Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 16.10.2012, 10:13   #1
5CB
 
Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt - Standard

Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt



Hallo TB-Team,

ich habe seit einigen Tagen Probleme mit meinem Laptop: Rechner ist sehr langsam, Freeze, Redirect auf Google, wenn ich mit Firefox surfe.
GMER hat Rootkit-Aktivität festgestellt, ein Log-File wurde aber nicht erstellt, da sich das Programm geschlossen hat, bevor ich etwas speichern konnte.
Bis jetzt habe ich noch nichts am System verändert und lediglich die TB-Anleitung zur Erstellung von Logfiles abgearbeitet.
Ich hoffe ihr könnt mir helfen.
Danke schon mal im Voraus.

Grüße

Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 19:55 on 15/10/2012 (User)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         
Code:
ATTFilter
OTL logfile created on: 15.10.2012 19:59:42 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\User\Eigene Dateien\Downloads
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
894.16 Mb Total Physical Memory | 539.59 Mb Available Physical Memory | 60.35% Memory free
2.12 Gb Paging File | 1.60 Gb Available in Paging File | 75.60% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74.53 Gb Total Space | 4.81 Gb Free Space | 6.45% Space Free | Partition Type: NTFS
Drive E: | 33.25 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: KAROOSU-II | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.10.15 19:49:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Downloads\OTL.exe
PRC - [2012.09.24 22:52:31 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Programme\Java\jre7\bin\jqs.exe
PRC - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2011.07.01 11:20:56 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.05.20 10:49:24 | 000,218,624 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mobile Partner\OnlineUpdate\ouc.exe
PRC - [2011.04.27 15:47:59 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.01.10 15:22:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.11.16 15:37:38 | 000,264,704 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DatacardService\HWDeviceService.exe
PRC - [2010.01.14 22:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.12.18 00:32:30 | 000,497,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Programme\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
PRC - [2009.01.01 17:06:41 | 000,267,016 | ---- | M] (Cisco Systems, Inc.) -- C:\Programme\Cisco Systems\SSL VPN Client\Agent.exe
PRC - [2006.06.18 12:30:21 | 000,180,269 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
PRC - [2005.11.11 11:00:04 | 000,659,456 | ---- | M] (National Instruments, Inc.) -- C:\Programme\National Instruments\Shared\Tagger\tagsrv.exe
PRC - [2005.11.11 10:49:50 | 000,204,800 | ---- | M] (National Instruments, Inc.) -- C:\Programme\National Instruments\Shared\Security\nidmsrv.exe
PRC - [2005.11.11 10:46:58 | 000,053,248 | ---- | M] (National Instruments, Inc.) -- C:\WINDOWS\system32\lktsrv.exe
PRC - [2005.11.11 10:46:56 | 000,045,056 | ---- | M] (National Instruments, Inc.) -- C:\WINDOWS\system32\lkads.exe
PRC - [2005.10.10 14:08:32 | 000,049,152 | ---- | M] (National Instruments Corp.) -- C:\WINDOWS\system32\nisvcloc.exe
PRC - [2005.10.06 11:49:52 | 000,263,168 | ---- | M] (National Instruments Corporation) -- C:\Programme\National Instruments\NI-DAQ\HWConfig\nidevmon.exe
PRC - [2005.10.03 22:52:40 | 000,005,728 | ---- | M] (National Instruments Corporation) -- C:\Programme\National Instruments\MAX\nimxs.exe
PRC - [2005.09.22 17:16:08 | 000,005,728 | ---- | M] (National Instruments Corporation) -- C:\WINDOWS\system32\nipalsm.exe
PRC - [2005.08.25 13:43:14 | 000,688,190 | ---- | M] (National Instruments, Inc.) -- C:\WINDOWS\system32\lkcitdl.exe
PRC - [2005.08.01 08:28:42 | 000,098,393 | ---- | M] (Synaptics, Inc.) -- C:\Programme\Synaptics\SynTP\SynTPLpr.exe
PRC - [2005.08.01 08:28:24 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2005.05.31 01:04:00 | 001,415,824 | ---- | M] (Safer Networking Limited) -- C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2005.05.27 10:24:52 | 000,147,456 | ---- | M] (shbox.de) -- C:\Programme\FreePDF_XP\fpassist.exe
PRC - [2005.05.23 22:31:12 | 000,077,824 | ---- | M] (National Instruments) -- C:\WINDOWS\system32\RTProxy.exe
PRC - [2005.05.02 15:09:50 | 000,057,344 | ---- | M] (Wistron) -- C:\Launch Manager\HotkeyApp.exe
PRC - [2005.04.18 12:41:34 | 000,081,920 | ---- | M] () -- C:\Launch Manager\WButton.exe
PRC - [2005.04.07 20:46:59 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005.03.30 16:29:48 | 000,032,768 | ---- | M] () -- C:\Launch Manager\LaunchAp.exe
PRC - [2005.03.16 14:52:02 | 000,204,800 | ---- | M] (Wistron) -- C:\Launch Manager\OSD.exe
PRC - [2004.12.14 02:36:08 | 000,032,256 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcrobatInfo.exe
PRC - [2004.10.11 11:47:02 | 000,245,760 | ---- | M] () -- C:\Launch Manager\OSDCtrl.exe
PRC - [2003.06.20 00:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.05.20 10:49:28 | 001,148,416 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mobile Partner\OnlineUpdate\QtNetwork4.dll
MOD - [2011.05.20 10:49:26 | 002,415,104 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mobile Partner\OnlineUpdate\QtCore4.dll
MOD - [2011.05.20 10:49:26 | 000,043,008 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
MOD - [2011.05.20 10:49:26 | 000,011,362 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mobile Partner\OnlineUpdate\mingwm10.dll
MOD - [2011.05.20 10:49:24 | 000,218,624 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mobile Partner\OnlineUpdate\ouc.exe
MOD - [2011.04.11 07:26:33 | 000,024,064 | ---- | M] () -- C:\WINDOWS\system32\spd__l.dll
MOD - [2010.11.16 15:37:38 | 000,264,704 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DatacardService\HWDeviceService.exe
MOD - [2010.06.17 15:27:02 | 000,355,688 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2009.11.05 08:39:40 | 000,087,552 | ---- | M] () -- C:\WINDOWS\system32\cpwmon2k.dll
MOD - [2008.06.20 19:36:12 | 000,247,296 | ---- | M] () -- \\?\globalroot\systemroot\system32\mswsock.dll
MOD - [2008.06.20 19:36:12 | 000,247,296 | ---- | M] () -- \\.\globalroot\systemroot\system32\mswsock.dll
MOD - [2005.10.19 12:56:28 | 000,125,952 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2005.10.13 10:11:44 | 000,008,704 | ---- | M] () -- C:\WINDOWS\system32\niidaqlv.dll
MOD - [2005.04.18 12:41:34 | 000,081,920 | ---- | M] () -- C:\Launch Manager\WButton.exe
MOD - [2005.03.30 16:29:48 | 000,032,768 | ---- | M] () -- C:\Launch Manager\LaunchAp.exe
MOD - [2005.01.06 17:33:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\redmonnt.dll
MOD - [2004.10.11 11:47:02 | 000,245,760 | ---- | M] () -- C:\Launch Manager\OSDCtrl.exe
MOD - [2004.02.17 10:31:18 | 000,053,248 | ---- | M] () -- C:\Programme\National Instruments\MAX\Experts\niIMAQe.mxe
 
 
========== Services (SafeList) ==========
 
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012.09.24 22:52:31 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012.09.11 08:26:23 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.07.03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.04.06 01:45:44 | 000,129,536 | ---- | M] (Samsung Electronics) [On_Demand | Stopped] -- C:\WINDOWS\system32\SUPDSvc2.exe -- (Samsung UPD Service2)
SRV - [2011.07.20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011.07.01 11:20:56 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.05.20 10:49:24 | 000,218,624 | ---- | M] () [Auto | Stopped] -- C:\Programme\Mobile Partner\UpdateDog\ouc.exe -- (Mobile Partner. RunOuc)
SRV - [2011.04.27 15:47:59 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.11.16 15:37:38 | 000,264,704 | ---- | M] () [Auto | Running] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe)
SRV - [2010.03.29 08:53:22 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Programme\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)
SRV - [2009.12.18 00:32:30 | 000,497,856 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Programme\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- (vpnagent)
SRV - [2009.01.01 17:06:41 | 000,267,016 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Programme\Cisco Systems\SSL VPN Client\Agent.exe -- (STCAgent)
SRV - [2007.04.26 10:21:28 | 001,234,480 | ---- | M] (Sunbelt Software) [Auto | Stopped] -- C:\Programme\Sunbelt Software\Personal Firewall\kpf4ss.exe -- (SPF4)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006.06.10 23:05:02 | 000,069,632 | ---- | M] (Adobe Systems) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2005.11.11 11:00:04 | 000,659,456 | ---- | M] (National Instruments, Inc.) [Auto | Running] -- C:\Programme\National Instruments\Shared\Tagger\tagsrv.exe -- (NITaggerService)
SRV - [2005.11.11 10:49:50 | 000,204,800 | ---- | M] (National Instruments, Inc.) [Auto | Running] -- C:\Programme\National Instruments\Shared\Security\nidmsrv.exe -- (NIDomainService)
SRV - [2005.11.11 10:46:58 | 000,053,248 | ---- | M] (National Instruments, Inc.) [Auto | Running] -- C:\WINDOWS\system32\lktsrv.exe -- (lkTimeSync)
SRV - [2005.11.11 10:46:56 | 000,045,056 | ---- | M] (National Instruments, Inc.) [Auto | Running] -- C:\WINDOWS\system32\lkads.exe -- (lkClassAds)
SRV - [2005.11.02 13:56:48 | 000,913,408 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\National Instruments\Shared\License Manager\Bin\lmgrd.exe -- (NILM License Manager)
SRV - [2005.10.10 14:08:32 | 000,049,152 | ---- | M] (National Instruments Corp.) [Auto | Running] -- C:\WINDOWS\system32\nisvcloc.exe -- (niSvcLoc)
SRV - [2005.10.03 22:52:40 | 000,005,728 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Programme\National Instruments\MAX\nimxs.exe -- (mxssvr)
SRV - [2005.09.22 17:16:08 | 000,005,728 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\WINDOWS\system32\nipalsm.exe -- (nipxirmu)
SRV - [2005.09.22 17:16:08 | 000,005,728 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\WINDOWS\system32\nipalsm.exe -- (nimcrpcsu)
SRV - [2005.09.22 17:16:08 | 000,005,728 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\WINDOWS\system32\nipalsm.exe -- (nimcdldu)
SRV - [2005.09.22 17:16:08 | 000,005,728 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\WINDOWS\system32\nipalsm.exe -- (nidevldu)
SRV - [2005.08.25 13:43:14 | 000,688,190 | ---- | M] (National Instruments, Inc.) [Auto | Running] -- C:\WINDOWS\system32\lkcitdl.exe -- (LkCitadelServer)
SRV - [2005.05.23 22:31:12 | 000,077,824 | ---- | M] (National Instruments) [Auto | Running] -- C:\WINDOWS\System32\RTProxy.exe -- (niRTProxy)
SRV - [2004.09.29 12:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2003.06.20 00:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
SRV - [2000.05.24 15:20:36 | 000,015,360 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\WINDOWS\system32\ATMsrvc.exe -- (ATMsrvc)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\Wbutton.sys -- (Wbutton)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\siusbmod.sys -- (siusbmod)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PLCMPR5.SYS -- (PLCMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (mailKmd)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2012.08.05 17:52:12 | 000,010,304 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\hostnt.sys -- (HOSTNT)
DRV - [2012.08.02 00:41:03 | 000,003,026 | ---- | M] (Logix4u) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\hwinterface.sys -- (hwinterface)
DRV - [2011.07.01 11:20:58 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.07.01 11:20:58 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.05.20 10:49:29 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2011.05.20 10:49:29 | 000,072,576 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2011.05.20 10:49:28 | 000,117,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2011.05.20 10:49:28 | 000,106,496 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2010.06.17 15:27:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.02.11 13:08:25 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2009.12.18 00:18:50 | 000,020,152 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vpnva.sys -- (vpnva)
DRV - [2009.07.13 16:51:12 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2009.04.30 23:56:32 | 000,495,768 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV561AV.SYS -- (PID_0928)
DRV - [2009.02.13 12:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009.01.01 17:06:41 | 000,022,136 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CSVirtA.sys -- (CSVirtA)
DRV - [2007.04.26 10:21:34 | 000,072,624 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\khips.sys -- (khips)
DRV - [2007.04.26 10:21:30 | 000,302,000 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fwdrv.sys -- (fwdrv)
DRV - [2006.03.01 10:22:23 | 000,010,373 | R--- | M] (Motic China Gruop Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MC1001200130012001B\cmiusb.sys -- (CMIUSB)
DRV - [2005.12.16 08:50:00 | 000,242,592 | ---- | M] (Kithara Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\system32\Ksts7.sys -- (Kithara-Ksts7)
DRV - [2005.10.18 10:00:00 | 000,004,096 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\cvintdrv.sys -- (cvintdrv)
DRV - [2005.10.14 06:02:34 | 000,136,791 | ---- | M] (National Instruments Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\NICANpk.dll -- (nicanpk)
DRV - [2005.10.13 10:18:50 | 000,050,688 | ---- | M] (National Instruments Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nidmmk.dll -- (nidmmk)
DRV - [2005.10.13 10:17:26 | 000,674,304 | ---- | M] (National Instruments Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\nidaq32k.sys -- (Nidaq32k)
DRV - [2005.10.13 09:30:36 | 000,111,616 | ---- | M] (National Instruments Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\niSTCk.dll -- (nistck)
DRV - [2005.10.13 09:30:18 | 000,030,208 | ---- | M] (National Instruments Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nimdsk.dll -- (nimdsk)
DRV - [2005.10.13 09:29:34 | 000,021,504 | ---- | M] (National Instruments Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nibffrk.dll -- (nibffrk)
DRV - [2005.10.13 09:29:32 | 000,037,376 | ---- | M] (National Instruments Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\niarbk.dll -- (niarbk)
DRV - [2005.10.13 07:27:56 | 000,166,912 | ---- | M] (National Instruments Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nidmxfk.dll -- (nidmxfk)
DRV - [2005.10.12 17:13:56 | 000,008,704 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NiViFWK.sys -- (NiViFWK)
DRV - [2005.10.12 17:04:28 | 000,010,752 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NiViPxiK.sys -- (NiViPxiK)
DRV - [2005.10.12 17:04:26 | 000,037,376 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NiViPciK.sys -- (NiViPciK)
DRV - [2005.10.10 20:07:02 | 000,110,080 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nistcrk.dll -- (nistcrk)
DRV - [2005.10.08 01:08:24 | 000,476,160 | ---- | M] (National Instruments Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\niswdk.dll -- (niswdk)
DRV - [2005.10.07 00:54:24 | 000,692,736 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nitiork.dll -- (nitiork)
DRV - [2005.10.07 00:20:20 | 000,926,720 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nixsrk.dll -- (nixsrk)
DRV - [2005.10.07 00:20:12 | 000,422,400 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\niwfrk.dll -- (niwfrk)
DRV - [2005.10.07 00:20:04 | 001,058,304 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nissrk.dll -- (nissrk)
DRV - [2005.10.07 00:19:58 | 000,489,984 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\niesrk.dll -- (niesrk)
DRV - [2005.10.07 00:19:54 | 000,346,624 | ---- | M] (National Instruments Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\niemrk.dll -- (niemrk)
DRV - [2005.10.07 00:06:48 | 000,019,968 | ---- | M] (National Instruments Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\usb6xxxk.dll -- (usb6xxxk)
DRV - [2005.10.07 00:06:38 | 000,233,472 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nisdigk.dll -- (nisdigk)
DRV - [2005.10.06 16:22:48 | 000,038,912 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\niorbk.dll -- (niorbk)
DRV - [2005.10.06 12:31:52 | 000,019,456 | ---- | M] (National Instruments Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nimxpk.dll -- (nimxpk)
DRV - [2005.10.06 12:25:30 | 000,051,200 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nimstsk.dll -- (nimstsk)
DRV - [2005.10.06 12:19:44 | 000,131,072 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nimsdrk.dll -- (nimsdrk)
DRV - [2005.10.06 12:14:50 | 000,714,752 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nidsark.dll -- (nidsark)
DRV - [2005.10.06 12:07:18 | 000,042,496 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nispdk.dll -- (nispdk)
DRV - [2005.10.06 12:07:16 | 000,497,664 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\niscdk.dll -- (niscdk)
DRV - [2005.10.06 12:03:36 | 000,163,328 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nistc2k.dll -- (nistc2k)
DRV - [2005.10.06 11:56:28 | 000,170,496 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nicdrk.dll -- (nicdrk)
DRV - [2005.10.06 11:48:30 | 000,163,328 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nisftk.dll -- (nisftk)
DRV - [2005.10.06 11:32:18 | 000,035,328 | ---- | M] (National Instruments Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nifslk.dll -- (nifslk)
DRV - [2005.10.06 01:00:32 | 000,151,683 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nimsrlk.dll -- (nimsrlk)
DRV - [2005.10.06 01:00:30 | 000,014,464 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nimslk.dll -- (nimslk)
DRV - [2005.10.05 17:34:04 | 000,018,432 | ---- | M] (National Instruments) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\niwdk.sys -- (niwdk)
DRV - [2005.09.28 21:54:50 | 000,231,936 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nimru2k.dll -- (nimru2k)
DRV - [2005.09.28 21:14:02 | 000,141,824 | ---- | M] (National Instruments Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nidimk.dll -- (nidimk)
DRV - [2005.09.28 20:52:50 | 000,212,480 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nimxdfk.dll -- (nimxdfk)
DRV - [2005.09.28 20:07:04 | 000,170,496 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nimdbgk.dll -- (nimdbgk)
DRV - [2005.09.22 21:12:08 | 000,531,968 | ---- | M] (National Instruments Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nipalk.sys -- (NIPALK)
DRV - [2005.09.21 15:41:28 | 000,223,232 | ---- | M] (National Instruments Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\niimaqk.dll -- (niimaqk)
DRV - [2005.09.21 11:30:46 | 000,055,296 | ---- | M] (National Instruments Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nipxirmk.dll -- (nipxirmk)
DRV - [2005.09.20 20:48:50 | 000,979,456 | ---- | M] (National Instruments Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nidwgk.dll -- (nidwgk)
DRV - [2005.09.20 20:45:14 | 000,534,016 | ---- | M] (National Instruments Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nihsdrk.dll -- (nihsdrk)
DRV - [2005.09.20 20:32:00 | 000,373,863 | ---- | M] (National Instruments Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\niSLDk.dll -- (nisldk)
DRV - [2005.09.20 20:04:14 | 000,677,486 | ---- | M] (National Instruments Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nisrcdk.dll -- (nisrcdk)
DRV - [2005.09.20 18:17:58 | 000,100,352 | ---- | M] (National Instruments Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nigplk.dll -- (nigplk)
DRV - [2005.09.14 10:45:28 | 000,056,956 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nimcdfxk.dll -- (nimcdfxk)
DRV - [2005.09.14 10:29:32 | 000,023,164 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nimcdlbk.dll -- (nimcdlbk)
DRV - [2005.08.30 10:38:56 | 000,374,448 | ---- | M] (National Instruments Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\pciimaq.sys -- (PCIIMAQ)
DRV - [2005.08.01 08:28:51 | 001,035,776 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005.08.01 08:28:35 | 001,038,208 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2005.08.01 08:28:34 | 000,703,232 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005.08.01 08:28:34 | 000,200,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWATI.sys -- (HSFHWATI)
DRV - [2005.08.01 08:28:33 | 000,070,912 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2005.08.01 08:28:33 | 000,039,424 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005.08.01 08:28:32 | 000,146,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005.08.01 08:28:18 | 002,314,560 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2005.07.27 08:58:56 | 000,010,829 | ---- | M] (National Instruments) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lvalarmk.dll -- (lvalarmk)
DRV - [2005.07.18 14:34:22 | 000,047,744 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vserial.sys -- (vserial)
DRV - [2005.07.18 14:34:20 | 000,015,264 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vsb.sys -- (vsbus)
DRV - [2005.07.18 01:45:44 | 000,031,334 | ---- | M] (National Instruments Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\gpib420.sys -- (gpib420)
DRV - [2005.07.18 01:25:40 | 000,199,783 | ---- | M] (National Instruments Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\GpibPrtK.sys -- (GpibPrtK)
DRV - [2005.06.29 19:50:30 | 000,110,080 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2005.05.17 04:51:34 | 000,005,315 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2005.05.05 02:08:38 | 000,463,168 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2005.03.02 01:00:00 | 000,015,104 | R--- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avmunet.sys -- (AVMUNET)
DRV - [2004.12.16 17:55:06 | 000,029,440 | ---- | M] (Siemens AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\actser.sys -- (actser)
DRV - [2004.08.03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2004.07.08 10:24:36 | 000,030,720 | ---- | M] (National Instruments) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\niembrtk.sys -- (niembrtk)
DRV - [2004.05.17 12:21:54 | 000,017,280 | ---- | M] (Intellon, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\plcndis5.sys -- (PLCNDIS5)
DRV - [2004.01.19 17:27:31 | 000,050,396 | R--- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2004.01.19 17:27:26 | 000,006,828 | R--- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftlund.sys -- (FTLUND)
DRV - [2004.01.19 17:27:18 | 000,019,153 | R--- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2003.07.16 14:27:40 | 000,043,264 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2003.04.28 12:27:06 | 000,009,867 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\HOTKEY.sys -- (Hotkey)
DRV - [2001.09.28 08:47:22 | 000,037,972 | ---- | M] (DATAFAB) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DfStor2K.sys -- (DFSTR2K)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.yahoo.com/fsc/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com/fsc/
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = eumex.ip
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = 192.168.0.1
 
