "C:\Dokumente und Einstellungen\xxxxxx\Eigene Dateien\Downloads\Sonstiges\aswMBR.txt"

MBAR (Malwarebytes Anti-Rootkit)

Code:

Malwarebytes Anti-Rootkit BETA 1.05.0.1001

www.malwarebytes.org
 

Database version: v2013.04.26.06
 

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

xxxxxx :: D63E0FC3CE2B498 [administrator]
 

26.04.2013 19:49:09

mbar-log-2013-04-26 (19-49-09).txt
 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P

Scan options disabled: 

Objects scanned: 25247

Time elapsed: 36 minute(s), 12 second(s)
 

Memory Processes Detected: 0

(No malicious items detected)
 

Memory Modules Detected: 0

(No malicious items detected)
 

Registry Keys Detected: 0

(No malicious items detected)
 

Registry Values Detected: 0

(No malicious items detected)
 

Registry Data Items Detected: 0

(No malicious items detected)
 

Folders Detected: 0

(No malicious items detected)
 

Files Detected: 0

(No malicious items detected)
 

(end)

TDSS-Killer

Code:

19:53:34.0281 1432  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

19:53:34.0781 1432  ============================================================

19:53:34.0781 1432  Current date / time: 2013/04/26 19:53:34.0781

19:53:34.0781 1432  SystemInfo:

19:53:34.0781 1432  

19:53:34.0781 1432  OS Version: 5.1.2600 ServicePack: 3.0

19:53:34.0781 1432  Product type: Workstation

19:53:34.0781 1432  ComputerName: D63E0FC3CE2B498

19:53:34.0781 1432  UserName: xxxxxx

19:53:34.0781 1432  Windows directory: C:\WINDOWS

19:53:34.0781 1432  System windows directory: C:\WINDOWS

19:53:34.0781 1432  Processor architecture: Intel x86

19:53:34.0781 1432  Number of processors: 1

19:53:34.0781 1432  Page size: 0x1000

19:53:34.0781 1432  Boot type: Normal boot

19:53:34.0781 1432  ============================================================

19:53:36.0578 1432  Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

19:53:36.0578 1432  ============================================================

19:53:36.0578 1432  \Device\Harddisk0\DR0:

19:53:36.0578 1432  MBR partitions:

19:53:36.0578 1432  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A3AA6E

19:53:36.0593 1432  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x4A3AAEC, BlocksNum 0x4ACFB14

19:53:36.0593 1432  ============================================================

19:53:36.0625 1432  C: <-> \Device\Harddisk0\DR0\Partition1

19:53:36.0687 1432  D: <-> \Device\Harddisk0\DR0\Partition2

19:53:36.0687 1432  ============================================================

19:53:36.0687 1432  Initialize success

19:53:36.0687 1432  ============================================================

19:53:42.0703 3420  ============================================================

19:53:42.0703 3420  Scan started

19:53:42.0703 3420  Mode: Manual; SigCheck; TDLFS; 

19:53:42.0703 3420  ============================================================

19:53:44.0921 3420  ================ Scan system memory ========================

19:53:44.0921 3420  System memory - ok

19:53:44.0937 3420  ================ Scan services =============================

19:53:45.0234 3420  [ D5A6658CBFBBF9A0F8827E83C9FDE806 ] 6to4            C:\WINDOWS\System32\6to4svc.dll

19:53:47.0250 3420  6to4 - ok

19:53:47.0281 3420  Abiosdsk - ok

19:53:47.0296 3420  abp480n5 - ok

19:53:47.0390 3420  [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys

19:53:50.0703 3420  ACPI - ok

19:53:50.0734 3420  [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys

19:53:50.0937 3420  ACPIEC - ok

19:53:50.0937 3420  adpu160m - ok

19:53:51.0015 3420  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys

19:53:51.0203 3420  aec - ok

19:53:51.0296 3420  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys

19:53:51.0421 3420  AFD - ok

19:53:51.0437 3420  Aha154x - ok

19:53:51.0453 3420  aic78u2 - ok

19:53:51.0468 3420  aic78xx - ok

19:53:51.0703 3420  [ 7BFE59F5EFF8896D043CFDE731B262E9 ] ALCXWDM         C:\WINDOWS\system32\drivers\ALCXWDM.SYS

19:53:52.0000 3420  ALCXWDM - ok

19:53:52.0031 3420  [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter         C:\WINDOWS\system32\alrsvc.dll

19:53:52.0250 3420  Alerter - ok

19:53:52.0296 3420  [ 190CD73D4984F94D823F9444980513E5 ] ALG             C:\WINDOWS\System32\alg.exe