========== FireFox ==========
 
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: getmail@webdesigns.ms11.net:3.4.10
FF - prefs.js..extensions.enabledItems: 2020Player@2020Technologies.com:4.5.2.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63
FF - prefs.js..extensions.enabledItems: {34fba747-cbc2-4929-b00d-0e523ee94a6f}:1.7.3
FF - prefs.js..extensions.enabledItems: getmail@webdesigns.ms11.net:3.2.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: launchy@gemal.dk:4.2.1
FF - prefs.js..extensions.enabledItems: {fb4eaeed-d1c9-45d1-a2bb-f2876142daf0}:0.600809120100
FF - prefs.js..extensions.enabledItems: {9815d32d-08c2-42ca-a8c6-43e501a4512f}:0.3.3
FF - prefs.js..extensions.enabledItems: youtube2mp3@mondayx.de:1.0.7
FF - prefs.js..network.proxy.type: 0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@cambridgesoft.com/Chem3D,version=12.0: C:\Programme\CambridgeSoft\ChemOffice2010\Chem3D\npChem3DPlugin.dll (CambridgeSoft Corp.)
FF - HKLM\Software\MozillaPlugins\@cambridgesoft.com/ChemDraw,version=12.0: C:\Programme\CambridgeSoft\ChemOffice2010\ChemDraw\npcdp32.dll (CambridgeSoft Corp.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Programme\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2321: C:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2379: C:\Programme\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1483: C:\Programme\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.09.11 08:26:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.10.11 14:34:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 1.5.0.14\Extensions\\Components: C:\PROGRA~1\MOZILL~2\components\ [2010.06.23 09:31:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 1.5.0.14\Extensions\\Plugins: C:\PROGRA~1\MOZILL~2\plugins\ [2012.07.04 12:30:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 1.5.0.14\Extensions\\Components: C:\PROGRA~1\MOZILL~2\components\ [2010.06.23 09:31:38 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 1.5.0.14\Extensions\\Plugins: C:\PROGRA~1\MOZILL~2\plugins\ [2012.07.04 12:30:32 | 000,000,000 | ---D | M]
 
[2008.12.14 12:10:28 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Extensions
[2012.10.15 17:42:32 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\w7lhpv45.default\extensions
[2009.04.15 10:00:17 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Sunbird\Profiles\1xggo7yo.default\extensions
[2012.07.07 00:34:04 | 000,009,612 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\w7lhpv45.default\extensions\getmail@webdesigns.ms11.net.xpi
[2012.07.04 14:13:43 | 000,011,510 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\w7lhpv45.default\extensions\youtube2mp3@mondayx.de.xpi
[2012.09.06 12:32:31 | 000,199,396 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\w7lhpv45.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2012.07.24 22:52:29 | 000,741,958 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\w7lhpv45.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2011.07.24 14:48:09 | 000,002,055 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\w7lhpv45.default\searchplugins\daemon-search.xml
[2008.12.04 18:07:37 | 000,001,355 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\w7lhpv45.default\searchplugins\google-scholar.xml
[2008.01.05 01:14:05 | 000,001,907 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\w7lhpv45.default\searchplugins\leo-eng-ger.xml
[2007.09.14 21:50:54 | 000,001,364 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\w7lhpv45.default\searchplugins\organische-chemiech.xml
[2007.04.24 21:15:44 | 000,001,067 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\w7lhpv45.default\searchplugins\wikipedia-deutsch.xml
[2009.07.19 22:13:29 | 000,004,140 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\w7lhpv45.default\searchplugins\youtube.xml
[2012.02.10 16:31:13 | 000,002,342 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\w7lhpv45.default\searchplugins\zvab-suche.xml
[2012.07.07 00:34:07 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.09.06 12:32:09 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.10.24 11:23:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012.09.11 08:26:25 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2007.08.16 02:05:00 | 000,049,152 | ---- | M] (BitTorrent, Inc.) -- C:\Programme\mozilla firefox\plugins\npbittorrent.dll
[2005.10.12 15:04:02 | 000,020,480 | ---- | M] (National Instruments) -- C:\Programme\mozilla firefox\plugins\NPLV80Win32.dll
[2005.08.17 10:49:08 | 000,036,864 | ---- | M] () -- C:\Programme\mozilla firefox\plugins\npSfAppM.dll
[2012.07.04 12:12:02 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.11 08:26:13 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.07.04 12:12:02 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.04 12:12:02 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.04 12:12:02 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.04 12:12:02 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012.01.13 21:39:18 | 000,000,848 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 192.168.0.5 HP000D9D1C9E95
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Programme\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CtrlVol] C:\Launch Manager\CtrlVol.exe (Wistron)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [HotkeyApp] C:\Launch Manager\HotkeyApp.exe (Wistron)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [LaunchAp] C:\Launch Manager\LaunchAp.exe ()
O4 - HKLM..\Run: [LMgrOSD] C:\Launch Manager\OSDCtrl.exe ()
O4 - HKLM..\Run: [LMgrVolOSD] C:\Launch Manager\OSD.exe (Wistron)
O4 - HKLM..\Run: [niDevMon] C:\Programme\National Instruments\NI-DAQ\HWConfig\nidevmon.exe (National Instruments Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe File not found
O4 - HKLM..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Wbutton] C:\Launch Manager\Wbutton.exe ()
O4 - HKCU..\Run: [Rainlendar2] C:\Programme\Rainlendar2\Rainlendar2.exe ()
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Programme\Mozilla Firefox\plugins\GetFlash.exe -p File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Acrobat - Schnellstart.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-F400-7760-000000000002}\SC_Acrobat.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Acrobat - Schnellstart.lnk.disabled ()
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader - Schnellstart.lnk.disabled ()
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk.disabled ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000042 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000043 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000044 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000045 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000046 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000047 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000048 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000049 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000050 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000051 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000052 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000053 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000054 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000055 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000056 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000057 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000058 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000059 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000060 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000061 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000062 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000063 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000064 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000065 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000066 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000067 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000068 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000069 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000070 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000071 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000072 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000073 - %SystemRoot%\system32\wshbth.dll File not found
O15 - HKCU\..Trusted Ranges: Range1 ([https] in Vertrauenswürdige Sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: 
O24 - Desktop BackupWallPaper: 
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.11.15 09:27:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010.11.18 15:37:38 | 000,142,336 | R--- | M] () - E:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2011.01.11 20:22:00 | 000,000,047 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{008bf86e-ad78-11e0-af19-0002e3483755}\Shell - "" = AutoRun
O33 - MountPoints2\{008bf86e-ad78-11e0-af19-0002e3483755}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{008bf86e-ad78-11e0-af19-0002e3483755}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.11.18 15:37:38 | 000,142,336 | R--- | M] ()
O33 - MountPoints2\{2d5c31ca-0254-11de-a82e-0002e3483755}\Shell\AutoRun\command - "" = System\Security\DriveGuard.exe -run
O33 - MountPoints2\{2d5c31ca-0254-11de-a82e-0002e3483755}\Shell\Explore\Command - "" = System\Security\DriveGuard.exe -run
O33 - MountPoints2\{2d5c31ca-0254-11de-a82e-0002e3483755}\Shell\Open\Command - "" = System\Security\DriveGuard.exe -run
O33 - MountPoints2\{30dbbc3f-2695-11df-ad4e-0002e3483755}\Shell - "" = AutoRun
O33 - MountPoints2\{30dbbc3f-2695-11df-ad4e-0002e3483755}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{30dbbc3f-2695-11df-ad4e-0002e3483755}\Shell\AutoRun\command - "" = E:\MINNIE.exe
O33 - MountPoints2\{5c4d8a0b-4c8a-11df-ad8c-0002e3483755}\Shell - "" = AutoRun
O33 - MountPoints2\{5c4d8a0b-4c8a-11df-ad8c-0002e3483755}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5c4d8a0b-4c8a-11df-ad8c-0002e3483755}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{6dd75ee2-b10b-11de-acc0-0002e3483755}\Shell\AutoRun\command - "" = E:\Toshiba\more4you.exe
O33 - MountPoints2\{97d9480c-b723-11de-accc-0002e3483755}\Shell\AutoRun\command - "" = System\Security\DriveGuard.exe -run
O33 - MountPoints2\{97d9480c-b723-11de-accc-0002e3483755}\Shell\Explore\Command - "" = System\Security\DriveGuard.exe -run
O33 - MountPoints2\{97d9480c-b723-11de-accc-0002e3483755}\Shell\Open\Command - "" = System\Security\DriveGuard.exe -run
O33 - MountPoints2\{9c99d742-d829-11da-a330-0002e3483755}\Shell - "" = AutoRun
O33 - MountPoints2\{9c99d742-d829-11da-a330-0002e3483755}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{9c99d742-d829-11da-a330-0002e3483755}\Shell\AutoRun\command - "" = E:\preinst.exe
O33 - MountPoints2\{9da2653a-a106-11e0-af04-0002e3483755}\Shell - "" = AutoRun
O33 - MountPoints2\{9da2653a-a106-11e0-af04-0002e3483755}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{9da2653a-a106-11e0-af04-0002e3483755}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{a34bf88d-1e2e-11de-abef-0002e3483755}\Shell\AutoRun\command - "" = System\Security\DriveGuard.exe -run
O33 - MountPoints2\{a34bf88d-1e2e-11de-abef-0002e3483755}\Shell\Explore\Command - "" = System\Security\DriveGuard.exe -run
O33 - MountPoints2\{a34bf88d-1e2e-11de-abef-0002e3483755}\Shell\Open\Command - "" = System\Security\DriveGuard.exe -run
O33 - MountPoints2\{ca04baa6-9be9-11da-a2c4-0002e3483755}\Shell - "" = AutoRun
O33 - MountPoints2\{ca04baa6-9be9-11da-a2c4-0002e3483755}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ca04baa6-9be9-11da-a2c4-0002e3483755}\Shell\AutoRun\command - "" = E:\preinst.exe
O33 - MountPoints2\{cb837fdc-82bd-11e0-aecf-000ae4b0ac2f}\Shell - "" = AutoRun
O33 - MountPoints2\{cb837fdc-82bd-11e0-aecf-000ae4b0ac2f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{cb837fdc-82bd-11e0-aecf-000ae4b0ac2f}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.11.18 15:37:38 | 000,142,336 | R--- | M] ()
O33 - MountPoints2\{cb837fdf-82bd-11e0-aecf-000ae4b0ac2f}\Shell - "" = AutoRun
O33 - MountPoints2\{cb837fdf-82bd-11e0-aecf-000ae4b0ac2f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{cb837fdf-82bd-11e0-aecf-000ae4b0ac2f}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.11.18 15:37:38 | 000,142,336 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.15 19:02:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Adobe
[2012.10.15 18:33:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Malwarebytes
[2012.10.15 18:33:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.10.15 18:33:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.10.15 18:33:10 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.10.15 18:33:10 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2012.10.15 17:12:16 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\User\Recent
[2012.10.14 21:26:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Arbeitsvertrag
[2012.10.14 21:16:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Schwindelfrei
[2012.10.11 15:30:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Eigene Dateien\LabVIEW Data
[2012.10.11 15:19:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\nidaq
[2012.10.11 15:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\nimcorb
[2012.10.11 15:15:58 | 000,000,000 | ---D | C] -- C:\Programme\cameralink
[2012.10.11 14:50:57 | 000,000,000 | ---D | C] -- C:\VXIPNP
[2012.10.11 14:47:47 | 000,000,000 | ---D | C] -- C:\Programme\IVI
[2012.10.11 14:26:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\National Instruments
[2012.10.11 14:25:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cvirte
[2012.10.11 14:25:36 | 000,000,000 | ---D | C] -- C:\Programme\National Instruments
[2012.09.28 14:52:17 | 000,000,000 | ---D | C] -- C:\My Data
[2012.09.28 14:52:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\SMaRT
[2012.09.28 14:52:01 | 000,000,000 | ---D | C] -- C:\Programme\SMaRT
[2012.09.26 16:54:40 | 000,000,000 | ---D | C] -- C:\Programme\1ClickDownload
[2012.09.25 01:42:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office Live Add-in
[2012.09.25 01:42:12 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft
[2012.09.24 22:54:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2012.09.24 22:53:47 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[13 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Dokumente und Einstellungen\User\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\User\Eigene Dateien\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.15 19:55:05 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\User\defogger_reenable
[2012.10.15 19:51:38 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.10.15 19:16:03 | 000,001,206 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2638560129-685934672-2847317654-1007UA.job
[2012.10.15 17:09:10 | 000,002,319 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Acrobat - Schnellstart.lnk
[2012.10.15 17:08:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.10.15 17:08:50 | 937,660,416 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.15 11:16:00 | 000,001,154 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2638560129-685934672-2847317654-1007Core.job
[2012.10.14 14:40:01 | 000,000,182 | ---- | M] () -- C:\WINDOWS\hpbafd.ini
[2012.10.11 16:52:48 | 000,000,000 | ---- | M] () -- C:\WINDOWS\imaqconf.ini
[2012.10.11 15:18:57 | 000,120,406 | ---- | M] () -- C:\WINDOWS\System32\niorbmap
[2012.10.11 15:00:23 | 000,000,795 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Measurement & Automation.lnk
[2012.10.11 14:53:00 | 000,003,091 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.09.28 14:52:05 | 000,001,586 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\SMaRT.lnk
[2012.09.27 17:58:54 | 006,381,575 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Setup Solartron+Chelsea WinDETA.pdf
[2012.09.25 01:20:34 | 937,709,568 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2012.09.24 22:51:04 | 000,499,508 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.09.24 22:51:04 | 000,480,244 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.09.24 22:51:04 | 000,095,928 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.09.24 22:51:04 | 000,082,076 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[13 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Dokumente und Einstellungen\User\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\User\Eigene Dateien\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.10.15 19:55:05 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\User\defogger_reenable
[2012.10.11 16:52:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\imaqconf.ini
[2012.10.11 15:00:23 | 000,000,795 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Measurement & Automation.lnk
[2012.10.11 14:50:00 | 000,120,406 | ---- | C] () -- C:\WINDOWS\System32\niorbmap
[2012.10.11 14:33:22 | 000,000,783 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\National Instruments LabVIEW 8.0.lnk
[2012.09.28 14:52:05 | 000,001,586 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\SMaRT.lnk
[2012.09.27 17:58:53 | 006,381,575 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Setup Solartron+Chelsea WinDETA.pdf
[2012.08.14 19:26:32 | 000,310,272 | ---- | C] () -- C:\WINDOWS\System32\UPDIO2.dll
[2012.08.14 19:26:31 | 000,254,464 | ---- | C] () -- C:\WINDOWS\System32\SUPDRun.exe
[2012.08.14 19:26:27 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\spd__l.dll
[2012.08.14 19:26:22 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\spd__ci.exe
[2012.08.14 19:26:19 | 001,558,432 | ---- | C] () -- C:\WINDOWS\TotalUninstaller.exe
[2012.08.08 15:59:38 | 000,014,271 | ---- | C] () -- C:\Dokumente und Einstellungen\User\.recently-used.xbel
[2012.08.05 22:16:07 | 000,004,288 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\recently-used.xbel
[2012.08.05 17:55:02 | 000,103,424 | ---- | C] () -- C:\WINDOWS\System32\MoticRecordCore.dll
[2012.08.05 17:52:51 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\JPEGDLL32.dll
[2012.08.05 17:52:49 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\Dongle.dll
[2012.08.04 21:53:04 | 000,000,106 | ---- | C] () -- C:\Dokumente und Einstellungen\User\tonwert
[2012.08.02 01:19:27 | 000,247,808 | ---- | C] () -- C:\WINDOWS\System32\MoticIPFilter.dll
[2012.08.02 01:19:26 | 000,227,840 | ---- | C] () -- C:\WINDOWS\System32\MoticBmpCapture.dll
[2012.08.02 01:18:58 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\MoticImageDevicesProxy.dll
[2012.08.02 01:18:57 | 000,189,440 | ---- | C] () -- C:\WINDOWS\System32\MUCam32.dll
[2012.08.02 01:18:55 | 000,663,552 | ---- | C] () -- C:\WINDOWS\System32\FreeImage.dll
[2012.08.02 01:18:54 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\MoticCamfnc.dll
[2012.02.07 17:48:51 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2011.05.17 17:33:24 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TransCom.dll
[2011.05.17 17:32:48 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\FirmwareID.dll
[2011.03.12 10:49:13 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.02.22 10:48:18 | 000,000,182 | ---- | C] () -- C:\WINDOWS\hpbafd.ini
[2010.11.08 19:32:58 | 000,153,833 | ---- | C] () -- C:\WINDOWS\hpwins22.dat.temp
[2010.11.08 19:32:58 | 000,001,075 | ---- | C] () -- C:\WINDOWS\hpwmdl22.dat.temp
[2010.11.08 13:48:49 | 000,131,250 | ---- | C] () -- C:\WINDOWS\hpwins22.dat
[2010.11.08 13:48:49 | 000,001,075 | ---- | C] () -- C:\WINDOWS\hpwmdl22.dat
[2010.07.11 13:37:47 | 000,188,378 | ---- | C] () -- C:\Dokumente und Einstellungen\User\acbstractpicture.pdf
[2009.02.12 21:38:56 | 000,018,145 | ---- | C] () -- C:\Dokumente und Einstellungen\User\martin.dbj
[2009.01.03 15:01:36 | 000,032,768 | ---- | C] () -- C:\Dokumente und Einstellungen\User\WebVpnRegKey6-vpn-uni-halle-de.dll
[2008.12.10 23:34:37 | 000,032,768 | ---- | C] () -- C:\Dokumente und Einstellungen\User\WebVpnRegKey6-10-0-0-1.dll
[2008.12.03 17:58:00 | 000,009,418 | ---- | C] () -- C:\Dokumente und Einstellungen\User\agic2008mmp.html
[2008.11.14 13:00:37 | 000,002,481 | ---- | C] () -- C:\Dokumente und Einstellungen\User\.html
[2007.04.09 21:27:35 | 000,000,040 | -HS- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\.zreglib
[2006.12.06 02:18:52 | 000,000,537 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\solvents.map
[2006.07.27 17:57:13 | 000,001,777 | ---- | C] () -- C:\Dokumente und Einstellungen\User\gsview32.ini
[2006.05.18 20:13:39 | 000,000,009 | ---- | C] () -- C:\Dokumente und Einstellungen\User\cd.aux
[2006.04.26 23:01:48 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\dm.ini
[2006.04.13 21:07:40 | 000,000,198 | ---- | C] () -- C:\Dokumente und Einstellungen\User\vgalusr1.vr
[2006.03.13 14:27:17 | 000,038,292 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Microsoft Excel.ADR
[2006.03.13 14:21:33 | 000,012,943 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Microsoft Excel.CAL
[2005.12.27 17:12:40 | 000,007,496 | ---- | C] () -- C:\Dokumente und Einstellungen\User\sample2e.dvi
[2005.12.27 17:12:40 | 000,000,162 | ---- | C] () -- C:\Dokumente und Einstellungen\User\sample2e.aux
[2005.12.25 02:34:28 | 000,228,864 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005.12.12 17:35:15 | 000,000,140 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\wklnhst.dat
[2005.12.07 15:26:28 | 000,000,137 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
 