19:53:52.0421 3420  ALG - ok

19:53:52.0421 3420  AliIde - ok

19:53:52.0437 3420  amsint - ok

19:53:52.0593 3420  [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe

19:53:52.0640 3420  AntiVirSchedulerService - ok

19:53:52.0703 3420  [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService  C:\Programme\Avira\AntiVir Desktop\avguard.exe

19:53:52.0750 3420  AntiVirService - ok

19:53:52.0968 3420  [ 5A123AABB571AEA78AE63AF5E372F796 ] AntiVirWebService C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE

19:53:53.0281 3420  AntiVirWebService - ok

19:53:53.0296 3420  AppMgmt - ok

19:53:53.0359 3420  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys

19:53:53.0562 3420  Arp1394 - ok

19:53:53.0578 3420  asc - ok

19:53:53.0593 3420  asc3350p - ok

19:53:53.0609 3420  asc3550 - ok

19:53:53.0750 3420  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

19:53:53.0765 3420  aspnet_state - ok

19:53:53.0796 3420  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys

19:53:53.0984 3420  AsyncMac - ok

19:53:54.0046 3420  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys

19:53:54.0234 3420  atapi - ok

19:53:54.0250 3420  Atdisk - ok

19:53:54.0296 3420  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys

19:53:54.0515 3420  Atmarpc - ok

19:53:54.0578 3420  [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll

19:53:54.0812 3420  AudioSrv - ok

19:53:54.0843 3420  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys

19:53:55.0031 3420  audstub - ok

19:53:55.0093 3420  [ 87425709A251386064C99B684BF96F72 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys

19:53:55.0140 3420  avgntflt - ok

19:53:55.0218 3420  [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys

19:53:55.0234 3420  avipbb - ok

19:53:55.0281 3420  [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys

19:53:55.0296 3420  avkmgr - ok

19:53:55.0343 3420  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys

19:53:55.0546 3420  Beep - ok

19:53:55.0671 3420  [ D6F603772A789BB3228F310D650B8BD1 ] BITS            C:\WINDOWS\system32\qmgr.dll

19:53:55.0937 3420  BITS - ok

19:53:56.0000 3420  [ B71549F23736ADF83A571061C47777FD ] Browser         C:\WINDOWS\System32\browser.dll

19:53:56.0140 3420  Browser - ok

19:53:56.0171 3420  [ B279426E3C0C344893ED78A613A73BDE ] BthEnum         C:\WINDOWS\system32\DRIVERS\BthEnum.sys

19:53:56.0390 3420  BthEnum - ok

19:53:56.0421 3420  [ FCA6F069597B62D42495191ACE3FC6C1 ] BTHMODEM        C:\WINDOWS\system32\DRIVERS\bthmodem.sys

19:53:56.0625 3420  BTHMODEM - ok

19:53:56.0703 3420  [ 80602B8746D3738F5886CE3D67EF06B6 ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys

19:53:56.0906 3420  BthPan - ok

19:53:57.0031 3420  [ 592E1CEDBE314D0EF184DC6F46141E76 ] BTHPORT         C:\WINDOWS\system32\Drivers\BTHport.sys

19:53:57.0109 3420  BTHPORT - ok

19:53:57.0140 3420  [ 26C601EF7525E31379744ABFC6F35A1B ] BthServ         C:\WINDOWS\System32\bthserv.dll

19:53:57.0375 3420  BthServ - ok

19:53:57.0406 3420  [ 61364CD71EF63B0F038B7E9DF00F1EFA ] BTHUSB          C:\WINDOWS\system32\Drivers\BTHUSB.sys

19:53:57.0593 3420  BTHUSB - ok

19:53:57.0640 3420  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys

19:53:57.0843 3420  cbidf2k - ok

19:53:57.0843 3420  cd20xrnt - ok

19:53:57.0890 3420  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys

19:53:58.0093 3420  Cdaudio - ok

19:53:58.0140 3420  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys

19:53:58.0421 3420  Cdfs - ok

19:53:58.0468 3420  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys

19:53:58.0687 3420  Cdrom - ok

19:53:58.0687 3420  Changer - ok

19:53:58.0734 3420  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc           C:\WINDOWS\system32\cisvc.exe

19:53:58.0937 3420  CiSvc - ok

19:53:58.0984 3420  [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe

19:53:59.0187 3420  ClipSrv - ok

19:53:59.0234 3420  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

19:53:59.0265 3420  clr_optimization_v2.0.50727_32 - ok

19:53:59.0265 3420  CmdIde - ok

19:53:59.0281 3420  COMSysApp - ok

19:53:59.0312 3420  Cpqarray - ok

19:53:59.0375 3420  [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll

19:53:59.0609 3420  CryptSvc - ok

19:53:59.0609 3420  dac2w2k - ok

19:53:59.0625 3420  dac960nt - ok

19:53:59.0687 3420  [ B1AD007F9A7DD8CFC981958D5C167D2D ] DcCam           C:\WINDOWS\system32\DRIVERS\DcCam.sys