========== ZeroAccess Check ==========
 
[2005.11.15 09:33:15 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2010.04.16 17:20:25 | 001,509,888 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:00:58 | 000,473,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2004.08.04 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2012.08.02 00:41:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Baumer Optronic
[2012.03.28 11:46:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CambridgeSoft
[2012.06.18 22:39:45 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2009.10.25 19:09:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Cisco
[2011.07.24 14:47:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite
[2011.05.20 10:52:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DatacardService
[2011.12.29 23:06:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MDMA
[2011.11.03 11:57:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mestrelab Research S.L
[2007.08.19 16:01:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microangelo On Display
[2011.05.20 10:51:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mobile Partner
[2012.08.05 18:18:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Motic
[2012.02.29 20:36:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\OriginLab
[2012.08.14 19:27:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung
[2007.04.09 21:27:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SlySoft
[2011.03.23 12:30:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\StatSoft
[2012.08.27 11:08:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2011.08.16 13:50:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Thomson.ResearchSoft.Installers
[2011.03.23 16:34:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2011.03.23 16:33:38 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2009.03.06 19:56:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\.k3d
[2012.08.02 00:41:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Baumer Optronic
[2012.04.30 15:28:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\BitTorrent
[2009.02.24 16:41:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Blender Foundation
[2010.01.04 13:30:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\BSW
[2011.05.25 13:02:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\ChemAxon
[2010.05.02 12:28:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\ChemOffice2004
[2011.07.24 14:55:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\DAEMON Tools Lite
[2010.08.08 14:53:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\DataCast
[2012.07.17 11:18:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Dropbox
[2012.01.07 16:14:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\EndNote
[2008.02.16 19:59:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\FTPGetter
[2012.08.06 18:43:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\gtk-2.0
[2012.02.16 11:32:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\inkscape
[2006.01.12 23:28:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\InterVideo
[2012.08.04 20:54:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\IrfanView
[2006.05.09 12:04:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Leadertech
[2005.12.27 04:53:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\LyX
[2006.07.27 17:48:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\MAGIX
[2011.11.03 11:57:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mestrelab Research S.L
[2012.08.05 18:40:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Motic
[2012.07.24 15:06:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Nikon
[2010.10.26 11:24:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\OpenOffice.org
[2012.06.07 10:00:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Oracle
[2008.02.16 19:47:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Pleis Software
[2012.06.01 21:12:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Profiles
[2007.11.24 18:27:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\RouterControl
[2009.01.11 12:49:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Stellarium
[2005.12.12 17:35:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Template
[2006.08.03 22:24:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Thunderbird
[2011.03.23 16:34:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\TuneUp Software
[2008.10.21 17:49:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\zweitgeist
 
========== Purity Check ==========
 
 
 
========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\WINDOWS\$NtUninstallKB22607$] -> Error: Cannot create file handle -> Unknown point type
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 143 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:C8B8CEBD
@Alternate Data Stream - 105 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:F5AC56EA