19:53:59.0750 3420  DcCam - ok

19:53:59.0812 3420  [ 5FD20284CAAF112201311619FF89FA44 ] DcFpoint        C:\WINDOWS\system32\DRIVERS\DcFpoint.sys

19:53:59.0859 3420  DcFpoint - ok

19:53:59.0906 3420  [ 867F7E6841B15D32481C3F1B83364E3A ] DCFS2K          C:\WINDOWS\system32\drivers\dcfs2k.sys

19:53:59.0953 3420  DCFS2K - ok

19:53:59.0984 3420  [ 1B889AC45FAF088FF2AF690779368956 ] DcLps           C:\WINDOWS\system32\DRIVERS\DcLps.sys

19:54:00.0031 3420  DcLps - ok

19:54:00.0187 3420  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll

19:54:00.0484 3420  DcomLaunch - ok

19:54:00.0531 3420  [ 47B1CCEC23AEC5AE6A2005D1A0D8ED65 ] DcPTP           C:\WINDOWS\system32\DRIVERS\DcPTP.sys

19:54:00.0593 3420  DcPTP - ok

19:54:00.0656 3420  [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll

19:54:00.0906 3420  Dhcp - ok

19:54:00.0937 3420  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys

19:54:01.0156 3420  Disk - ok

19:54:01.0171 3420  dmadmin - ok

19:54:01.0281 3420  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys

19:54:01.0656 3420  dmboot - ok

19:54:01.0718 3420  [ 53720AB12B48719D00E327DA470A619A ] dmio            C:\WINDOWS\system32\drivers\dmio.sys

19:54:01.0921 3420  dmio - ok

19:54:01.0953 3420  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys

19:54:02.0140 3420  dmload - ok

19:54:02.0187 3420  [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver        C:\WINDOWS\System32\dmserver.dll

19:54:02.0453 3420  dmserver - ok

19:54:02.0515 3420  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys

19:54:02.0734 3420  DMusic - ok

19:54:02.0796 3420  [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll

19:54:02.0890 3420  Dnscache - ok

19:54:02.0937 3420  [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll

19:54:03.0171 3420  Dot3svc - ok

19:54:03.0187 3420  dpti2o - ok

19:54:03.0218 3420  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys

19:54:03.0484 3420  drmkaud - ok

19:54:03.0531 3420  [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost         C:\WINDOWS\System32\eapsvc.dll

19:54:03.0734 3420  EapHost - ok

19:54:03.0765 3420  [ 877C18558D70587AA7823A1A308AC96B ] ERSvc           C:\WINDOWS\System32\ersvc.dll

19:54:03.0968 3420  ERSvc - ok

19:54:04.0046 3420  [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog        C:\WINDOWS\system32\services.exe

19:54:04.0109 3420  Eventlog - ok

19:54:04.0218 3420  [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem     C:\WINDOWS\system32\es.dll

19:54:04.0390 3420  EventSystem - ok

19:54:04.0468 3420  [ 20FF28FB3B268E7C76B10841A9F81BA4 ] Exportit        C:\WINDOWS\system32\DRIVERS\exportit.sys

19:54:04.0531 3420  Exportit - ok

19:54:04.0593 3420  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys

19:54:04.0781 3420  Fastfat - ok

19:54:04.0843 3420  [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

19:54:04.0968 3420  FastUserSwitchingCompatibility - ok

19:54:05.0015 3420  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys

19:54:05.0203 3420  Fdc - ok

19:54:05.0234 3420  [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys

19:54:05.0453 3420  Fips - ok

19:54:05.0484 3420  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys

19:54:05.0656 3420  Flpydisk - ok

19:54:05.0734 3420  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys

19:54:05.0937 3420  FltMgr - ok

19:54:06.0031 3420  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

19:54:06.0046 3420  FontCache3.0.0.0 - ok

19:54:06.0062 3420  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys

19:54:06.0265 3420  Fs_Rec - ok

19:54:06.0328 3420  [ 8F1955CE42E1484714B542F341647778 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys

19:54:06.0562 3420  Ftdisk - ok

19:54:06.0593 3420  [ 065639773D8B03F33577F6CDAEA21063 ] gameenum        C:\WINDOWS\system32\DRIVERS\gameenum.sys

19:54:06.0765 3420  gameenum - ok

19:54:06.0812 3420  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys

19:54:07.0015 3420  Gpc - ok

19:54:07.0156 3420  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Programme\Google\Update\GoogleUpdate.exe

19:54:07.0218 3420  gupdate - ok

19:54:07.0265 3420  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Programme\Google\Update\GoogleUpdate.exe