< End of report >
         
Code:
ATTFilter
OTL Extras logfile created on: 15.10.2012 19:59:42 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\User\Eigene Dateien\Downloads
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
894.16 Mb Total Physical Memory | 539.59 Mb Available Physical Memory | 60.35% Memory free
2.12 Gb Paging File | 1.60 Gb Available in Paging File | 75.60% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74.53 Gb Total Space | 4.81 Gb Free Space | 6.45% Space Free | Partition Type: NTFS
Drive E: | 33.25 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: KAROOSU-II | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
.scr [@ = RasWin.Script] -- C:\Programme\RasWin\RasWin.exe ()
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Programme\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Programme\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Programme\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01610E8F-5F6A-4D9A-AFC4-3FE1AC19C488}" = NI-653x Support
"{03773BAB-F4D0-405C-B0BC-AD8053D95B8E}" = NI LabVIEW 8.0 Instr.lib
"{061AE98B-178A-4143-A52A-68ED9279644D}" = NI Legacy DAQmxRF
"{06960020-59A4-11D5-9721-00B0D03F1A43}" = Motic Images Plus 2.0
"{0819E89D-6214-4B6F-A18D-4633CB4E0E4A}" = Softwareupdate für Webordner
"{09B0D7DF-1871-4DAF-9644-D34E0641F309}" = NI DHV DCMP Installer 105f1
"{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5
"{0AA096F0-FD0C-4859-8F71-441699B16752}" = NI-SCOPE 2.9.2
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0CF6DF46-1058-4B3B-A49E-1C70145C849F}" = NI-VISA Server 3.4
"{0F09F023-E0EF-40DA-A972-38F5BD0DA302}" = NI-VISA MAX Provider 3.4
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4700_series" = Canon iP4700 series Printer Driver
"{11AE3814-BE69-4934-B256-E918F574340F}" = NI-488.2 2.43
"{1212A25B-EE14-4919-AA06-C5EA5E46CAA4}" = NI LabVIEW 8.0 Help
"{12293183-17BA-4A6B-853A-009871F391E4}" = NI-DAQmx - LabVIEW shared documentation
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{162583A9-FA87-4F26-BD56-3ACD381DB9BE}" = SMaRT
"{1AD77A05-76EC-44CF-940F-799FFFE6C731}" = NI Assistant Framework
"{1C63DD23-6554-4A1F-8D0D-B5A6B49D8015}" = Corel Graphics Suite 11
"{1C85BB92-B17F-4CE3-AC53-F9350D1B6D98}" = NI SignalExpress 1.2.2 Datatypes
"{1D51A29C-475D-43A7-A6E8-5592FF6E343D}" = NI LabVIEW 8.0 Simulation
"{1E37767B-1A94-4FEA-9120-15B3360B6D3A}" = NI-DAQmx OPC Support
"{1E85A47B-4150-4003-8283-8B2EB94AF5C9}" = NI-RPC 3.2.1f0
"{1EA6473D-6AFB-4349-B138-DBD810C0F34E}" = NI-DMM 2.4.6
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F72FFB7-3E5C-4752-9E23-FA6CE0281CAD}" = NI-IRDA 1.0.2f0 for Phar Lap ETS
"{21082394-654A-46A9-9426-B834F02877EC}" = NI LabVIEW 8.0 Menus
"{2146CF1A-5ACD-4A50-8B36-6A7DD095B08C}" = NI-DAQ INF Files
"{221861B8-D133-4377-803D-F005EB2B733C}" = NI LVBrokerAux1071
"{26208991-520E-489B-AD52-A7CEA5A5C857}" = NI-IMAQ 3.5
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{26F4D5DD-865B-4A2B-9A36-EE22ACA97331}" = NI-MXDF 1.4.0f0
"{28C59BDD-55F3-4454-BF17-37AC537F894B}" = NI MDF Support
"{2B8681BE-302C-4976-8E77-2735EAEF2AAD}" = NI-VISA for LabVIEW Real-Time 3.4
"{2BD1A5B5-8E98-4E2D-9BE5-D68C57C2FDBE}" = NI Assistant Framework LabVIEW Code Generator 7.0
"{2C8ACC4A-240C-4EC8-81BC-792C5DAE027D}" = NI-DIM 1.3.0f0 for Phar Lap ETS
"{2D7B1642-931E-47C5-9B55-A4E83A9548FD}" = NI-RPC 3.2.1f0 for Phar Lap ETS
"{2E531946-E4A9-4D58-BB69-5696F8481EE2}" = NI LabVIEW 8.0 Help File
"{307ADD1B-AD3E-4D6C-898B-1EB60B1269BC}" = NI LabVIEW 8.0 CINtools
"{32117214-B9F1-4EAC-8EC3-417161EC388D}" = NI LabVIEW MAX XML
"{3263845B-95F2-43C0-817E-B7BF25BCB742}" = NI-PAL 1.10.0f0 for Phar Lap ETS
"{33B9AC9D-0442-4728-AAA1-6B30949B87C5}" = NI-Motion MAX Provider 7.1
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36B13A26-2DD0-4441-A747-C788B4623929}" = NI-SWITCH 3.0
"{36DC540B-3062-4538-B1D1-E367BC9F47FC}" = NI LVBrokerAux71
"{37128905-461C-41E3-86EF-A0B7A627B548}" = NI DHV GPL 107f1
"{37C93522-0209-4D4C-A100-8C149EB45D2C}" = NI LabVIEW 8.0 WWW
"{381E653F-D10F-4866-9A50-E211B97DE574}" = NI LVBrokerAux70
"{3A6F4A31-8CFD-46B4-8385-E1F384DB121E}" = PDF-XChange Viewer
"{3AB4E8CB-3321-4D43-8A59-885338A6EBF9}" = STATISTICA 8.0.725.0 CS
"{3C7B88E1-2C72-44CA-A883-62679DBBA36B}" = NI-DAQmx MAX Support 1.4.0
"{3CD9E7BB-6347-479A-BB0C-0093C1AE6944}" = NI Software Provider for MAX
"{3D47F62E-EE3A-44B6-9079-7D683CA4A975}" = Motic Images Multi-Focus Pro 1.0
"{3DFF45F7-C12C-4A3A-BA9E-1946A4E92424}" = NI LabVIEW Real-Time Error Dialog
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{4159DD60-49C1-4323-A1A5-FB060CBA35C5}" = NI Measurement Studio Recipe Processor
"{41BE0B6B-A0A0-4848-9DB5-92359D7BFB7D}" = NI DIO Core 141f1
"{45A380B1-4EBC-489F-9A86-689F5BB5E1E8}" = NI DAQ Assistant 1.5.0
"{45F0CC81-BFA7-4E00-8682-8595BA27C114}" = NI Assistant Framework LabVIEW Code Generator 7.1
"{461BB471-0B29-4A85-8B8E-AD0D96F9BD12}" = NI SCXI 1.2.0
"{46AB635F-5C13-4592-AE25-8687816341D7}" = NI LabVIEW 8.0 Project
"{489922DB-811B-417F-88B8-417ABC93A09A}" = NI-FGEN Driver Part 131f2
"{4960B043-C25F-4C85-B5DF-817448F4D31E}" = NI LabVIEW Deployable License 8.0
"{496B9B49-C7CA-4F32-BD18-029D1C7105F0}" = NI Spy 2.3.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E79CFA8-5FBA-4777-8B69-F52DEFF31BA7}" = NI-CAN - CAN/DNET Core
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{5500F75F-EC8D-40D4-A346-9E46D931C4CF}" = NI-VISA 3.4
"{5545EEE4-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2701.01)
"{567DE038-00EF-4C42-8492-3C53B81351BC}" = NI-488.2 Provider for MAX
"{588667A2-96B8-43DA-AF99-6861BED9C889}" = NI LabVIEW 8.0 Applibs
"{5A4AC082-8D61-442A-8A86-68869CB9BC80}" = NI MXS 4.0
"{5B061FDE-E53E-4DDC-8532-D23F95A56B38}" = NI-IVI Provider for MAX
"{5BCB370B-F341-45DF-BDEF-29E1F1291C2C}" = NI PXI Platform Services for Windows 1.5.1
"{5DC9049B-DEEB-429F-8B52-FEC48FC1E9FF}" = NI Remote Provider for MAX
"{5F5E7797-67A8-432C-8319-2D2B2A687AE6}" = NI-DAQmx Documentation
"{607BCFFA-1FDA-4F56-AB36-1A4B2A003FD4}" = NI Variable Engine LabVIEW 8.0 Support
"{60FC2242-9CF5-4264-B02A-A4A86447F560}" = NI EULA Depot
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6134FECC-3207-42A8-BE11-76F80260E416}" = NI Measurements eXtensions for PAL 1.3.0
"{61662552-5E9A-46C1-9D79-97B3B53D4344}" = NI ModInst 1.1.1
"{62DBBC58-6C51-4793-BA66-45012F8BA32C}" = NI LabVIEW Run-Time Engine 7.1.1
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69D26AD4-8D4F-424C-89A2-36E7996FE9F4}" = NI-Motion 7.1
"{6E867F5F-191E-4F87-AC87-DB1D7C2B2082}" = NI-ORB 1.3.0f2 for Phar Lap ETS
"{6F139AA4-624B-499A-A20F-AF20F552B494}" = NI PXI Platform Services for LabVIEW Real-Time 1.5.1
"{6FC644ED-B118-4837-AE96-1828FC400E56}" = NI OPC Support
"{7020FC34-6E04-4858-924D-354B28CB2402}_is1" = Luminance HDR 2.1.0
"{708878B7-6B4C-42EB-AA0B-FD91339E228B}" = NI-DNET 1.4.2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{761C7705-C07C-47C1-9DEF-1C7B7E85C026}" = NI-Embedded RT Provider 1.1 for MAX
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A7B0BF3-2F00-4F03-8A9B-6ABCC07B90C6}" = Windows Live installer
"{847D8AC1-E041-44BF-8FE9-0A1CACD3169A}" = NI Registration Wizard
"{857594FA-206C-4937-8D9B-D096F737C17B}" = NI-TClk 1.4.1
"{85BA7798-BFDB-4A26-99E1-1D685DD70D6C}" = NI Variable Engine
"{86B3F2D6-AC2B-4E88-8AE1-F2F77F781B0C}" = EndNote X3
"{879D59A5-FD51-44EE-91D2-734CA0DC91D8}" = NI LabVIEW RT Proxy
"{87F64F82-D571-4F51-A8FA-A36C273BA3C7}" = NI-PAL 1.10.0f0
"{88BBB9A9-C034-466E-BB83-8197AFD1669C}" = NI LVBrokerAux8.0
"{8A4C8B35-7004-4E33-9064-D66A2238BEB5}" = NI-IMAQ Configuration 1.6
"{8A78D7F3-6D9F-4616-B813-4A7BF5495809}" = NI-DAQmx support for LabVIEW
"{8AB1D901-D67B-4827-B7BD-CA048D2E4769}" = NI Fusion Standard Library
"{8BB89D6D-85DD-4B36-A5D8-2321509E9E64}" = NI LabVIEW 8.0 iMath
"{8C363CB9-9F31-4349-8491-762C42D3FDFB}" = CambridgeSoft Desktop Inventory 12.0
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{8DF4BC37-2D90-4F99-8F20-7D5EB0679094}" = IVI Shared Component
"{8E41D2A5-C0DD-4139-8C7A-2F0E1F20ED24}" = CombineZP
"{8EB3022D-F805-421C-A573-59EC3EE5C08C}" = NI-IMAQ Provider for MAX
"{8ED57302-7546-4DC3-BD5F-EC87CBCEBD71}" = NI LabVIEW 8.0 Examples
"{8F2735AA-F673-4818-8F33-FE9E5612EBDB}" = NI-CAN 2.3.1
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (German) 12
"{90120000-0016-0000-0000-0000000FF1CE}" = Microsoft Office Excel 2007
"{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_EXCEL_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_EXCEL_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_EXCEL_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_EXCEL_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_EXCEL_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_EXCEL_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{901A0407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Outlook 2003
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{91120407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{92083A9A-549D-4057-88E8-223EA08563FA}" = Cisco AnyConnect VPN Client
"{92E160E5-0C7A-4DDA-9285-4B307547766D}" = NI-DAQmx Switch Core 1.6.0
"{92E975F4-D3C2-4F27-8CF8-5510D02AAEEF}" = NI Assistant Framework LabVIEW Code Generator 6.1
"{95F578F6-E6BC-4743-BB82-9CE93E460074}" = NI-TNF 1.3.1f0 for Phar Lap ETS
"{980A99BE-86E6-4365-BEC8-9C64D06FC42C}" = NI LabVIEW 8.0 MeasAppChm File
"{984C439F-FCC1-44E4-B7D6-800DC4921012}" = NI LabVIEW 8.0 Manuals
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B114692-442E-46C7-8F01-797BF434024B}" = NI STC 1.2.0
"{9C3C2CC1-94E5-469E-98B7-A74125CC5827}" = NI Common Digital 1.2.0
"{9DE980C5-926C-4BE0-B3CA-F18A3455FF1A}" = NI Timing 1.5.0
"{9E0AE153-88DC-428B-99EB-6A3D984230B8}" = NI LabWindows/CVI 7.1.1 Run Time Engine
"{9F17FA4D-409D-4DB4-BB2E-93949844BE74}" = NI IVI Engine 2.0
"{9F6D6471-32F4-4583-960D-4FC956D0A04B}" = NI Portable Configuration
"{9F9D38F6-C366-432C-AD75-4EAB1AF381A3}" = NI-CAN: Common LabVIEW code for NI CAN products
"{9FFBB61F-4B1B-421C-8F34-7340458ED6B7}" = NI Assistant Framework LabVIEW Code Generator 8.0
"{A038B7DE-A784-42BE-BB2B-D101E6223FC2}" = NI-HSDIO 1.4.1
"{A1E1083D-249D-483C-AD92-CDCFA230A4C7}" = STATISTICA CambridgeSoft Integration
"{A25708B0-0520-4BE3-927A-2CF039CDF40E}" = NI LabVIEW 8.0 Resource
"{A2AA1890-14B4-4252-A17E-7A338BC42D88}" = NI-DIM 1.3.0f0
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A542D955-9F05-4C74-8866-25DDC0DB15DB}" = SIEMENS USB Data Cable
"{A9C61320-FA84-4B54-AEAA-3BEFE95B6FA8}" = NI LabWindows/CVI 7.0 Code Generator
"{AA8D8A7B-4606-420E-9FE9-E4C77B200857}" = NI Measurement & Automation Explorer 4.0
"{AB171825-B5E6-4F9A-8438-6E1D99EFCB58}" = USB Data Cable Driver
"{AB7F05AC-F4CF-4355-8BB8-C3D443E1D2AF}" = NI Calibration Provider for MAX
"{AC76BA86-1033-F400-7760-000000000002}" = Adobe Acrobat 7.0 Professional - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{AD31D4D6-7154-4AC4-B580-59F28CA331D0}" = MDL CrossFire Commander 7.0 SP2
"{B08C2B62-0200-4801-A62A-4E4069928A1A}" = NI LabVIEW 8.0 User.lib
"{B1AA8556-7F80-4F7B-8F6B-2E69D0C96298}" = Traditional NI-DAQ Documentation
"{B1F27A23-B6D1-4397-BA2F-25F348DF135F}" = NI Uninstaller
"{B26E3B0D-C2FA-4370-B068-7C476766F029}" = Microsoft Works
"{B3428FFA-367B-46B6-AFAF-34A63C77BAEE}" = NI-DAQ C and VB6 API
"{B3A667C2-66F2-41FA-94CA-B5DD9A6F3380}" = Traditional NI-DAQ 7.4.1 (Legacy)
"{B43543B0-1B58-45DF-94E2-669B1EF9D251}" = NI-ORB 1.3.0f2
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BBD2F68D-97FD-48CF-93BC-9E9C24B2B016}" = NI Logos 4.6
"{BCD6D492-DB6C-4582-8AE3-8EE9D4EAF74A}" = NI LabVIEW Broker
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{BEA0A9C5-C1D9-40AF-A52D-C2D816ADE1D5}" = NI-MDBG 1.3.0f0
"{BFD080F6-3BF0-40E1-9507-9CA969C35870}" = Sunbelt Personal Firewall
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C184F49B-34E6-4A0C-B7CF-219F9AE3EF6F}" = Motic Images Assembly Pro 1.0
"{C1D8CD08-C64C-4039-BE58-9289907344D7}" = NI-CAN Provider for MAX
"{C346D933-8F17-4A18-B96B-D240157C1AE6}" = NI LabVIEW 8.0 Deutsch
"{C5078C26-8B75-411D-9806-27E2BBD61DF6}" = NI Remote PXI Provider for MAX
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C73A0FC7-FFDC-4BAD-912A-C5791FF9EAC6}" = NI Service Locator
"{CB2D3647-18D2-4E06-8062-AF6224C5489E}" = NGrab Streamingserver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC82342B-74FC-4BD6-AF8C-6CAEAC389DE9}" = NI Script Editor 1.3.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D06EF6C2-62D8-4308-897E-B20FE81712B4}" = CambridgeSoft ChemBioOffice Ultra 2010
"{D0846526-66DD-4DC9-A02C-98F9A2806812}" = Launch Manager V1.3.4
"{D0AA2E4A-CC81-4BE4-8607-8C4D5BC8AE03}" = Origin85
"{D2EB6337-42E5-4D6E-B01F-2FF9E30F4A06}" = NI Web Pipeline
"{D3439CB7-5F0E-493C-BD9F-E6CA41E8B27A}" = NI Hierarchical Waveform Storage 1.4.1
"{D3F14999-E294-449F-93CB-699775F53A6E}" = NI Example Finder 8.0
"{D573DEA6-782D-4032-998D-18DA272DA38F}" = NI LabVIEW Run-Time Engine 7.0
"{D69245E6-87C2-40E6-8F0D-F93F23EE4A0F}" = NI LabVIEW Run-Time Engine 8.0
"{D75DA63A-6403-4268-AB34-90134DDF65D5}" = NI MIO Device Drivers 1.7.0
"{D89B93AC-6507-40CA-A22A-0A1700ED0E04}" = NI Variable Manager
"{D92D5431-B36E-498A-9E7B-521E53C8825A}" = NI-DAQmx 8.0
"{D9B37BA7-24CD-445B-B145-773CC99D3E00}" = NI LabVIEW 8.0 Activity
"{D9C9A9BC-7891-4057-A193-56CEAAE2C143}" = NI-VISA Runtime 3.4
"{D9DC7038-9448-41BE-AEC3-122262D3ED0B}" = NI-FGEN 2.3.2
"{DB2C5648-700D-4AEF-83E1-70C72F0C34FA}" = NI Math Kernel Libraries
"{DB4663C6-2E47-4B46-AD39-52F546D53809}" = NI-MRU 2.4.0f0
"{DC25A68A-D49A-474F-B86D-86EB228553ED}" = NI-Embedded RT 1.0.1
"{DD390149-1F7A-4451-B64D-82FAC39F8B3C}" = NI USI 1.2.0
"{de2f2d9c-53e2-40ee-8209-74da63cb060e}" = Python 3.0.1
"{DEBA0D04-418C-4791-BF2D-046ED28B13D0}" = NI-DAQmx DSA Support 1.5.0
"{DEE42EFF-EE8F-4C81-9CFA-647B26B915CD}" = NI LabVIEW 8.0 gMath
"{DEF321A1-6E28-49A1-A5EC-DB79E647E51F}" = NI-DAQ Document Set
"{DFE4E18A-6F20-4F3C-AB3D-382FFFB43BCA}" = NI LabVIEW 8.0 Templates
"{E040BA70-61B7-434E-A273-F62EB400AC4F}" = NI Session Manager 3.5
"{E0E49070-F2C7-402A-9D36-C9B87CA2E09D}" = OriginPro 8.5
"{E145D9BE-D521-4527-A85D-2B2D47725506}" = CambridgeSoft ChemScript 12.0
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E3AD8913-0BF6-455C-92E3-5CDCD8C7D266}" = NI Instrument IO Assistant for LabVIEW 8.0
"{E3B9CB1E-C982-4A5A-BBC8-EDBE784A756A}" = NI LabVIEW 8.0 VI.lib
"{E4A3D0CD-EEA2-458F-BBC8-DC174DCCAC3D}" = NI-Serial for LabVIEW Real-Time 2.5.6
"{E51FB7DE-F7B5-4BB3-958F-4DC0C8EECAF0}" = NI-Motion 7.1 FX Development
"{E57C34B8-623E-4757-92D7-BBE17488E24D}" = NI IVI Class Drivers
"{E773E0B9-6ABE-4F9E-816C-56B2DD8613B9}" = CambridgeSoft Activation Client
"{E7CDB32A-128D-49DB-BF7F-1E96EA636D88}" = NI PXI Platform Services Provider for MAX 1.5.1
"{EAAEEDD4-0609-47E8-B747-AF3D8E8AD88C}" = NI-Watchdog 2.1.4f0
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{ECE12161-B445-48FA-9056-FD54D8A72459}" = OriginPro 7.5
"{ECE4289B-68C8-4D30-9C65-84CC2052CCFF}" = CambridgeSoft BioAssay 12.0
"{ED1617B8-98F7-412A-9502-BB9607CE17C3}" = NI Instrument I/O Assistant
"{ED318768-B5F9-4102-9852-B2AAB68819B2}" = NI LabVIEW 8.0 Device Detection and Deployment Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F14236D9-4B9A-4CEC-AE70-0E964020A0E7}" = NI Logos LabVIEW 8.0 Support
"{F2FC4CA5-BC77-4118-BC84-1542BF2EE06B}" = NI-DAQ Provider for MAX
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F596E368-2A1D-4896-AB37-C81BFA4DD011}" = CambridgeSoft ENotebook 12.0.1
"{F80E2443-811E-4864-9AC7-0C6DDBED3186}" = NI LabVIEW C Interface
"{F98A8B8A-1922-4C8D-9852-074A1DA3EB2A}" = NI HSD Core 142f3
"{F993C3BF-D483-4B80-8EE7-8AB6F0E7450E}" = NI IVI Compliance Package 2.3
"{FA237125-51FF-408C-8BB8-30C2B3DFFF9C}" = Windows Resource Kit Tools
"{FAE4CE60-F3C1-463A-98CF-7A810E26A4DB}" = NI DataSocket 4.3.0
"{FB6DF036-C3A7-4A89-92DA-B4364A8E9373}" = NI License Manager
"{FC924128-8F69-4561-B6F8-994C44311F21}" = Motic Images Advanced 3.2
"{FFEC1925-09BC-493D-97FC-D27A364C9C8A}" = NI-488.2 for LabVIEW Real-Time 2.4.3
"1ClickDownload" = 1ClickDownloader
"31830087-F23D-4198-B67D-AD4A2A69147F_is1" = Micro-Manager-1.4
"AccelrysAccordSDK51RT" = Accord SDK 5.1 Runtime
"Adobe Acrobat 3.01" = Adobe Acrobat 3.01
"Adobe Acrobat 7.0 Professional - EFG" = Adobe Acrobat 7.0 Professional - English, Français, Deutsch
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Adobe Type Manager 4.1" = Adobe Type Manager 4.1
"AdobeESD" = Adobe Download Manager 2.0 (Nur entfernen)
"ATI Display Driver" = ATI Display Driver
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind
"BitTorrent" = BitTorrent 5.0.9
"BSW" = BrettspielWelt
"CanonMyPrinter" = Canon My Printer
"Cisco Systems SSL VPN Client" = Cisco SSL VPN Client
"CNXT_MODEM_PCI_VEN_1002&DEV_4378&SUBSYS_10921734" = SoftV90 Data Fax Modem with SmartCP
"CutePDF Writer Installation" = CutePDF Writer 2.8
"Data Access Objects (DAO) 3.5" = Data Access Objects (DAO) 3.5
"DivX Codec" = DivX 5.0.3 Pro Bundle
"dslmon" = devolo Informer
"DVD Shrink_is1" = DVD Shrink 3.2
"EMANIM_is1" = EMANIM 1.01
"EXCEL" = Microsoft Office Excel 2007
"FaJo XP File Security Extension_is1" = FaJo XP File Security Extension v1.2
"ffdshow_is1" = ffdshow [rev 2228] [2008-10-17]
"FreePDF_XP" = FreePDF XP (Remove only)
"FTDICOMM" = SEMC DSS SyncStation Driver
"GPL Ghostscript 8.15" = GPL Ghostscript 8.15
"GPL Ghostscript 9.04" = GPL Ghostscript
"GPL Ghostscript Fonts" = GPL Ghostscript Fonts
"GSview 4.8" = GSview 4.8
"High Precision Ephemeris Tool" = High Precision Ephemeris Tool
"Inkscape" = Inkscape 0.48.2
"InstallShield_{1C63DD23-6554-4A1F-8D0D-B5A6B49D8015}" = Corel Graphics Suite 11
"IrfanView" = IrfanView (remove only)
"IviSharedComponent" = IVI Shared Components
"JabRef 2.4.2" = JabRef 2.4.2
"JabRef 2.6" = JabRef 2.6
"JabRef 2.7.2" = JabRef 2.7.2
"K-3D 0.7.9.0" = K-3D 0.7.9.0
"Kithara Tool Suite 7 Runtime" = Kithara Tool Suite 7 Runtime
"krinnicam" = krinnicam 2.02
"LitLink Windows Components" = LitLink Windows Components
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"MDL ISIS Draw 2.5 Standalone" = MDL ISIS Draw 2.5 Standalone
"Media Reader 1.15" = DATAFAB Media Reader
"MestReNova" = MestReNova 6.0.2-5475
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MiKTeX" = MiKTeX
"MiKTeX 2.8" = MiKTeX 2.8
"Mobile Partner" = Mobile Partner
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"Mozilla Thunderbird (1.5.0.14)" = Mozilla Thunderbird (1.5.0.14)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NI Uninstaller" = National Instruments-Software
"Prog-Studio" = Prog-Studio 6.09 
"Rainlendar2" = Rainlendar2 (remove only)
"RasWin" = RasWin (remove only)
"RealPlayer 6.0" = RealPlayer
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"RegiStax" = RegiStax  V3.0.1.23
"ResearchSoft Direct Export Helper" = ResearchSoft Direct Export Helper
"reSizer_is1" = reSizer v0.78
"RouterControl" = RouterControl 1.85
"Samsung Universal Print Driver" = Samsung Universal Print Driver
"SciPlore MindMapping" = SciPlore MindMapping
"SecureW2 TTLS Client" = SecureW2 TTLS Client 3.2.0 for Windows 2K/XP
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.4
"STATNOVAPDF_is1" = STATNOVAPDF (novaPDF Professional Server 5.4  printer)
"Stellarium_is1" = Stellarium 0.10.0
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeXnicCenter_is1" = TeXnicCenter Version 1 Beta 7.01 (Greengrass)
"Totalcmd" = Total Commander (Remove or Repair)
"Update Service" = Update Service
"Virtual Sky 5" = Virtual Sky 5
"Virtualdub 1.4.9" = Virtualdub 1.4.9
"VLC media player" = VLC media player 0.9.4
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Winamp" = Winamp (remove only)
"WINCNT" = WinCNT
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinGTK-2_is1" = GTK+ 2.10.11 runtime environment
"WinRAR archiver" = WinRAR Archivierer
"winusb0200" = Microsoft WinUsb 2.0
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"xp-AntiSpy" = xp-AntiSpy 3.95-1
"XviD" = XviD MPEG-4 Codec
"Xvid_is1" = Xvid 1.2.2 final uninstall
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 12.10.2012 03:00:18 | Computer Name = KAROOSU-II | Source = STCAgent | ID = 50331650
Description = Termination reason code 10 [FAST_USER_SWITCH]
 
Error - 12.10.2012 04:45:41 | Computer Name = KAROOSU-II | Source = STCAgent | ID = 50331650
Description = Termination reason code 10 [FAST_USER_SWITCH]
 
Error - 12.10.2012 16:07:39 | Computer Name = KAROOSU-II | Source = STCAgent | ID = 50331650
Description = Termination reason code 10 [FAST_USER_SWITCH]
 
Error - 13.10.2012 11:59:03 | Computer Name = KAROOSU-II | Source = STCAgent | ID = 50331650
Description = Termination reason code 10 [FAST_USER_SWITCH]
 
Error - 14.10.2012 09:21:11 | Computer Name = KAROOSU-II | Source = STCAgent | ID = 50331650
Description = Termination reason code 10 [FAST_USER_SWITCH]
 
Error - 15.10.2012 03:57:09 | Computer Name = KAROOSU-II | Source = STCAgent | ID = 50331650
Description = Termination reason code 10 [FAST_USER_SWITCH]
 
Error - 15.10.2012 05:25:03 | Computer Name = KAROOSU-II | Source = VSS | ID = 12305
Description = Volumeschattenkopie-Dienstfehler: Volume bzw. Datenträger ist nicht
 richtig angeschlossen oder wurde nicht gefunden.  Fehlerkontext: DeviceIoControl(000001D4,0x00534194,00000000,0,0003BC68,4096,[0]).
 
Error - 15.10.2012 10:52:25 | Computer Name = KAROOSU-II | Source = STCAgent | ID = 50331650
Description = Termination reason code 10 [FAST_USER_SWITCH]
 
Error - 15.10.2012 11:09:03 | Computer Name = KAROOSU-II | Source = STCAgent | ID = 50331650
Description = Termination reason code 10 [FAST_USER_SWITCH]
 
Error - 15.10.2012 11:31:55 | Computer Name = KAROOSU-II | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung explorer.exe, Version 6.0.2900.2649, fehlgeschlagenes
 Modul , Version 0.0.0.0, Fehleradresse 0x00000000.
 