19:54:07.0296 3420  gupdatem - ok

19:54:07.0375 3420  [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

19:54:07.0578 3420  helpsvc - ok

19:54:07.0593 3420  HidServ - ok

19:54:07.0640 3420  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys

19:54:07.0843 3420  HidUsb - ok

19:54:07.0890 3420  [ ED29F14101523A6E0E808107405D452C ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll

19:54:08.0093 3420  hkmsvc - ok

19:54:08.0109 3420  hpn - ok

19:54:08.0234 3420  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys

19:54:08.0343 3420  HTTP - ok

19:54:08.0390 3420  [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll

19:54:08.0609 3420  HTTPFilter - ok

19:54:08.0625 3420  i2omgmt - ok

19:54:08.0640 3420  i2omp - ok

19:54:08.0703 3420  [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys

19:54:08.0921 3420  i8042prt - ok

19:54:09.0265 3420  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

19:54:09.0531 3420  idsvc - ok

19:54:09.0578 3420  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys

19:54:09.0765 3420  Imapi - ok

19:54:09.0843 3420  [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService    C:\WINDOWS\system32\imapi.exe

19:54:10.0046 3420  ImapiService - ok

19:54:10.0062 3420  ini910u - ok

19:54:10.0093 3420  IntelIde - ok

19:54:10.0140 3420  [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys

19:54:10.0359 3420  intelppm - ok

19:54:10.0406 3420  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys

19:54:10.0609 3420  Ip6Fw - ok

19:54:10.0656 3420  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

19:54:10.0875 3420  IpFilterDriver - ok

19:54:10.0921 3420  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys

19:54:11.0109 3420  IpInIp - ok

19:54:11.0187 3420  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys

19:54:11.0406 3420  IpNat - ok

19:54:11.0453 3420  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys

19:54:11.0671 3420  IPSec - ok

19:54:11.0687 3420  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys

19:54:11.0796 3420  IRENUM - ok

19:54:11.0859 3420  [ 6DFB88F64135C525433E87648BDA30DE ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys

19:54:12.0046 3420  isapnp - ok

19:54:12.0203 3420  [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe

19:54:12.0265 3420  JavaQuickStarterService - ok

19:54:12.0296 3420  [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys

19:54:12.0531 3420  Kbdclass - ok

19:54:12.0609 3420  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys

19:54:12.0828 3420  kmixer - ok

19:54:12.0953 3420  [ 4E1060D2F3B745931CF83B3649BE8A57 ] KodakCCS        C:\WINDOWS\system32\drivers\KodakCCS.exe

19:54:13.0015 3420  KodakCCS - ok

19:54:13.0078 3420  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys

19:54:13.0156 3420  KSecDD - ok

19:54:13.0218 3420  [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll

19:54:13.0328 3420  lanmanserver - ok

19:54:13.0453 3420  [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

19:54:13.0578 3420  lanmanworkstation - ok

19:54:13.0593 3420  lbrtfdc - ok

19:54:13.0656 3420  [ 636714B7D43C8D0C80449123FD266920 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll

19:54:13.0859 3420  LmHosts - ok

19:54:13.0921 3420  [ 4A5FFDF0FE830C448830BD4B02B02B4B ] mbamchameleon   C:\WINDOWS\system32\drivers\mbamchameleon.sys

19:54:13.0937 3420  mbamchameleon - ok

19:54:13.0984 3420  [ B7550A7107281D170CE85524B1488C98 ] Messenger       C:\WINDOWS\System32\msgsvc.dll

19:54:14.0203 3420  Messenger - ok

19:54:14.0234 3420  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys

19:54:14.0437 3420  mnmdd - ok

19:54:14.0484 3420  [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe

19:54:14.0671 3420  mnmsrvc - ok

19:54:14.0703 3420  [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys

19:54:14.0906 3420  Modem - ok

19:54:14.0953 3420  [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys

19:54:15.0171 3420  Mouclass - ok

19:54:15.0187 3420  [ 66A6F73C74E1791464160A7065CE711A ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys

19:54:15.0406 3420  mouhid - ok

19:54:15.0453 3420  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys

19:54:15.0671 3420  MountMgr - ok

19:54:15.0671 3420  mraid35x - ok

19:54:15.0765 3420  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys

19:54:15.0984 3420  MRxDAV - ok

19:54:16.0171 3420  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

19:54:16.0328 3420  MRxSmb - ok

19:54:16.0375 3420  [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC           C:\WINDOWS\system32\msdtc.exe