[ OSession Events ]
Error - 25.07.2012 08:42:32 | Computer Name = KAROOSU-II | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 174
 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 15.10.2012 13:30:11 | Computer Name = KAROOSU-II | Source = Service Control Manager | ID = 7023
Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem 
Fehler beendet:   %%127
 
Error - 15.10.2012 13:35:12 | Computer Name = KAROOSU-II | Source = Service Control Manager | ID = 7023
Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem 
Fehler beendet:   %%127
 
Error - 15.10.2012 13:40:12 | Computer Name = KAROOSU-II | Source = Service Control Manager | ID = 7023
Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem 
Fehler beendet:   %%127
 
Error - 15.10.2012 13:45:12 | Computer Name = KAROOSU-II | Source = Service Control Manager | ID = 7023
Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem 
Fehler beendet:   %%127
 
Error - 15.10.2012 13:50:12 | Computer Name = KAROOSU-II | Source = Service Control Manager | ID = 7023
Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem 
Fehler beendet:   %%127
 
Error - 15.10.2012 13:55:12 | Computer Name = KAROOSU-II | Source = Service Control Manager | ID = 7023
Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem 
Fehler beendet:   %%127
 
Error - 15.10.2012 13:58:47 | Computer Name = KAROOSU-II | Source = Service Control Manager | ID = 7023
Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem 
Fehler beendet:   %%127
 
Error - 15.10.2012 14:00:42 | Computer Name = KAROOSU-II | Source = Service Control Manager | ID = 7023
Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem 
Fehler beendet:   %%127
 
Error - 15.10.2012 14:05:42 | Computer Name = KAROOSU-II | Source = Service Control Manager | ID = 7023
Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem 
Fehler beendet:   %%127
 
Error - 15.10.2012 14:11:12 | Computer Name = KAROOSU-II | Source = Service Control Manager | ID = 7023
Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem 
Fehler beendet:   %%127
 
[ TuneUp Events ]
Error - 08.04.2011 18:16:29 | Computer Name = NAME-BB02E5F58F | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 08.04.2011 18:16:29 | Computer Name = NAME-BB02E5F58F | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 08.04.2011 18:16:29 | Computer Name = NAME-BB02E5F58F | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
 
< End of report >
         
Code:
ATTFilter
Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Datenbank Version: v2012.10.15.08

Windows XP Service Pack 2 x86 NTFS
Internet Explorer 6.0.2900.2180
User :: KAROOSU-II [Administrator]

15.10.2012 18:35:58
mbam-log-2012-10-15 (19-23-16).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 231883
Laufzeit: 46 Minute(n), 33 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 3
C:\WINDOWS\Temp\BRw1PjXk.exe.part (PUP.Adware.MediaGet) -> Keine Aktion durchgeführt.
C:\WINDOWS\Temp\ouivgbv.exe (Trojan.Agent.PS) -> Keine Aktion durchgeführt.
C:\boot.bin (Malware.Trace) -> Keine Aktion durchgeführt.

(Ende)
         

Alt 16.10.2012, 11:01   #2
Psychotic
/// Malwareteam
 
Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt - Standard

Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt





Mein Name ist Marius und ich werde dir bei deinem Problem helfen.

Eines vorneweg:

Hinweis: Wir können hier nie dafür garantieren, dass wir sämtliche Reste von Schadsoftware gefunden haben. Eine Formatierung ist meist der schnellste und immer der sicherste Weg.

Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass dein Rechner clean ist.

Eine Bereinigung ist mitunter mit viel Arbeit für dich verbunden.
  1. Bitte arbeite alle Schritte der Reihe nach ab.
  2. Lese die Anleitungen sorgfältig. Solltest du irgendwo nicht weiterkommen, stoppe an diesem Punkt und beschreibe dein Problem hier!
  3. Nur Scans durchführen, zu denen du von einem Helfer aufgefordert wirst.
  4. Bitte kein Crossposting (posten in mehreren Foren) - wenn du die Anweisungen mehrere Helfer ausführst, kann das schwere Probleme nach sich ziehen!.
  5. Installiere oder Deinstalliere während der Bereinigung keine Software (ausser, du wurdest dazu aufgefordert).
  6. Wenn etwas unklar ist: Frage, bevor du etwas "blind" machst!

    ...und ganz wichtig:

  7. Poste die Logfiles mit code-tags (das #-Symbol oben im Antwortfenster) in deinen Thread! Nicht anhängen, außer, ich fordere dich dazu auf. (Erschwert mir nämlich das Auswerten).


Vista und Win7 User
Alle Tools mit Rechtsklick --> "als Administrator ausführen" starten.


Zitat:
[C:\WINDOWS\$NtUninstallKB22607$] -> Error: Cannot create file handle -> Unknown point type
Auf dem Rechner läuft das ZeroAccess-Rootkit. Das wird "lustig"...



Schritt 1: TeaTimer deaktivieren


Mit laufendem TeaTimer von Spybot Search&Destroy lässt sich keine Reinigung durchführen, da er alle gelöschten Einträge wiederherstellt.

Der Teatimer muss also während der Reinigungsarbeiten abgestellt werden.
  • Starte Spybot Search&Destroy
  • aktiviere im Menü unter Modus den Erweiterten Modus.
  • klicke links unten auf Werkzeuge => Resident
  • entferne den Haken bei "TeaTimer" (Schutz aller Systemeinstellungen)
  • schließe Spybot Search&Destroy
  • Starte deinen Rechner neu

Hinweis: lasse den Teatimer so lange ausgeschaltet, bis wir mit der Reinigung fertig sind


Schritt 2: Filesharing deinstallieren


Ich sehe, dass Du sogenannte Peer to Peer oder Filesharing Programme verwendest. In deinem Fall BitTorrent.

Diese Programme erlauben es Dir, Daten mit anderen Usern auszutauschen. Leider ist auch p2p oder Filesharing nicht ausgenommen, infizierte Dateien zu verteilen und dies ist auch ein Grund warum sich Malware so schnell verbreitet. Es ist also möglich, dass Du Dir eine Infizierte Datei herunterladest. Du kannst niemals wissen, woher diese stammen. Daher sollte diese Art Software mit äußerster Vorsicht benutzt werden. Ein ebenfalls wichtiger Punkt ist, dass das Verbreiten von Media und Entertainment Dateien in den meisten Ländern der Welt gegen Copyright Rechte verstößt. Natürlich gibt es auch einen legalen Weg zur Nutzung dieses Service, zum Beispiel zum Downloaden von Linux oder Open Office. Denoch würde ich Dich ersuchen, diese Art von Software nicht weiterhin zu verwenden.

Bitte gehe zu Start --> Systemsteuerung --> Software und deinstalliere die oben erwähnte Software. Bitte gib Bescheid wenn Du eines der gelisteten Programme nicht finden kannst.
__________________

__________________

Alt 16.10.2012, 12:10   #3
5CB
 
Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt - Standard

Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt



Hallo Marius,

danke, dass du mir hilfst.
Spybot habe ich wie von dir beschrieben deaktiviert. Bittorrent hab ich deinstalliert.

Zitat:
Zitat:
[C:\WINDOWS\$NtUninstallKB22607$] -> Error: Cannot create file handle -> Unknown point type
Auf dem Rechner läuft das ZeroAccess-Rootkit. Das wird "lustig"...
das heißt? trotzdem machbar?

Martin
__________________

Alt 16.10.2012, 12:12   #4
Psychotic
/// Malwareteam
 
Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt - Standard

Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt



Machbar, ja...aber weil das ein mächtiges und unberechenbares rootkit ist, kann das ein wenig knifflig werden!


Schritt 1: aswMBR


Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung) Vista und Win7 User mit Rechtsklick "als Admininstartor starten"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. ( Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen ) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.




Schritt 2: Scan mit TDSS-Killer



Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen. Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und speichere das Logfile. TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern ( Meistens C:\ ) Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt
Poste den Inhalt bitte hier in deinen Thread.
__________________
Kein Asylrecht für Trojaner!

Proud Member of UNITE

Hinweis: Ich bin nur werktags erreichbar!
Anfragen über PM werden ignoriert!

Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board!

Alt 16.10.2012, 14:14   #5
5CB
 
Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt - Standard

Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt



Hier zunächst das Log-File des aswMBR-scans.
Code:
ATTFilter
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-16 13:25:44
-----------------------------
13:25:44.468    OS Version: Windows 5.1.2600 Service Pack 2
13:25:44.468    Number of processors: 1 586 0x2402
13:25:44.468    ComputerName: KAROOSU-II  UserName: User
13:25:46.781    Initialize success
13:34:39.828    AVAST engine defs: 12101600
13:34:54.437    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
13:34:54.437    Disk 0 Vendor: SAMSUNG_MP0804H UE100-14 Size: 76319MB BusType: 3
13:34:54.531    Disk 0 MBR read successfully
13:34:54.531    Disk 0 MBR scan
13:34:57.125    Disk 0 Windows XP default MBR code
13:34:57.171    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS        76316 MB offset 63
13:34:58.078    Disk 0 scanning sectors +156296385
13:34:58.640    Disk 0 scanning C:\WINDOWS\system32\drivers
13:35:24.625    File: C:\WINDOWS\system32\drivers\khips.sys  **INFECTED** Win32:Sirefef-AMS [Rtk]
13:35:57.296    Disk 0 trace - called modules:
13:35:57.328    ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x8492f698]<<
13:35:57.328    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8557dab8]
13:35:57.328    3 CLASSPNP.SYS[f750305b] -> nt!IofCallDriver -> [0x85343930]
13:35:57.687    \Driver\00002914[0x8541d8b0] -> IRP_MJ_CREATE -> 0x8492f698
13:35:58.718    AVAST engine scan C:\WINDOWS
13:36:23.562    AVAST engine scan C:\WINDOWS\system32
13:48:26.781    AVAST engine scan C:\WINDOWS\system32\drivers
13:48:48.703    File: C:\WINDOWS\system32\drivers\khips.sys  **INFECTED** Win32:Sirefef-AMS [Rtk]
13:49:23.312    AVAST engine scan C:\Dokumente und Einstellungen\User
14:53:48.437    AVAST engine scan C:\Dokumente und Einstellungen\All Users
14:59:25.812    Scan finished successfully
15:15:42.734    Disk 0 MBR has been saved successfully to "C:\Dokumente und Einstellungen\User\Desktop\MBR.dat"
15:15:42.859    The log file has been saved successfully to "C:\Dokumente und Einstellungen\User\Desktop\aswMBR.txt"
         
Scan mit TDSS-Killer werde ich nun durchführen und das Ergebnis ebenfalls posten.

Ok, das ging ja fix:

Code:
ATTFilter
15:20:27.0468 3016  TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
15:20:27.0671 3016  ============================================================
15:20:27.0671 3016  Current date / time: 2012/10/16 15:20:27.0671
15:20:27.0671 3016  SystemInfo:
15:20:27.0671 3016  
15:20:27.0671 3016  OS Version: 5.1.2600 ServicePack: 2.0
15:20:27.0671 3016  Product type: Workstation
15:20:27.0671 3016  ComputerName: KAROOSU-II
15:20:27.0671 3016  UserName: User
15:20:27.0671 3016  Windows directory: C:\WINDOWS
15:20:27.0671 3016  System windows directory: C:\WINDOWS
15:20:27.0671 3016  Processor architecture: Intel x86
15:20:27.0671 3016  Number of processors: 1
15:20:27.0671 3016  Page size: 0x1000
15:20:27.0671 3016  Boot type: Normal boot
15:20:27.0671 3016  ============================================================
15:20:30.0296 3016  Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
15:20:30.0328 3016  ============================================================
15:20:30.0328 3016  \Device\Harddisk0\DR0:
15:20:30.0343 3016  MBR partitions:
15:20:30.0343 3016  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950E482
15:20:30.0343 3016  ============================================================
15:20:30.0406 3016  C: <-> \Device\Harddisk0\DR0\Partition1
15:20:30.0421 3016  ============================================================
15:20:30.0421 3016  Initialize success
15:20:30.0421 3016  ============================================================
15:20:37.0328 2320  ============================================================
15:20:37.0328 2320  Scan started
15:20:37.0328 2320  Mode: Manual; 
15:20:37.0328 2320  ============================================================
15:20:38.0250 2320  ================ Scan system memory ========================
15:20:42.0015 2320  System memory - ok
15:20:42.0015 2320  ================ Scan services =============================
15:20:42.0203 2320  [ A6F2BE018400EE84231AC34C2F359491 ] 6to4            C:\WINDOWS\System32\6to4svc.dll
15:20:42.0218 2320  6to4 - ok
15:20:42.0265 2320  Abiosdsk - ok
15:20:42.0281 2320  abp480n5 - ok
15:20:42.0328 2320  [ 94B4741D2CF9ED38140B831293D1601A ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:20:42.0343 2320  ACPI - ok
15:20:42.0421 2320  [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC          C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
15:20:42.0421 2320  ACPIEC - ok
15:20:42.0484 2320  [ 6463D1DB354B13E6CED4D67F6E4910F4 ] actser          C:\WINDOWS\system32\drivers\actser.sys
15:20:42.0484 2320  actser - ok
15:20:42.0609 2320  [ 6D182C31ACF16213407F2768F1107FE3 ] Adobe LM Service C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
15:20:42.0671 2320  Adobe LM Service - ok
15:20:42.0687 2320  adpu160m - ok
15:20:42.0750 2320  [ 841F385C6CFAF66B58FBD898722BB4F0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
15:20:42.0765 2320  aec - ok
15:20:42.0812 2320  [ 6A0397376853E604DE8E1E7A87FC08AC ] AFD             C:\WINDOWS\System32\drivers\afd.sys
15:20:42.0828 2320  AFD - ok
15:20:42.0843 2320  Aha154x - ok
15:20:42.0859 2320  aic78u2 - ok
15:20:42.0890 2320  aic78xx - ok
15:20:43.0078 2320  [ BEA942FF21154FEE4F71DDD477621C70 ] ALCXWDM         C:\WINDOWS\system32\drivers\ALCXWDM.SYS
15:20:43.0187 2320  ALCXWDM - ok
15:20:43.0250 2320  [ 1AAB6C5F8376357CB9B16C38C42C4076 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
15:20:43.0250 2320  Alerter - ok
15:20:43.0296 2320  [ 6596DD260FFDE1BDC994C1DF236307BB ] ALG             C:\WINDOWS\System32\alg.exe
15:20:43.0296 2320  ALG - ok
15:20:43.0312 2320  AliIde - ok
15:20:43.0375 2320  [ A2D5F093F9CB160C183C77015704F156 ] AmdK8           C:\WINDOWS\system32\DRIVERS\AmdK8.sys
15:20:43.0375 2320  AmdK8 - ok
15:20:43.0390 2320  amsint - ok
15:20:43.0468 2320  [ C27D46B06D340293670450FCE9DFB166 ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
15:20:43.0484 2320  AntiVirSchedulerService - ok
15:20:43.0546 2320  [ 72D90E56563165984224493069C69ED4 ] AntiVirService  C:\Programme\Avira\AntiVir Desktop\avguard.exe
15:20:43.0562 2320  AntiVirService - ok
15:20:43.0593 2320  AppMgmt - ok
15:20:43.0671 2320  [ D4E7ED3AE224C851B08F3A3A85C37E88 ] AR5211          C:\WINDOWS\system32\DRIVERS\ar5211.sys
15:20:43.0703 2320  AR5211 - ok
15:20:43.0750 2320  [ F0D692B0BFFB46E30EB3CEA168BBC49F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
15:20:43.0765 2320  Arp1394 - ok
15:20:43.0781 2320  asc - ok
15:20:43.0796 2320  asc3350p - ok
15:20:43.0812 2320  asc3550 - ok
15:20:43.0984 2320  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:20:44.0125 2320  aspnet_state - ok
15:20:44.0171 2320  [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:20:44.0171 2320  AsyncMac - ok
15:20:44.0234 2320  [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
15:20:44.0234 2320  atapi - ok
15:20:44.0250 2320  Atdisk - ok
15:20:44.0359 2320  [ 6BDB117F5CF40FE91FF50E1BB3F28184 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
15:20:44.0406 2320  Ati HotKey Poller - ok
15:20:44.0531 2320  [ E9EBF7DCA6C5EB9C597035A10A5A6A1B ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
15:20:44.0687 2320  ati2mtag - ok
15:20:44.0765 2320  [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:20:44.0796 2320  Atmarpc - ok
15:20:44.0859 2320  [ 523CA82A8810F4354E6425406AFBC130 ] ATMsrvc         C:\WINDOWS\System32\ATMsrvc.exe
15:20:44.0859 2320  ATMsrvc - ok
15:20:44.0937 2320  [ E98B8250398F6637B335A76BA8DFB602 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
15:20:44.0937 2320  AudioSrv - ok
15:20:45.0000 2320  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
15:20:45.0000 2320  audstub - ok
15:20:45.0062 2320  [ 0B497C79824F8E1BF22FA6AACD3DE3A0 ] avgio           C:\Programme\Avira\AntiVir Desktop\avgio.sys
15:20:45.0093 2320  avgio - ok
15:20:45.0171 2320  [ 1E4114685DE1FFA9675E09C6A1FB3F4B ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
15:20:45.0171 2320  avgntflt - ok
15:20:45.0218 2320  [ 0F78D3DAE6DEDD99AE54C9491C62ADF2 ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
15:20:45.0234 2320  avipbb - ok
15:20:45.0296 2320  [ 077B3692F4376D1539755761FEEF659A ] AVMUNET         C:\WINDOWS\system32\DRIVERS\avmunet.sys
15:20:45.0296 2320  AVMUNET - ok
15:20:45.0375 2320  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
15:20:45.0375 2320  Beep - ok
15:20:45.0421 2320  [ D8653DCD80CF2EBB333FC4FCC43A7DEF ] Browser         C:\WINDOWS\System32\browser.dll
15:20:45.0421 2320  Browser - ok
15:20:45.0484 2320  [ D24B8D1784C68A25060FFFBE8ED34B76 ] BthEnum         C:\WINDOWS\system32\DRIVERS\BthEnum.sys
15:20:45.0484 2320  BthEnum - ok
15:20:45.0546 2320  [ 9DF0ADF74CE1D6371ED60CF92EB1D9A6 ] BTHMODEM        C:\WINDOWS\system32\DRIVERS\bthmodem.sys
15:20:45.0546 2320  BTHMODEM - ok
15:20:45.0609 2320  [ 10355270BE12641B9764235DA39DCF0F ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys
15:20:45.0609 2320  BthPan - ok
15:20:45.0687 2320  [ 3A7A07B55ADC58E2001537EB6E0A980D ] BTHPORT         C:\WINDOWS\system32\Drivers\BTHport.sys
15:20:45.0703 2320  BTHPORT - ok
15:20:45.0765 2320  [ 822D1875B12B6219CECE1D221349CEF4 ] BthServ         C:\WINDOWS\System32\bthserv.dll
15:20:45.0765 2320  BthServ - ok
15:20:45.0781 2320  [ F06D4CB9918B462A84D9AC00027EFC30 ] BTHUSB          C:\WINDOWS\system32\Drivers\BTHUSB.sys
15:20:45.0781 2320  BTHUSB - ok
15:20:45.0828 2320  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
15:20:45.0828 2320  cbidf2k - ok
15:20:45.0875 2320  [ 6163ED60B684BAB19D3352AB22FC48B2 ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
15:20:45.0890 2320  CCDECODE - ok
15:20:45.0906 2320  cd20xrnt - ok
15:20:45.0953 2320  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
15:20:45.0953 2320  Cdaudio - ok
15:20:46.0000 2320  [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
15:20:46.0000 2320  Cdfs - ok
15:20:46.0062 2320  [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:20:46.0062 2320  Cdrom - ok
15:20:46.0078 2320  Changer - ok
15:20:46.0140 2320  [ 234D52C63C67A8CF4AF9BECCE43BFB4A ] CiSvc           C:\WINDOWS\system32\cisvc.exe
15:20:46.0140 2320  CiSvc - ok
15:20:46.0187 2320  [ 0461868578D29DC18FB1C79933C5158A ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
15:20:46.0187 2320  ClipSrv - ok
15:20:46.0250 2320  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:20:46.0406 2320  clr_optimization_v2.0.50727_32 - ok
15:20:46.0453 2320  [ 4266BE808F85826AEDF3C64C1E240203 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
15:20:46.0453 2320  CmBatt - ok
15:20:46.0484 2320  CmdIde - ok
15:20:46.0546 2320  [ E9BD8DB1D7F5014DB5F4A82DF96BD83D ] CMIUSB          C:\WINDOWS\system32\Drivers\MC1001200130012001B\cmiusb.sys
15:20:46.0546 2320  CMIUSB - ok
15:20:46.0578 2320  [ DF1B1A24BF52D0EBC01ED4ECE8979F50 ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
15:20:46.0578 2320  Compbatt - ok
15:20:46.0609 2320  COMSysApp - ok
15:20:46.0625 2320  Cpqarray - ok
15:20:46.0671 2320  [ 1A5F9DB98DF7955B4C7CBDBF2C638238 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
15:20:46.0687 2320  CryptSvc - ok
15:20:46.0734 2320  [ B90B0A61045DB0C63487D1995F957680 ] CSVirtA         C:\WINDOWS\system32\DRIVERS\CSVirtA.sys
15:20:46.0734 2320  CSVirtA - ok
15:20:46.0796 2320  [ DBD89BC0DBE00DCD245BE8F61DBEE291 ] cvintdrv        C:\WINDOWS\system32\drivers\cvintdrv.sys
15:20:46.0796 2320  cvintdrv - ok
15:20:46.0843 2320  [ 5C706C06C1279952D2CC1A609CA948BF ] CVirtA          C:\WINDOWS\system32\DRIVERS\CVirtA.sys
15:20:46.0843 2320  CVirtA - ok
15:20:46.0859 2320  dac2w2k - ok
15:20:46.0875 2320  dac960nt - ok
15:20:46.0953 2320  [ 8AFBC2E1E5555A1C29953AF854F0FCA5 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
15:20:47.0046 2320  DcomLaunch - ok
15:20:47.0093 2320  [ A1B414D2AA66A71146371539444BE45D ] DFSTR2K         C:\WINDOWS\system32\DRIVERS\DFSTOR2K.SYS
15:20:47.0093 2320  DFSTR2K - ok
15:20:47.0156 2320  [ 69F986B2688BA95A0D9362B0E233D5FF ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
15:20:47.0156 2320  Dhcp - ok
15:20:47.0218 2320  [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
15:20:47.0218 2320  Disk - ok
15:20:47.0250 2320  dmadmin - ok
15:20:47.0328 2320  [ 5789B83BA87FC84C3568CF86CACEF8CE ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
15:20:47.0390 2320  dmboot - ok
15:20:47.0453 2320  [ 084EB0A50A4F7B4705C8A57F234E5291 ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
15:20:47.0453 2320  dmio - ok
15:20:47.0500 2320  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
15:20:47.0500 2320  dmload - ok
15:20:47.0546 2320  [ FA2D9D1A9F6B5A88D01E1685CE2378BA ] dmserver        C:\WINDOWS\System32\dmserver.dll
15:20:47.0546 2320  dmserver - ok
15:20:47.0609 2320  [ A6F881284AC1150E37D9AE47FF601267 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
15:20:47.0609 2320  DMusic - ok
15:20:47.0671 2320  [ 2EDDBB3EF1DD5A28CB07C149D36E7286 ] DNE             C:\WINDOWS\system32\DRIVERS\dne2000.sys
15:20:47.0671 2320  DNE - ok
15:20:47.0718 2320  [ D1F5B71BBAEEE07B78980DBD878C0BC7 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
15:20:47.0718 2320  Dnscache - ok
15:20:47.0750 2320  dpti2o - ok
15:20:47.0781 2320  [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
15:20:47.0781 2320  drmkaud - ok
15:20:47.0828 2320  [ 877A4512CC9074D6954776AF47021766 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
15:20:47.0828 2320  ERSvc - ok
15:20:47.0890 2320  [ A07CA23EA361A01E627D911CF139B950 ] Eventlog        C:\WINDOWS\system32\services.exe
15:20:47.0906 2320  Eventlog - ok
15:20:47.0968 2320  [ D68ED3908C7A0DB446111D34AC40DC18 ] EventSystem     C:\WINDOWS\system32\es.dll
15:20:47.0984 2320  EventSystem - ok
15:20:48.0031 2320  [ A52794C010C6DF5B4BC70C4AB5E04088 ] ewusbnet        C:\WINDOWS\system32\DRIVERS\ewusbnet.sys
15:20:48.0046 2320  ewusbnet - ok
15:20:48.0093 2320  [ 57C171EA22F0A7F068FCB0CAEDD1E8E7 ] ew_hwusbdev     C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys
15:20:48.0093 2320  ew_hwusbdev - ok
15:20:48.0156 2320  [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
15:20:48.0156 2320  Fastfat - ok
15:20:48.0218 2320  [ BAC5F7F0C2B8C1B9832594851E0F9914 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
15:20:48.0218 2320  FastUserSwitchingCompatibility - ok
15:20:48.0296 2320  [ 030DEF1B6AD98FA70A51C9994DABC924 ] Fax             C:\WINDOWS\system32\fxssvc.exe
15:20:48.0328 2320  Fax - ok
15:20:48.0343 2320  [ CED2E8396A8838E59D8FD529C680E02C ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
15:20:48.0343 2320  Fdc - ok
15:20:48.0406 2320  [ 9E9AF89F9B14AA6249065C309CE73BD8 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
15:20:48.0406 2320  Fips - ok
15:20:48.0453 2320  [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
15:20:48.0453 2320  Flpydisk - ok
15:20:48.0531 2320  [ 157754F0DF355A9E0A6F54721914F9C6 ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
15:20:48.0531 2320  FltMgr - ok
15:20:48.0625 2320  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:20:48.0687 2320  FontCache3.0.0.0 - ok
15:20:48.0750 2320  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:20:48.0750 2320  Fs_Rec - ok
15:20:48.0781 2320  [ 8672947AEEC467DC5907BA024BAF06EF ] FTDIBUS         C:\WINDOWS\system32\drivers\ftdibus.sys
15:20:48.0781 2320  FTDIBUS - ok
15:20:48.0859 2320  [ 8F1955CE42E1484714B542F341647778 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:20:48.0859 2320  Ftdisk - ok
15:20:48.0906 2320  [ E51EC9D232494C0713E0A0938DD9C893 ] FTLUND          C:\WINDOWS\system32\drivers\ftlund.sys
15:20:48.0906 2320  FTLUND - ok
15:20:48.0937 2320  [ 1BAEA6F4A629ABCBD87267C2C732C982 ] FTSER2K         C:\WINDOWS\system32\drivers\ftser2k.sys
15:20:48.0937 2320  FTSER2K - ok
15:20:49.0000 2320  [ 3A3929B7A0EEEF83DF3A6C81E43A1FA9 ] fwdrv           C:\WINDOWS\system32\drivers\fwdrv.sys
15:20:49.0015 2320  fwdrv - ok
15:20:49.0062 2320  [ 0879DC7444A201DF84E69C5DD5083D61 ] getPlusHelper   C:\Programme\NOS\bin\getPlus_Helper.dll
15:20:49.0328 2320  getPlusHelper - ok
15:20:49.0390 2320  [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:20:49.0390 2320  Gpc - ok
15:20:49.0437 2320  [ D220B8EBC4149E266AD9157B5A981AC0 ] gpib420         C:\WINDOWS\system32\drivers\gpib420.sys
15:20:49.0437 2320  gpib420 - ok
15:20:49.0515 2320  [ DE10DC1E0E954FCCFA61B6C92C83A091 ] GpibPrtK        C:\WINDOWS\system32\drivers\gpibprtk.sys
15:20:49.0515 2320  GpibPrtK - ok
15:20:49.0609 2320  [ BA85BCF1A2BCF927C3600574173403E0 ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:20:49.0609 2320  helpsvc - ok
15:20:49.0656 2320  [ B647CA198B9C73056ABFB0A9D8F4916D ] HidServ         C:\WINDOWS\System32\hidserv.dll
15:20:49.0656 2320  HidServ - ok
15:20:49.0734 2320  [ 1DE6783B918F540149AA69943BDFEBA8 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:20:49.0734 2320  HidUsb - ok
15:20:49.0781 2320  [ 0573480A26DB723364C65373094CF73C ] HOSTNT          C:\WINDOWS\system32\drivers\HOSTNT.sys
15:20:49.0781 2320  HOSTNT - ok
15:20:49.0828 2320  [ 8B566EA71D5B76157A9CDB78F25A5731 ] Hotkey          C:\WINDOWS\system32\drivers\Hotkey.sys
15:20:49.0828 2320  Hotkey - ok
15:20:49.0859 2320  hpn - ok
15:20:49.0906 2320  [ 9F1D80908658EB7F1BF70809E0B51470 ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys
15:20:49.0906 2320  HPZid412 - ok
15:20:49.0953 2320  [ F7E3E9D50F9CD3DE28085A8FDAA0A1C3 ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
15:20:49.0953 2320  HPZipr12 - ok
15:20:50.0015 2320  [ CF1B7951B4EC8D13F3C93B74BB2B461B ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
15:20:50.0015 2320  HPZius12 - ok
15:20:50.0078 2320  [ 13D4B70BF2F9BC550E9079DA864D3EC1 ] HSFHWATI        C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys
15:20:50.0093 2320  HSFHWATI - ok
15:20:50.0156 2320  [ DFA8F86C0DBCA7DB948043AA3BE6793B ] HSF_DP          C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
15:20:50.0218 2320  HSF_DP - ok
15:20:50.0281 2320  [ 9F8B0F4276F618964FD118BE4289B7CD ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
15:20:50.0312 2320  HTTP - ok
15:20:50.0359 2320  [ 9EC7E866BBDBF3ECC0E67F4E0A838EB2 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
15:20:50.0375 2320  HTTPFilter - ok
15:20:50.0421 2320  [ BED3A9F86A637CC6C2C5296CD82423D8 ] huawei_enumerator C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys
15:20:50.0437 2320  huawei_enumerator - ok
15:20:50.0484 2320  [ 1F40368DC40B17DE3FA0FBE8A9D82F9E ] hwdatacard      C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
15:20:50.0484 2320  hwdatacard - ok
15:20:50.0625 2320  HWDeviceService.exe - ok
15:20:50.0687 2320  [ 448BB2FE30F1DDE9EAA4F0E87B52B687 ] hwinterface     C:\WINDOWS\system32\Drivers\hwinterface.sys
15:20:50.0687 2320  hwinterface - ok
15:20:50.0703 2320  i2omgmt - ok
15:20:50.0734 2320  i2omp - ok
15:20:50.0781 2320  [ 7C575018D0413440D75432A78B88C899 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:20:50.0796 2320  i8042prt - ok
15:20:50.0859 2320  [ BDCE6B54E1D7D8399175A83A02274B7A ] iaStor          C:\WINDOWS\system32\drivers\iaStor.sys
15:20:50.0906 2320  iaStor - ok
15:20:51.0125 2320  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:20:51.0390 2320  idsvc - ok
15:20:51.0437 2320  [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
15:20:51.0437 2320  Imapi - ok
15:20:51.0484 2320  [ 57D7267A9ED91ECAF4336B08C9628FCA ] ImapiService    C:\WINDOWS\system32\imapi.exe
15:20:51.0484 2320  ImapiService - ok
15:20:51.0515 2320  ini910u - ok
15:20:51.0531 2320  IntelIde - ok
15:20:51.0593 2320  [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
15:20:51.0593 2320  Ip6Fw - ok
15:20:51.0640 2320  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:20:51.0640 2320  IpFilterDriver - ok
15:20:51.0687 2320  [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:20:51.0687 2320  IpInIp - ok
15:20:51.0734 2320  [ E2168CBC7098FFE963C6F23F472A3593 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:20:51.0750 2320  IpNat - ok