19:54:16.0593 3420  MSDTC - ok

19:54:16.0625 3420  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys

19:54:16.0859 3420  Msfs - ok

19:54:16.0859 3420  MSIServer - ok

19:54:16.0890 3420  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys

19:54:17.0093 3420  MSKSSRV - ok

19:54:17.0125 3420  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys

19:54:17.0343 3420  MSPCLOCK - ok

19:54:17.0390 3420  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys

19:54:17.0593 3420  MSPQM - ok

19:54:17.0625 3420  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys

19:54:17.0812 3420  mssmbios - ok

19:54:17.0843 3420  [ CA3E22598F411199ADC2DFEE76CD0AE0 ] ms_mpu401       C:\WINDOWS\system32\drivers\msmpu401.sys

19:54:18.0062 3420  ms_mpu401 - ok

19:54:18.0140 3420  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys

19:54:18.0203 3420  Mup - ok

19:54:18.0296 3420  [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent        C:\WINDOWS\System32\qagentrt.dll

19:54:18.0609 3420  napagent - ok

19:54:18.0671 3420  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys

19:54:18.0906 3420  NDIS - ok

19:54:18.0937 3420  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys

19:54:19.0015 3420  NdisTapi - ok

19:54:19.0046 3420  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys

19:54:19.0234 3420  Ndisuio - ok

19:54:19.0296 3420  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys

19:54:19.0546 3420  NdisWan - ok

19:54:19.0593 3420  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys

19:54:19.0703 3420  NDProxy - ok

19:54:19.0734 3420  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys

19:54:19.0953 3420  NetBIOS - ok

19:54:20.0031 3420  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys

19:54:20.0203 3420  NetBT - ok

19:54:20.0265 3420  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE          C:\WINDOWS\system32\netdde.exe

19:54:20.0515 3420  NetDDE - ok

19:54:20.0562 3420  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe

19:54:20.0750 3420  NetDDEdsdm - ok

19:54:20.0781 3420  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon        C:\WINDOWS\system32\lsass.exe

19:54:20.0984 3420  Netlogon - ok

19:54:21.0093 3420  [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman          C:\WINDOWS\System32\netman.dll

19:54:21.0359 3420  Netman - ok

19:54:21.0453 3420  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

19:54:21.0468 3420  NetTcpPortSharing - ok

19:54:21.0531 3420  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys

19:54:21.0750 3420  NIC1394 - ok

19:54:21.0859 3420  [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla             C:\WINDOWS\System32\mswsock.dll

19:54:22.0000 3420  Nla - ok

19:54:22.0031 3420  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys

19:54:22.0250 3420  Npfs - ok

19:54:22.0437 3420  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys

19:54:22.0718 3420  Ntfs - ok

19:54:22.0750 3420  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe

19:54:22.0921 3420  NtLmSsp - ok

19:54:23.0062 3420  [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll

19:54:23.0531 3420  NtmsSvc - ok

19:54:23.0546 3420  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys

19:54:23.0734 3420  Null - ok

19:54:24.0375 3420  [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

19:54:25.0093 3420  nv - ok

19:54:25.0140 3420  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

19:54:25.0343 3420  NwlnkFlt - ok

19:54:25.0406 3420  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

19:54:25.0593 3420  NwlnkFwd - ok

19:54:25.0640 3420  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys

19:54:25.0843 3420  ohci1394 - ok

19:54:25.0890 3420  [ F84785660305B9B903FB3BCA8BA29837 ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys

19:54:26.0109 3420  Parport - ok

19:54:26.0156 3420  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys

19:54:26.0359 3420  PartMgr - ok

19:54:26.0468 3420  [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys

19:54:26.0671 3420  ParVdm - ok

19:54:26.0718 3420  [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys

19:54:26.0921 3420  PCI - ok

19:54:26.0937 3420  PCIDump - ok

19:54:26.0984 3420  [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys

19:54:27.0156 3420  PCIIde - ok

19:54:27.0218 3420  [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys

19:54:27.0453 3420  Pcmcia - ok

19:54:27.0468 3420  PDCOMP - ok

19:54:27.0484 3420  PDFRAME - ok

19:54:27.0500 3420  PDRELI - ok

19:54:27.0515 3420  PDRFRAME - ok

19:54:27.0531 3420  perc2 - ok

19:54:27.0546 3420  perc2hib - ok

19:54:27.0609 3420  [ C4AA89518E8A2934EAF503C9587FF157 ] pfc             C:\WINDOWS\system32\drivers\pfc.sys

19:54:27.0640 3420  pfc ( UnsignedFile.Multi.Generic ) - warning

19:54:27.0640 3420  pfc - detected UnsignedFile.Multi.Generic (1)

19:54:27.0703 3420  [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay        C:\WINDOWS\system32\services.exe

19:54:27.0734 3420  PlugPlay - ok

19:54:27.0750 3420  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe

19:54:27.0921 3420  PolicyAgent - ok

19:54:27.0984 3420  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys

19:54:28.0203 3420  PptpMiniport - ok

19:54:28.0234 3420  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

19:54:28.0500 3420  ProtectedStorage - ok

19:54:28.0593 3420  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys

19:54:28.0828 3420  PSched - ok

19:54:28.0859 3420  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys

19:54:29.0062 3420  Ptilink - ok

19:54:29.0109 3420  [ B572ED0C3E6165643FA116AF20425A54 ] PxHelp20        C:\WINDOWS\system32\DRIVERS\PxHelp20.sys

19:54:29.0140 3420  PxHelp20 ( UnsignedFile.Multi.Generic ) - warning

19:54:29.0140 3420  PxHelp20 - detected UnsignedFile.Multi.Generic (1)

19:54:29.0156 3420  ql1080 - ok

19:54:29.0171 3420  Ql10wnt - ok

19:54:29.0171 3420  ql12160 - ok

19:54:29.0187 3420  ql1240 - ok

19:54:29.0203 3420  ql1280 - ok

19:54:29.0265 3420  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys

19:54:29.0484 3420  RasAcd - ok

19:54:29.0531 3420  [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto         C:\WINDOWS\System32\rasauto.dll

19:54:29.0750 3420  RasAuto - ok

19:54:29.0796 3420  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

19:54:30.0015 3420  Rasl2tp - ok

19:54:30.0109 3420  [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan          C:\WINDOWS\System32\rasmans.dll

19:54:30.0375 3420  RasMan - ok

19:54:30.0421 3420  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys

19:54:30.0640 3420  RasPppoe - ok

19:54:30.0671 3420  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys

19:54:30.0859 3420  Raspti - ok

19:54:30.0937 3420  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys

19:54:31.0156 3420  Rdbss - ok

19:54:31.0187 3420  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

19:54:31.0390 3420  RDPCDD - ok

19:54:31.0484 3420  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys

19:54:31.0578 3420  RDPWD - ok

19:54:31.0640 3420  [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe

19:54:31.0843 3420  RDSessMgr - ok

19:54:31.0906 3420  [ ED761D453856F795A7FE056E42C36365 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys

19:54:32.0125 3420  redbook - ok

19:54:32.0156 3420  [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll

19:54:32.0375 3420  RemoteAccess - ok

19:54:32.0421 3420  [ 851C30DF2807FCFA21E4C681A7D6440E ] RFCOMM          C:\WINDOWS\system32\DRIVERS\rfcomm.sys

19:54:32.0640 3420  RFCOMM - ok

19:54:32.0703 3420  [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator      C:\WINDOWS\system32\locator.exe

19:54:32.0921 3420  RpcLocator - ok

19:54:33.0062 3420  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs           C:\WINDOWS\system32\rpcss.dll

19:54:33.0171 3420  RpcSs - ok

19:54:33.0250 3420  [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP            C:\WINDOWS\system32\rsvp.exe

19:54:33.0562 3420  RSVP - ok

19:54:33.0578 3420  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs           C:\WINDOWS\system32\lsass.exe

19:54:33.0781 3420  SamSs - ok

19:54:33.0828 3420  [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe

19:54:34.0062 3420  SCardSvr - ok

19:54:34.0156 3420  [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule        C:\WINDOWS\system32\schedsvc.dll

19:54:34.0468 3420  Schedule - ok

19:54:34.0515 3420  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys

19:54:34.0593 3420  Secdrv - ok

19:54:34.0640 3420  [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon        C:\WINDOWS\System32\seclogon.dll

19:54:34.0843 3420  seclogon - ok

19:54:34.0890 3420  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS            C:\WINDOWS\system32\sens.dll

19:54:35.0109 3420  SENS - ok

19:54:35.0140 3420  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys

19:54:35.0343 3420  serenum - ok

19:54:35.0406 3420  [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys

19:54:35.0625 3420  Serial - ok

19:54:35.0703 3420  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys

19:54:35.0906 3420  Sfloppy - ok

19:54:36.0046 3420  [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll

19:54:36.0359 3420  SharedAccess - ok

19:54:36.0468 3420  [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

19:54:36.0484 3420  ShellHWDetection - ok

19:54:36.0500 3420  Simbad - ok

19:54:36.0546 3420  [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp          C:\WINDOWS\system32\DRIVERS\sisagp.sys

19:54:36.0765 3420  sisagp - ok

19:54:36.0812 3420  [ 3FBB6EF8B5A71A2FA11F5F461BB73219 ] SISNIC          C:\WINDOWS\system32\DRIVERS\sisnic.sys

19:54:37.0015 3420  SISNIC - ok

19:54:37.0031 3420  Sparrow - ok

19:54:37.0062 3420  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys

19:54:37.0265 3420  splitter - ok

19:54:37.0328 3420  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe

19:54:37.0375 3420  Spooler - ok

19:54:37.0437 3420  [ 50FA898F8C032796D3B1B9951BB5A90F ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys

19:54:37.0531 3420  sr - ok

19:54:37.0625 3420  [ FE77A85495065F3AD59C5C65B6C54182 ] srservice       C:\WINDOWS\system32\srsvc.dll

19:54:37.0765 3420  srservice - ok

19:54:37.0906 3420  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys

19:54:38.0062 3420  Srv - ok

19:54:38.0125 3420  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll

19:54:38.0265 3420  SSDPSRV - ok

19:54:38.0328 3420  [ 5FFB52404158ABC5D9FF4081BCD67033 ] SSHDRV62        C:\WINDOWS\system32\drivers\SSHDRV62.sys

19:54:38.0375 3420  SSHDRV62 ( UnsignedFile.Multi.Generic ) - warning

19:54:38.0375 3420  SSHDRV62 - detected UnsignedFile.Multi.Generic (1)

19:54:38.0406 3420  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\WINDOWS\system32\DRIVERS\ssmdrv.sys

19:54:38.0468 3420  ssmdrv - ok

19:54:38.0609 3420  [ BC2C5985611C5356B24AEB370953DED9 ] stisvc          C:\WINDOWS\system32\wiaservc.dll

19:54:39.0015 3420  stisvc - ok

19:54:39.0062 3420  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys

19:54:39.0265 3420  swenum - ok

19:54:39.0312 3420  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys

19:54:39.0562 3420  swmidi - ok

19:54:39.0578 3420  SwPrv - ok

19:54:39.0593 3420  symc810 - ok

19:54:39.0609 3420  symc8xx - ok

19:54:39.0625 3420  sym_hi - ok

19:54:39.0640 3420  sym_u3 - ok

19:54:39.0703 3420  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys

19:54:39.0906 3420  sysaudio - ok

19:54:39.0984 3420  [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe

19:54:40.0203 3420  SysmonLog - ok

19:54:40.0328 3420  [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll

19:54:40.0640 3420  TapiSrv - ok

19:54:40.0796 3420  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys

19:54:40.0937 3420  Tcpip - ok

19:54:41.0046 3420  [ 4E53BBCC4BE37D7A4BD6EF1098C89FF7 ] Tcpip6          C:\WINDOWS\system32\DRIVERS\tcpip6.sys

19:54:41.0109 3420  Tcpip6 - ok

19:54:41.0140 3420  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys

19:54:41.0343 3420  TDPIPE - ok

19:54:41.0359 3420  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys

19:54:41.0546 3420  TDTCP - ok

19:54:41.0593 3420  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys

19:54:41.0812 3420  TermDD - ok

19:54:41.0921 3420  [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService     C:\WINDOWS\System32\termsrv.dll

19:54:42.0156 3420  TermService - ok

19:54:42.0218 3420  [ 2DB7D303C36DDD055215052F118E8E75 ] Themes          C:\WINDOWS\System32\shsvcs.dll

19:54:42.0250 3420  Themes - ok

19:54:42.0265 3420  TosIde - ok

19:54:42.0328 3420  [ 626504572B175867F30F3215C04B3E2F ] TrkWks          C:\WINDOWS\system32\trkwks.dll

19:54:42.0546 3420  TrkWks - ok

19:54:42.0593 3420  [ 8F861EDA21C05857EB8197300A92501C ] tunmp           C:\WINDOWS\system32\DRIVERS\tunmp.sys

19:54:42.0828 3420  tunmp - ok

19:54:42.0875 3420  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys

19:54:43.0078 3420  Udfs - ok

19:54:43.0093 3420  ultra - ok

19:54:43.0250 3420  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys

19:54:43.0593 3420  Update - ok

19:54:43.0687 3420  [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost        C:\WINDOWS\System32\upnphost.dll

19:54:43.0843 3420  upnphost - ok

19:54:43.0890 3420  [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS             C:\WINDOWS\System32\ups.exe

19:54:44.0109 3420  UPS - ok

19:54:44.0156 3420  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys

19:54:44.0375 3420  usbehci - ok

19:54:44.0437 3420  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys

19:54:44.0625 3420  usbhub - ok

19:54:44.0656 3420  [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys

19:54:44.0843 3420  usbohci - ok

19:54:44.0890 3420  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

19:54:45.0093 3420  USBSTOR - ok

19:54:45.0156 3420  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys

19:54:45.0359 3420  VgaSave - ok

19:54:45.0375 3420  ViaIde - ok

19:54:45.0406 3420  [ A5A712F4E880874A477AF790B5186E1D ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys

19:54:45.0625 3420  VolSnap - ok

19:54:45.0734 3420  [ 68F106273BE29E7B7EF8266977268E78 ] VSS             C:\WINDOWS\System32\vssvc.exe