15:20:51.0796 2320  [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:20:51.0796 2320  IPSec - ok
15:20:51.0859 2320  [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
15:20:51.0859 2320  IRENUM - ok
15:20:51.0937 2320  [ CE9B7AFDF0A3D7DD8D1487262316B959 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:20:51.0937 2320  isapnp - ok
15:20:52.0078 2320  [ A12175F063302CD68F8FC6D572D7E5FD ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
15:20:52.0078 2320  JavaQuickStarterService - ok
15:20:52.0140 2320  [ B128FC0A5CD83F669D5DE4B58F77C7D6 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:20:52.0140 2320  Kbdclass - ok
15:20:52.0203 2320  [ 7EC877AA899323B92874FE62C7DDCDE7 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
15:20:52.0203 2320  kbdhid - ok
15:20:52.0234 2320  [ 406441109101895BCE2C934434DE2F25 ] khips           C:\WINDOWS\system32\drivers\khips.sys
15:20:52.0234 2320  Suspicious file (Forged): C:\WINDOWS\system32\drivers\khips.sys. Real md5: 406441109101895BCE2C934434DE2F25, Fake md5: D44C0F4FC254344BAD74581632339963
15:20:52.0250 2320  khips ( Virus.Win32.ZAccess.aml ) - infected
15:20:52.0250 2320  khips - detected Virus.Win32.ZAccess.aml (0)
15:20:52.0312 2320  [ 859C2200E6123CE8BCAE7CE2CC84E93E ] Kithara-Ksts7   C:\WINDOWS\system32\Ksts7.sys
15:20:52.0359 2320  Kithara-Ksts7 - ok
15:20:52.0406 2320  [ D93CAD07C5683DB066B0B2D2D3790EAD ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
15:20:52.0421 2320  kmixer - ok
15:20:52.0453 2320  [ 1BE7CC2535D760AE4D481576EB789F24 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
15:20:52.0468 2320  KSecDD - ok
15:20:52.0515 2320  [ 2865FA4ED4471929881C053A6E5A85F6 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
15:20:52.0531 2320  lanmanserver - ok
15:20:52.0578 2320  [ F716A6F5BABB6DA60C0532510AB52245 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
15:20:52.0593 2320  lanmanworkstation - ok
15:20:52.0609 2320  lbrtfdc - ok
15:20:52.0734 2320  [ 47A111A4DC0D67DA431DF9F91EE09682 ] LkCitadelServer C:\WINDOWS\system32\lkcitdl.exe
15:20:52.0781 2320  LkCitadelServer - ok
15:20:52.0812 2320  [ 405F1B0B939D362736A7F6583FB057C4 ] lkClassAds      C:\WINDOWS\system32\lkads.exe
15:20:52.0812 2320  lkClassAds - ok
15:20:52.0843 2320  [ 8A18F0674712F9D99848875666A0E599 ] lkTimeSync      C:\WINDOWS\system32\lktsrv.exe
15:20:52.0843 2320  lkTimeSync - ok
15:20:52.0906 2320  [ 4C25FADD7FE1D5BD779B20D3D0EB8D7C ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
15:20:52.0906 2320  LmHosts - ok
15:20:52.0968 2320  [ AD1A428085F6499AFC085DB14E6C2EBC ] lvalarmk        C:\WINDOWS\system32\drivers\lvalarmk.dll
15:20:52.0968 2320  lvalarmk - ok
15:20:52.0984 2320  mailKmd - ok
15:20:53.0078 2320  [ 11F714F85530A2BD134074DC30E99FCA ] MDM             C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
15:20:53.0093 2320  MDM - ok
15:20:53.0156 2320  [ 3C318B9CD391371BED62126581EE9961 ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
15:20:53.0156 2320  mdmxsdk - ok
15:20:53.0203 2320  [ E5215AB942C5AC5F7EB0E54871D7A27C ] Messenger       C:\WINDOWS\System32\msgsvc.dll
15:20:53.0203 2320  Messenger - ok
15:20:53.0265 2320  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
15:20:53.0265 2320  mnmdd - ok
15:20:53.0312 2320  [ BB2470D20405B272EA47CA5E18F1C58E ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
15:20:53.0328 2320  mnmsrvc - ok
15:20:53.0437 2320  [ 38106C7BD34EAE89D2769AC0BA2E846B ] Mobile Partner. RunOuc C:\Programme\Mobile Partner\UpdateDog\ouc.exe
15:20:53.0468 2320  Mobile Partner. RunOuc - ok
15:20:53.0531 2320  [ 91A3DA4B12F6F1D760463A7F7857F748 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
15:20:53.0546 2320  Modem - ok
15:20:53.0609 2320  [ 71E15CA47FD947552054AFB28536268F ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:20:53.0609 2320  Mouclass - ok
15:20:53.0640 2320  [ 66A6F73C74E1791464160A7065CE711A ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:20:53.0656 2320  mouhid - ok
15:20:53.0687 2320  [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
15:20:53.0703 2320  MountMgr - ok
15:20:53.0781 2320  [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
15:20:53.0828 2320  MozillaMaintenance - ok
15:20:53.0843 2320  mraid35x - ok
15:20:53.0921 2320  [ 46EDCC8F2DB2F322C24F48785CB46366 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:20:53.0921 2320  MRxDAV - ok
15:20:54.0000 2320  [ FB6C89BB3CE282B08BDB1E3C179E1C39 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:20:54.0031 2320  MRxSmb - ok
15:20:54.0093 2320  [ D059F9C7752EF461476E83180DAA5C62 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
15:20:54.0093 2320  MSDTC - ok
15:20:54.0156 2320  [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
15:20:54.0156 2320  Msfs - ok
15:20:54.0171 2320  MSIServer - ok
15:20:54.0234 2320  [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:20:54.0234 2320  MSKSSRV - ok
15:20:54.0281 2320  [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:20:54.0281 2320  MSPCLOCK - ok
15:20:54.0312 2320  [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
15:20:54.0312 2320  MSPQM - ok
15:20:54.0359 2320  [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:20:54.0359 2320  mssmbios - ok
15:20:54.0406 2320  [ BF13612142995096AB084F2DB7F40F77 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
15:20:54.0406 2320  MSTEE - ok
15:20:54.0468 2320  [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
15:20:54.0468 2320  Mup - ok
15:20:54.0609 2320  [ 028E3BE58A83E671A349F84704F80387 ] mxssvr          C:\Programme\National Instruments\MAX\nimxs.exe
15:20:54.0609 2320  mxssvr - ok
15:20:54.0656 2320  [ 5C8DC6429C43DC6177C1FA5B76290D1A ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
15:20:54.0671 2320  NABTSFEC - ok
15:20:54.0718 2320  [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
15:20:54.0734 2320  NDIS - ok
15:20:54.0781 2320  [ 520CE427A8B298F54112857BCF6BDE15 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
15:20:54.0781 2320  NdisIP - ok
15:20:54.0843 2320  [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:20:54.0843 2320  NdisTapi - ok
15:20:54.0890 2320  [ 8D3CE6B579CDE8D37ACC690B67DC2106 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:20:54.0890 2320  Ndisuio - ok
15:20:54.0937 2320  [ 0B90E255A9490166AB368CD55A529893 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:20:54.0953 2320  NdisWan - ok
15:20:55.0000 2320  [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
15:20:55.0015 2320  NDProxy - ok
15:20:55.0031 2320  [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
15:20:55.0046 2320  NetBIOS - ok
15:20:55.0093 2320  [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
15:20:55.0093 2320  NetBT - ok
15:20:55.0125 2320  [ F4EFF57254F565F39B6029150414A0D5 ] NetDDE          C:\WINDOWS\system32\netdde.exe
15:20:55.0140 2320  NetDDE - ok
15:20:55.0156 2320  [ F4EFF57254F565F39B6029150414A0D5 ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
15:20:55.0171 2320  NetDDEdsdm - ok
15:20:55.0218 2320  [ 183805EB05BCA5A1E4AAAED4D2BE3690 ] Netlogon        C:\WINDOWS\system32\lsass.exe
15:20:55.0234 2320  Netlogon - ok
15:20:55.0312 2320  [ 1E5218FBE323C375B488318950E10FB4 ] Netman          C:\WINDOWS\System32\netman.dll
15:20:55.0312 2320  Netman - ok
15:20:55.0671 2320  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:20:55.0875 2320  NetTcpPortSharing - ok
15:20:55.0984 2320  [ 5D249C5365F819F70882570A1746C9D2 ] niarbk          C:\WINDOWS\system32\drivers\niarbk.dll
15:20:56.0015 2320  niarbk - ok
15:20:56.0046 2320  [ EC11F3561E9EF42B515839C5FEED393B ] nibffrk         C:\WINDOWS\system32\drivers\nibffrk.dll
15:20:56.0093 2320  nibffrk - ok
15:20:56.0375 2320  [ 5C5C53DB4FEF16CF87B9911C7E8C6FBC ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
15:20:56.0390 2320  NIC1394 - ok
15:20:56.0671 2320  [ 1093A51BCF319482CFB69DA8B340B0A5 ] nicanpk         C:\WINDOWS\system32\DRIVERS\nicanpk.dll
15:20:56.0687 2320  nicanpk - ok
15:20:56.0750 2320  [ 45D9C1DC06FAD0395E0861CC89700FBC ] nicdrk          C:\WINDOWS\system32\drivers\nicdrk.dll
15:20:56.0765 2320  nicdrk - ok
15:20:56.0906 2320  [ 6DEB11476814065B9A59434F266FC69D ] Nidaq32k        C:\WINDOWS\system32\drivers\Nidaq32k.sys
15:20:56.0968 2320  Nidaq32k - ok
15:20:57.0046 2320  [ 028E3BE58A83E671A349F84704F80387 ] nidevldu        C:\WINDOWS\system32\nipalsm.exe
15:20:57.0046 2320  nidevldu - ok
15:20:57.0109 2320  [ 07AF1E1DD9AA923CD3F3D5CF5EF5E27B ] nidimk          C:\WINDOWS\system32\drivers\nidimk.dll
15:20:57.0109 2320  nidimk - ok
15:20:57.0140 2320  [ D87CF93416AD39647F47F69E527C9507 ] nidmmk          C:\WINDOWS\system32\drivers\nidmmk.dll
15:20:57.0140 2320  nidmmk - ok
15:20:57.0203 2320  [ 89662F827524A030EF10BDF1EA00D74A ] nidmxfk         C:\WINDOWS\system32\drivers\nidmxfk.dll
15:20:57.0203 2320  nidmxfk - ok
15:20:57.0312 2320  [ 046609D2DF2A399AB05D17959243930A ] NIDomainService C:\Programme\National Instruments\Shared\Security\nidmsrv.exe
15:20:57.0312 2320  NIDomainService - ok
15:20:57.0484 2320  [ 19ED03F78107F2776796FA5C7AAB8835 ] nidsark         C:\WINDOWS\system32\drivers\nidsark.dll
15:20:57.0578 2320  nidsark - ok
15:20:57.0750 2320  [ 243539C91EF531C73C4CF40C9E49FE21 ] nidwgk          C:\WINDOWS\system32\drivers\nidwgk.dll
15:20:57.0828 2320  nidwgk - ok
15:20:57.0890 2320  [ 23D8891AB70CB1B6004AED1602554B16 ] niembrtk        C:\WINDOWS\system32\drivers\niembrtk.sys
15:20:57.0890 2320  niembrtk - ok
15:20:58.0031 2320  [ 73CBA5BE1EE9801118DB76C88E241FD5 ] niemrk          C:\WINDOWS\system32\drivers\niemrk.dll
15:20:58.0046 2320  niemrk - ok
15:20:58.0203 2320  [ C6A616068A91BE726F391EDF5DBB712E ] niesrk          C:\WINDOWS\system32\drivers\niesrk.dll
15:20:58.0265 2320  niesrk - ok
15:20:58.0312 2320  [ E3A20952DEF1A835A8D41D31B1E23FAA ] nifslk          C:\WINDOWS\system32\drivers\nifslk.dll
15:20:58.0328 2320  nifslk - ok
15:20:58.0390 2320  [ 8CD4C73E3E14F1C339214BDA702B67F2 ] nigplk          C:\WINDOWS\system32\drivers\nigplk.dll
15:20:58.0390 2320  nigplk - ok
15:20:58.0515 2320  [ 15A5FF7BE3412E34164734F29C9FFC97 ] nihsdrk         C:\WINDOWS\system32\drivers\nihsdrk.dll
15:20:58.0562 2320  nihsdrk - ok
15:20:58.0640 2320  [ 4DE37E30CCA8C9CC7CAE64EC4113CD48 ] niimaqk         C:\WINDOWS\system32\drivers\niimaqk.dll
15:20:58.0640 2320  niimaqk - ok
15:20:58.0921 2320  [ 7E0A2B37E28B70A3A11BA0670D6978FB ] NILM License Manager C:\Programme\National Instruments\Shared\License Manager\Bin\lmgrd.exe
15:20:59.0156 2320  NILM License Manager - ok
15:20:59.0250 2320  [ E9308B3113F88198B50CEAC72194B71D ] nimcdfxk        C:\WINDOWS\system32\drivers\nimcdfxk.dll
15:20:59.0250 2320  nimcdfxk - ok
15:20:59.0328 2320  [ CE94FC9BF9D3517D1DC1D3EF40B7F8EC ] nimcdlbk        C:\WINDOWS\system32\drivers\nimcdlbk.dll
15:20:59.0328 2320  nimcdlbk - ok
15:20:59.0375 2320  [ 028E3BE58A83E671A349F84704F80387 ] nimcdldu        C:\WINDOWS\system32\nipalsm.exe
15:20:59.0390 2320  nimcdldu - ok
15:20:59.0406 2320  [ 028E3BE58A83E671A349F84704F80387 ] nimcrpcsu       C:\WINDOWS\system32\nipalsm.exe
15:20:59.0406 2320  nimcrpcsu - ok
15:20:59.0468 2320  [ 7FFC2CA3E678D05D3B22C5DB9846F3D8 ] nimdbgk         C:\WINDOWS\system32\drivers\nimdbgk.dll
15:20:59.0468 2320  nimdbgk - ok
15:20:59.0546 2320  [ DD4B89019AB1ECA5C04757E2F7D8A9E4 ] nimdsk          C:\WINDOWS\system32\drivers\nimdsk.dll
15:20:59.0546 2320  nimdsk - ok
15:20:59.0656 2320  [ 17293237E455E79F5B15FC262EC44647 ] nimru2k         C:\WINDOWS\system32\drivers\nimru2k.dll
15:20:59.0671 2320  nimru2k - ok
15:20:59.0734 2320  [ 11A086D764C8B7B46AEFAC0A5A85B3CF ] nimsdrk         C:\WINDOWS\system32\drivers\nimsdrk.dll
15:20:59.0734 2320  nimsdrk - ok
15:20:59.0781 2320  [ 99521722C0858AB23E06855E1069C725 ] nimslk          C:\WINDOWS\system32\drivers\nimslk.dll
15:20:59.0781 2320  nimslk - ok
15:20:59.0875 2320  [ ACFD05455DF010E85E0C8A56E9C255C3 ] nimsrlk         C:\WINDOWS\system32\drivers\nimsrlk.dll
15:20:59.0890 2320  nimsrlk - ok
15:20:59.0937 2320  [ 3B42DFBD8EF619C788477DEEF36D5BD3 ] nimstsk         C:\WINDOWS\system32\drivers\nimstsk.dll
15:20:59.0953 2320  nimstsk - ok
15:21:00.0015 2320  [ 87B956CBD9B360D46D0D5B8936ABAF8F ] nimxdfk         C:\WINDOWS\system32\drivers\nimxdfk.dll
15:21:00.0015 2320  nimxdfk - ok
15:21:00.0078 2320  [ 5F903BC1B9F9E956414BBDDBA16FAC2A ] nimxpk          C:\WINDOWS\system32\drivers\nimxpk.dll
15:21:00.0078 2320  nimxpk - ok
15:21:00.0125 2320  [ 4D2D48CA86BD80AE4A6E449910201EEF ] niorbk          C:\WINDOWS\system32\drivers\niorbk.dll
15:21:00.0125 2320  niorbk - ok
15:21:00.0171 2320  [ 9E596685B0FE0EB78D429B066196F461 ] NIPALK          C:\WINDOWS\system32\drivers\nipalk.sys
15:21:00.0203 2320  NIPALK - ok
15:21:00.0265 2320  [ D91EB361C2FC2253719D4F653320FDD1 ] nipxirmk        C:\WINDOWS\system32\drivers\nipxirmk.dll
15:21:00.0265 2320  nipxirmk - ok
15:21:00.0296 2320  [ 028E3BE58A83E671A349F84704F80387 ] nipxirmu        C:\WINDOWS\system32\nipalsm.exe
15:21:00.0296 2320  nipxirmu - ok
15:21:00.0312 2320  niRTProxy - ok
15:21:00.0453 2320  [ 011786A34D27187AD3ABBD8805D57B5D ] niscdk          C:\WINDOWS\system32\drivers\niscdk.dll
15:21:00.0500 2320  niscdk - ok
15:21:00.0593 2320  [ 363CB4CB12FC75EACF9B5F88ED80F51A ] nisdigk         C:\WINDOWS\system32\drivers\nisdigk.dll
15:21:00.0609 2320  nisdigk - ok
15:21:00.0703 2320  [ 2039B087947B5ACA8C84DF59258CBEE6 ] nisftk          C:\WINDOWS\system32\drivers\nisftk.dll
15:21:00.0718 2320  nisftk - ok
15:21:00.0843 2320  [ 01B7543E24734AB41C254D57ED3E404D ] nisldk          C:\WINDOWS\system32\drivers\nisldk.dll
15:21:00.0859 2320  nisldk - ok
15:21:00.0921 2320  [ B3727737C07311A76B21864EAAD5E662 ] nispdk          C:\WINDOWS\system32\drivers\nispdk.dll
15:21:00.0937 2320  nispdk - ok
15:21:01.0156 2320  [ 809E7C28F267A275391181CA1C5128A7 ] nisrcdk         C:\WINDOWS\system32\drivers\nisrcdk.dll
15:21:01.0187 2320  nisrcdk - ok
15:21:01.0390 2320  [ 9FA3FF402715EF0F99CB574CAC1CDBB3 ] nissrk          C:\WINDOWS\system32\drivers\nissrk.dll
15:21:01.0515 2320  nissrk - ok
15:21:01.0609 2320  [ 26B93D94209352D239000D1B177C1D01 ] nistc2k         C:\WINDOWS\system32\drivers\nistc2k.dll
15:21:01.0609 2320  nistc2k - ok
15:21:01.0671 2320  [ 45BFFAED056B917407CC2D52A520A582 ] nistck          C:\WINDOWS\system32\drivers\nistck.dll
15:21:01.0671 2320  nistck - ok
15:21:01.0781 2320  [ C48BDF1B1EEF9FD086302194C8D928EA ] nistcrk         C:\WINDOWS\system32\drivers\nistcrk.dll
15:21:01.0781 2320  nistcrk - ok
15:21:01.0796 2320  niSvcLoc - ok
15:21:01.0953 2320  [ C89E56ECA46FDDB251D303AFE1BD61B5 ] niswdk          C:\WINDOWS\system32\drivers\niswdk.dll
15:21:02.0015 2320  niswdk - ok
15:21:02.0140 2320  [ 748D66B8F133B7C650BCE469ADCF432D ] NITaggerService C:\Programme\National Instruments\Shared\Tagger\tagsrv.exe
15:21:02.0203 2320  NITaggerService - ok
15:21:02.0375 2320  [ 3806925CA9B1654404837B664139E2B0 ] nitiork         C:\WINDOWS\system32\drivers\nitiork.dll
15:21:02.0437 2320  nitiork - ok
15:21:02.0500 2320  [ A4C4BFDDCAB8E54FC716284289B4DDB3 ] NiViFWK         C:\WINDOWS\system32\drivers\NiViFWK.sys
15:21:02.0515 2320  NiViFWK - ok
15:21:02.0593 2320  [ 00830F80DAD4A25D1C81635B523F8492 ] NiViPciK        C:\WINDOWS\system32\drivers\NiViPciK.sys
15:21:02.0593 2320  NiViPciK - ok
15:21:02.0640 2320  [ 0DC80DB7CE9CA2951F94392AB5B026A7 ] NiViPxiK        C:\WINDOWS\system32\drivers\NiViPxiK.sys
15:21:02.0640 2320  NiViPxiK - ok
15:21:02.0703 2320  [ 9D42E04768F46DEFF0F618420FC31097 ] niwdk           C:\WINDOWS\system32\drivers\niwdk.sys
15:21:02.0703 2320  niwdk - ok
15:21:02.0843 2320  [ AF3915B82B4A1596C2BD238F2AA7D412 ] niwfrk          C:\WINDOWS\system32\drivers\niwfrk.dll
15:21:02.0890 2320  niwfrk - ok
15:21:03.0062 2320  [ 60701781EF0DBEB2DD2037E7BC247995 ] nixsrk          C:\WINDOWS\system32\drivers\nixsrk.dll
15:21:03.0156 2320  nixsrk - ok
15:21:03.0218 2320  [ EB55B1D9978B61E9913EDCD27EEC4C7C ] Nla             C:\WINDOWS\System32\mswsock.dll
15:21:03.0250 2320  Nla - ok
15:21:03.0328 2320  [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
15:21:03.0328 2320  Npfs - ok
15:21:03.0406 2320  [ B78BE402C3F63DD55521F73876951CDD ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
15:21:03.0468 2320  Ntfs - ok
15:21:03.0515 2320  [ 183805EB05BCA5A1E4AAAED4D2BE3690 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
15:21:03.0515 2320  NtLmSsp - ok
15:21:03.0578 2320  [ 428AA946A8D9F32DBB4260C8E6E13377 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
15:21:03.0625 2320  NtmsSvc - ok
15:21:03.0687 2320  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
15:21:03.0687 2320  Null - ok
15:21:03.0734 2320  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:21:03.0734 2320  NwlnkFlt - ok
15:21:03.0750 2320  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:21:03.0750 2320  NwlnkFwd - ok
15:21:03.0968 2320  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
15:21:04.0062 2320  odserv - ok
15:21:04.0140 2320  [ C91F4AB66638A255660137A36E729FC4 ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
15:21:04.0140 2320  ohci1394 - ok
15:21:04.0203 2320  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
15:21:04.0265 2320  ose - ok
15:21:04.0328 2320  [ B2F17A2EDB5450E61973A037F63A595B ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
15:21:04.0328 2320  Parport - ok
15:21:04.0375 2320  [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
15:21:04.0375 2320  PartMgr - ok
15:21:04.0406 2320  [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
15:21:04.0421 2320  ParVdm - ok
15:21:04.0453 2320  [ 6FB463E5B243FBD6F3D3C83F914D94FB ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
15:21:04.0468 2320  PCI - ok
15:21:04.0484 2320  PCIDump - ok
15:21:04.0531 2320  [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
15:21:04.0531 2320  PCIIde - ok
15:21:04.0609 2320  [ 7B91463DF28DC4BD91323A28BEB0D751 ] PCIIMAQ         C:\WINDOWS\system32\drivers\PCIIMAQ.sys