19:54:45.0812 3420  VSS - ok

19:54:45.0906 3420  [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time         C:\WINDOWS\system32\w32time.dll

19:54:46.0078 3420  W32Time - ok

19:54:46.0125 3420  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys

19:54:46.0359 3420  Wanarp - ok

19:54:46.0359 3420  WDICA - ok

19:54:46.0437 3420  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys

19:54:46.0656 3420  wdmaud - ok

19:54:46.0703 3420  [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient       C:\WINDOWS\System32\webclnt.dll

19:54:46.0937 3420  WebClient - ok

19:54:47.0062 3420  [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll

19:54:47.0250 3420  winmgmt - ok

19:54:47.0328 3420  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll

19:54:47.0390 3420  WmdmPmSN - ok

19:54:47.0468 3420  [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe

19:54:47.0671 3420  WmiApSrv - ok

19:54:47.0937 3420  [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc   C:\Programme\Windows Media Player\WMPNetwk.exe

19:54:48.0468 3420  WMPNetworkSvc - ok

19:54:48.0578 3420  [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc          C:\WINDOWS\system32\wscsvc.dll

19:54:48.0828 3420  wscsvc - ok

19:54:48.0875 3420  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll

19:54:49.0078 3420  wuauserv - ok

19:54:49.0125 3420  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys

19:54:49.0203 3420  WudfPf - ok

19:54:49.0250 3420  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys

19:54:49.0281 3420  WudfRd - ok

19:54:49.0312 3420  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll

19:54:49.0375 3420  WudfSvc - ok

19:54:49.0562 3420  [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll

19:54:49.0875 3420  WZCSVC - ok

19:54:49.0937 3420  [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll

19:54:50.0156 3420  xmlprov - ok

19:54:50.0203 3420  ================ Scan global ===============================

19:54:50.0250 3420  [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll

19:54:50.0390 3420  [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll

19:54:50.0656 3420  [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll

19:54:50.0718 3420  [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe

19:54:50.0718 3420  [Global] - ok

19:54:50.0734 3420  ================ Scan MBR ==================================

19:54:50.0765 3420  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0

19:54:51.0218 3420  \Device\Harddisk0\DR0 - ok

19:54:51.0218 3420  ================ Scan VBR ==================================

19:54:51.0250 3420  [ AD0D9DED0D52821FBB8F3A5B99AEE9F4 ] \Device\Harddisk0\DR0\Partition1

19:54:51.0265 3420  \Device\Harddisk0\DR0\Partition1 - ok

19:54:51.0296 3420  [ 5546AFAB2D47C5BA5F8E4311C325B3D9 ] \Device\Harddisk0\DR0\Partition2

19:54:51.0296 3420  \Device\Harddisk0\DR0\Partition2 - ok

19:54:51.0296 3420  ============================================================

19:54:51.0296 3420  Scan finished

19:54:51.0296 3420  ============================================================

19:54:51.0421 3956  Detected object count: 3

19:54:51.0421 3956  Actual detected object count: 3

19:56:53.0093 3956  pfc ( UnsignedFile.Multi.Generic ) - skipped by user

19:56:53.0093 3956  pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip 

19:56:53.0109 3956  PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user

19:56:53.0109 3956  PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

19:56:53.0125 3956  SSHDRV62 ( UnsignedFile.Multi.Generic ) - skipped by user

19:56:53.0125 3956  SSHDRV62 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

19:56:57.0796 3052  Deinitialize success

MBAM

Code:

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org
 

Datenbank Version: v2013.04.27.02
 

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

xxxxxx :: D63E0FC3CE2B498 [Administrator]
 

27.04.2013 14:16:46

mbam-log-2013-04-27 (14-16-46).txt
 

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)

Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM

Deaktivierte Suchlaufeinstellungen: P2P

Durchsuchte Objekte: 250932

Laufzeit: 3 Stunde(n), 54 Sekunde(n)
 

Infizierte Speicherprozesse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien: 0

(Keine bösartigen Objekte gefunden)
 

(Ende)

Dann bitte jetzt Combofix ausführen:

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Combofix wird überprüfen, ob die Microsoft Windows Wiederherstellungskonsole installiert ist.
Ist diese nicht installiert, erlaube Combofix diese herunter zu laden und zu installieren. Folge dazu einfach den Anweisungen und aktzeptiere die Endbenutzer-Lizenz.
Bei heutiger Malware ist dies sehr empfehlenswert, da diese uns eine Möglichkeit bietet, dein System zu reparieren, falls etwas schief geht.
Bestätige die Information, dass die Wiederherstellungskonsole installiert wurde mit Ja.
Hinweis: Ist diese bereits installiert, wird Combofix mit der Malwareentfernung fortfahren.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es eine Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.