15:21:04.0671 2320  PCIIMAQ - ok
15:21:04.0718 2320  [ E2363F4C1DAFF89ABEE5F593E13D8A05 ] Pcmcia          C:\WINDOWS\system32\DRIVERS\pcmcia.sys
15:21:04.0718 2320  Pcmcia - ok
15:21:04.0750 2320  PDCOMP - ok
15:21:04.0765 2320  PDFRAME - ok
15:21:04.0796 2320  PDRELI - ok
15:21:04.0812 2320  PDRFRAME - ok
15:21:04.0828 2320  perc2 - ok
15:21:04.0843 2320  perc2hib - ok
15:21:04.0968 2320  [ D2D2FA02B722336960EEAE0AE7107891 ] PID_0928        C:\WINDOWS\system32\DRIVERS\LV561AV.SYS
15:21:05.0000 2320  PID_0928 - ok
15:21:05.0015 2320  PLCMPR5 - ok
15:21:05.0078 2320  [ 2ABA2F545B35F9C6CC2CFC4E1D539A80 ] PLCNDIS5        C:\WINDOWS\system32\plcndis5.sys
15:21:05.0078 2320  PLCNDIS5 - ok
15:21:05.0109 2320  [ A07CA23EA361A01E627D911CF139B950 ] PlugPlay        C:\WINDOWS\system32\services.exe
15:21:05.0109 2320  PlugPlay - ok
15:21:05.0156 2320  [ 9D84376931440F3679BEEF2A414FA493 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
15:21:05.0156 2320  Pml Driver HPZ12 - ok
15:21:05.0187 2320  [ 183805EB05BCA5A1E4AAAED4D2BE3690 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
15:21:05.0187 2320  PolicyAgent - ok
15:21:05.0218 2320  [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:21:05.0218 2320  PptpMiniport - ok
15:21:05.0281 2320  [ F04317FB351B75233979DC65D4CEAD54 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys
15:21:05.0281 2320  Processor - ok
15:21:05.0296 2320  [ 183805EB05BCA5A1E4AAAED4D2BE3690 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
15:21:05.0296 2320  ProtectedStorage - ok
15:21:05.0328 2320  [ 48671F327553DCF1D27F6197F622A668 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
15:21:05.0328 2320  PSched - ok
15:21:05.0375 2320  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:21:05.0375 2320  Ptilink - ok
15:21:05.0437 2320  [ 183EF96BCC2EC3D5294CB2C2C0ECBCD1 ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
15:21:05.0437 2320  PxHelp20 - ok
15:21:05.0453 2320  ql1080 - ok
15:21:05.0468 2320  Ql10wnt - ok
15:21:05.0484 2320  ql12160 - ok
15:21:05.0500 2320  ql1240 - ok
15:21:05.0515 2320  ql1280 - ok
15:21:05.0562 2320  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:21:05.0562 2320  RasAcd - ok
15:21:05.0593 2320  [ E3C6E87C1F84584A773D7C3DD205DBFF ] RasAuto         C:\WINDOWS\System32\rasauto.dll
15:21:05.0609 2320  RasAuto - ok
15:21:05.0640 2320  [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:21:05.0640 2320  Rasl2tp - ok
15:21:05.0671 2320  [ A5D2D745A2AEFA327DCA6DA317B5FD70 ] RasMan          C:\WINDOWS\System32\rasmans.dll
15:21:05.0671 2320  RasMan - ok
15:21:05.0687 2320  [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:21:05.0687 2320  RasPppoe - ok
15:21:05.0765 2320  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
15:21:05.0765 2320  Raspti - ok
15:21:05.0812 2320  [ 809CA45CAA9072B3176AD44579D7F688 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:21:05.0828 2320  Rdbss - ok
15:21:05.0859 2320  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:21:05.0859 2320  RDPCDD - ok
15:21:05.0906 2320  [ B54CD38A9EBFBF2B3561426E3FE26F62 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
15:21:05.0921 2320  RDPWD - ok
15:21:05.0968 2320  [ AEC159942DF64A9890072D7BB1797762 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
15:21:05.0984 2320  RDSessMgr - ok
15:21:06.0015 2320  [ AA56702E230860565CB8D43680F57F33 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
15:21:06.0015 2320  redbook - ok
15:21:06.0062 2320  [ EBA80CDF25E02084857957E820004934 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
15:21:06.0078 2320  RemoteAccess - ok
15:21:06.0125 2320  [ 99C4B74981A1413F142A3903130088CB ] RFCOMM          C:\WINDOWS\system32\DRIVERS\rfcomm.sys
15:21:06.0125 2320  RFCOMM - ok
15:21:06.0187 2320  [ DA23F9F3F1B1871120F980A6879581AC ] RpcLocator      C:\WINDOWS\system32\locator.exe
15:21:06.0187 2320  RpcLocator - ok
15:21:06.0234 2320  [ 8AFBC2E1E5555A1C29953AF854F0FCA5 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
15:21:06.0250 2320  RpcSs - ok
15:21:06.0312 2320  [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP            C:\WINDOWS\system32\rsvp.exe
15:21:06.0375 2320  RSVP - ok
15:21:06.0437 2320  [ 4A0AE7891FCF74ACC848B109294CB80F ] RTL8023xp       C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys
15:21:06.0437 2320  RTL8023xp - ok
15:21:06.0468 2320  [ D507C1400284176573224903819FFDA3 ] rtl8139         C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
15:21:06.0468 2320  rtl8139 - ok
15:21:06.0515 2320  [ 183805EB05BCA5A1E4AAAED4D2BE3690 ] SamSs           C:\WINDOWS\system32\lsass.exe
15:21:06.0515 2320  SamSs - ok
15:21:06.0593 2320  [ E17FE33C703FFBE1A0AF66B9DCF49345 ] Samsung UPD Service2 C:\WINDOWS\system32\SUPDSvc2.exe
15:21:06.0593 2320  Samsung UPD Service2 - ok
15:21:06.0640 2320  [ B4CF7B42DE6CFA6FDE7D6AF4DAA55F57 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
15:21:06.0656 2320  SCardSvr - ok
15:21:06.0718 2320  [ D5E73842F38E24457C63FEF8CEFFBE19 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
15:21:06.0718 2320  Schedule - ok
15:21:06.0781 2320  [ D26E26EA516450AF9D072635C60387F4 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:21:06.0781 2320  Secdrv - ok
15:21:06.0843 2320  [ FED544B43903FB801B106F062110358A ] seclogon        C:\WINDOWS\System32\seclogon.dll
15:21:06.0843 2320  seclogon - ok
15:21:06.0890 2320  [ AB74D986C1DD0D0C95B6AD37EC1E9F4F ] SENS            C:\WINDOWS\system32\sens.dll
15:21:06.0906 2320  SENS - ok
15:21:06.0968 2320  [ B490AD520257DDA26C1D587A71E527B5 ] Ser2pl          C:\WINDOWS\system32\DRIVERS\ser2pl.sys
15:21:06.0968 2320  Ser2pl - ok
15:21:07.0031 2320  [ A2D868AEEFF612E70E213C451A70CAFB ] Serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
15:21:07.0031 2320  Serenum - ok
15:21:07.0078 2320  [ CD5B9995AFCDB466C9EFC048D167E3BE ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
15:21:07.0078 2320  Serial - ok
15:21:07.0140 2320  [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy         C:\WINDOWS\system32\DRIVERS\sfloppy.sys
15:21:07.0140 2320  Sfloppy - ok
15:21:07.0203 2320  [ BAC5F7F0C2B8C1B9832594851E0F9914 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
15:21:07.0203 2320  ShellHWDetection - ok
15:21:07.0234 2320  Simbad - ok
15:21:07.0281 2320  [ B8A2F8DCDC75F19962D975727F393920 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
15:21:07.0281 2320  SiSRaid2 - ok
15:21:07.0296 2320  siusbmod - ok
15:21:07.0812 2320  [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe
15:21:08.0093 2320  Skype C2C Service - ok
15:21:08.0187 2320  [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate     C:\Programme\Skype\Updater\Updater.exe
15:21:08.0203 2320  SkypeUpdate - ok
15:21:08.0250 2320  [ 5CAEED86821FA2C6139E32E9E05CCDC9 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
15:21:08.0250 2320  SLIP - ok
15:21:08.0312 2320  [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1        C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
15:21:08.0312 2320  SONYPVU1 - ok
15:21:08.0343 2320  Sparrow - ok
15:21:08.0531 2320  [ 7234E4B852F8FA0C48FF0E4FD7394490 ] SPF4            C:\Programme\Sunbelt Software\Personal Firewall\kpf4ss.exe
15:21:08.0781 2320  SPF4 - ok
15:21:08.0828 2320  [ 8E186B8F23295D1E42C573B82B80D548 ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
15:21:08.0843 2320  splitter - ok
15:21:08.0890 2320  [ DA81EC57ACD4CDC3D4C51CF3D409AF9F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
15:21:08.0890 2320  Spooler - ok
15:21:08.0937 2320  [ E4200CB2F418D8FC4ACDD7E38C419D6A ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
15:21:08.0953 2320  sr - ok
15:21:09.0015 2320  [ E150E7618328562598F4CE0B5851B5CD ] srservice       C:\WINDOWS\system32\srsvc.dll
15:21:09.0015 2320  srservice - ok
15:21:09.0078 2320  [ 7A4F147CC6B133F905F6E65E2F8669FB ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
15:21:09.0109 2320  Srv - ok
15:21:09.0156 2320  [ 6FA03B462B2FFFE2627171B7FE73EE29 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
15:21:09.0156 2320  SSDPSRV - ok
15:21:09.0218 2320  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
15:21:09.0218 2320  ssmdrv - ok
15:21:09.0328 2320  [ 07D04C9FE87D21434162D977B56414E6 ] STCAgent        C:\Programme\Cisco Systems\SSL VPN Client\agent.exe
15:21:09.0390 2320  STCAgent - ok
15:21:09.0453 2320  [ A2DBCC4C8860449DF1AB758EA28B4DE0 ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
15:21:09.0453 2320  StillCam - ok
15:21:09.0531 2320  [ 7E751068ADA60FC77638622E86A7CD9E ] stisvc          C:\WINDOWS\system32\wiaservc.dll
15:21:09.0578 2320  stisvc - ok
15:21:09.0640 2320  [ 284C57DF5DC7ABCA656BC2B96A667AFB ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
15:21:09.0656 2320  streamip - ok
15:21:09.0703 2320  [ 03C1BAE4766E2450219D20B993D6E046 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
15:21:09.0703 2320  swenum - ok
15:21:09.0750 2320  [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
15:21:09.0750 2320  swmidi - ok
15:21:09.0765 2320  SwPrv - ok
15:21:09.0781 2320  symc810 - ok
15:21:09.0812 2320  symc8xx - ok
15:21:09.0828 2320  sym_hi - ok
15:21:09.0843 2320  sym_u3 - ok
15:21:09.0875 2320  [ 59E9D90D6373F8AD4E3EBD0ECDEDD35E ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
15:21:09.0890 2320  SynTP - ok
15:21:09.0921 2320  [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
15:21:09.0921 2320  sysaudio - ok
15:21:09.0984 2320  [ 6D0C43DF9D3A7C5A9B4F94772CBD5DDC ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
15:21:10.0000 2320  SysmonLog - ok
15:21:10.0062 2320  [ 427D7EB3B453347082C8F4B370065D60 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
15:21:10.0078 2320  TapiSrv - ok
15:21:10.0171 2320  [ 744E57C99232201AE98C49168B918F48 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:21:10.0187 2320  Tcpip - ok
15:21:10.0250 2320  [ 7DDA159DEDA4FEF8523EEFC34E524013 ] Tcpip6          C:\WINDOWS\system32\DRIVERS\tcpip6.sys
15:21:10.0265 2320  Tcpip6 - ok
15:21:10.0312 2320  [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
15:21:10.0328 2320  TDPIPE - ok
15:21:10.0343 2320  [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
15:21:10.0343 2320  TDTCP - ok
15:21:10.0390 2320  [ A540A99C281D933F3D69D55E48727F47 ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
15:21:10.0406 2320  TermDD - ok
15:21:10.0484 2320  [ 1850BC10DE5DCCCEDE063FC2D0F2CEDA ] TermService     C:\WINDOWS\System32\termsrv.dll
15:21:10.0500 2320  TermService - ok
15:21:10.0531 2320  [ BAC5F7F0C2B8C1B9832594851E0F9914 ] Themes          C:\WINDOWS\System32\shsvcs.dll
15:21:10.0546 2320  Themes - ok
15:21:10.0609 2320  [ 467FF7FB078DCEC24C3F4DB602190E3D ] tifm21          C:\WINDOWS\system32\drivers\tifm21.sys
15:21:10.0625 2320  tifm21 - ok
15:21:10.0640 2320  TosIde - ok
15:21:10.0703 2320  [ A34E894201D66E380E1FA96FE11B587E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
15:21:10.0703 2320  TrkWks - ok
15:21:10.0781 2320  [ 87A0E9E18C10A9E454238E3330E2A26D ] tunmp           C:\WINDOWS\system32\DRIVERS\tunmp.sys
15:21:10.0781 2320  tunmp - ok
15:21:10.0828 2320  [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
15:21:10.0828 2320  Udfs - ok
15:21:10.0859 2320  ultra - ok
15:21:10.0890 2320  [ AB0A7CA90D9E3D6A193905DC1715DED0 ] UMWdf           C:\WINDOWS\system32\wdfmgr.exe
15:21:10.0906 2320  UMWdf - ok
15:21:10.0968 2320  [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
15:21:10.0984 2320  Update - ok
15:21:11.0046 2320  [ 09D4A2D7C5A8ABEC227D118765FAADDF ] upnphost        C:\WINDOWS\System32\upnphost.dll
15:21:11.0046 2320  upnphost - ok
15:21:11.0093 2320  [ A99F867E76CFDAA28EE305B93F70E84F ] UPS             C:\WINDOWS\System32\ups.exe
15:21:11.0109 2320  UPS - ok
15:21:11.0171 2320  [ 473224D785649D95FE77FEF008DEB794 ] usb6xxxk        C:\WINDOWS\system32\drivers\usb6xxxk.dll
15:21:11.0187 2320  usb6xxxk - ok
15:21:11.0234 2320  [ 45A0D14B26C35497AD93BCE7E15C9941 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
15:21:11.0250 2320  usbaudio - ok
15:21:11.0296 2320  [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:21:11.0296 2320  usbccgp - ok
15:21:11.0359 2320  [ 7481D843E672B51039B7E8A161B746B8 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:21:11.0359 2320  usbehci - ok
15:21:11.0406 2320  [ D31E07BF822C7F2BD32714E9DDCA8BE2 ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:21:11.0421 2320  usbhub - ok
15:21:11.0484 2320  [ BDFE799A8531BAD8A5A985821FE78760 ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys
15:21:11.0484 2320  usbohci - ok
15:21:11.0546 2320  [ A42369B7CD8886CD7C70F33DA6FCBCF5 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:21:11.0546 2320  usbprint - ok
15:21:11.0609 2320  [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:21:11.0609 2320  usbscan - ok
15:21:11.0671 2320  [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:21:11.0671 2320  USBSTOR - ok
15:21:11.0718 2320  [ 8968FF3973A883C49E8B564200F565B9 ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys
15:21:11.0718 2320  usbvideo - ok
15:21:11.0796 2320  [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
15:21:11.0796 2320  VgaSave - ok
15:21:11.0812 2320  ViaIde - ok
15:21:11.0875 2320  [ 6AAA39DD79A8341CE0EF9249F21D6B89 ] viamraid        C:\WINDOWS\system32\drivers\viamraid.sys
15:21:11.0875 2320  viamraid - ok
15:21:11.0953 2320  [ D6888520FF56D72A50437E371CA25FC9 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
15:21:11.0953 2320  VolSnap - ok
15:21:12.0046 2320  [ 5EA22CB6B100212837A97F281EDB3C47 ] vpnagent        C:\Programme\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
15:21:12.0078 2320  vpnagent - ok
15:21:12.0125 2320  [ E1F2333A88EC4A5C8EA6BE357323B72D ] vpnva           C:\WINDOWS\system32\DRIVERS\vpnva.sys
15:21:12.0140 2320  vpnva - ok
15:21:12.0171 2320  [ 1C8A783E90C34D205596F1AB4A97E261 ] vsbus           C:\WINDOWS\system32\DRIVERS\vsb.sys
15:21:12.0187 2320  vsbus - ok
15:21:12.0203 2320  vsdatant - ok
15:21:12.0250 2320  [ 3377DAA1CB8CAC46A538C236F5F3D58F ] vserial         C:\WINDOWS\system32\DRIVERS\vserial.sys
15:21:12.0250 2320  vserial - ok
15:21:12.0312 2320  [ 6635ECBF0D8090DC3A452D0D072B5D5B ] VSS             C:\WINDOWS\System32\vssvc.exe
15:21:12.0359 2320  VSS - ok
15:21:12.0421 2320  [ C6D874CD2A5B83CD11CDEBD28A638584 ] W32Time         C:\WINDOWS\system32\w32time.dll
15:21:12.0421 2320  W32Time - ok
15:21:12.0500 2320  [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:21:12.0515 2320  Wanarp - ok
15:21:12.0531 2320  Wbutton - ok
15:21:12.0609 2320  [ D918617B46457B9AC28027722E30F647 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
15:21:12.0640 2320  Wdf01000 - ok
15:21:12.0656 2320  WDICA - ok
15:21:12.0687 2320  [ 2797F33EBF50466020C430EE4F037933 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
15:21:12.0687 2320  wdmaud - ok
15:21:12.0750 2320  [ 1EB51FEEA9D3208EAE60604F4346C02E ] WebClient       C:\WINDOWS\System32\webclnt.dll
15:21:12.0765 2320  WebClient - ok
15:21:12.0859 2320  [ 473EE64C368CE2EED110376C11960259 ] winachsf        C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
15:21:12.0906 2320  winachsf - ok
15:21:13.0015 2320  [ DA2DADB42916E59C6E4BBA593BCCDA73 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
15:21:13.0031 2320  winmgmt - ok
15:21:13.0109 2320  [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUSB          C:\WINDOWS\system32\DRIVERS\WinUSB.sys
15:21:13.0109 2320  WinUSB - ok
15:21:13.0171 2320  [ 94A85E956A065E23E0010A6A7826243B ] WLSetupSvc      C:\Programme\Windows Live\installer\WLSetupSvc.exe
15:21:13.0296 2320  WLSetupSvc - ok
15:21:13.0343 2320  [ 140EF97B64F560FD78643CAE2CDAD838 ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
15:21:13.0343 2320  WmdmPmSN - ok
15:21:13.0421 2320  [ AE2C8544E747C20062DB27456EA2D67A ] WmiAcpi         C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
15:21:13.0421 2320  WmiAcpi - ok
15:21:13.0515 2320  [ 042A78FCD1ADFB0FBA9865D55C6F5CC1 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:21:13.0515 2320  WmiApSrv - ok
15:21:13.0578 2320  [ 1385E5AA9C9821790D33A9563B8D2DD0 ] WpdUsb          C:\WINDOWS\system32\Drivers\wpdusb.sys
15:21:13.0578 2320  WpdUsb - ok
15:21:13.0625 2320  [ D5842484F05E12121C511AA93F6439EC ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
15:21:13.0625 2320  WSTCODEC - ok
15:21:13.0718 2320  [ EB52B74A5DAADC2CCA68B3E7D81007E6 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
15:21:13.0765 2320  WZCSVC - ok
15:21:13.0843 2320  [ 8302DE1C64618D72346DD0034DBC5D9B ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
15:21:13.0843 2320  xmlprov - ok
15:21:14.0000 2320  ================ Scan global ===============================
15:21:14.0046 2320  [ 1B91BAC6996731EE8925F58205DCB016 ] C:\WINDOWS\system32\basesrv.dll
15:21:14.0109 2320  [ 340A91FBD2A371CBF52E35E3B7DFE2EC ] C:\WINDOWS\system32\winsrv.dll
15:21:14.0156 2320  [ 340A91FBD2A371CBF52E35E3B7DFE2EC ] C:\WINDOWS\system32\winsrv.dll
15:21:14.0171 2320  [ A07CA23EA361A01E627D911CF139B950 ] C:\WINDOWS\system32\services.exe
15:21:14.0171 2320  [Global] - ok
15:21:14.0187 2320  ================ Scan MBR ==================================
15:21:14.0218 2320  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
15:21:14.0453 2320  \Device\Harddisk0\DR0 - ok
15:21:14.0453 2320  ================ Scan VBR ==================================
15:21:14.0468 2320  [ 0AC7EA54F1874C8AE1170D25A530857C ] \Device\Harddisk0\DR0\Partition1
15:21:14.0468 2320  \Device\Harddisk0\DR0\Partition1 - ok
15:21:14.0468 2320  ============================================================
15:21:14.0468 2320  Scan finished
15:21:14.0468 2320  ============================================================
15:21:14.0500 3116  Detected object count: 1
15:21:14.0500 3116  Actual detected object count: 1
15:21:58.0171 3116  khips ( Virus.Win32.ZAccess.aml ) - skipped by user
15:21:58.0171 3116  khips ( Virus.Win32.ZAccess.aml ) - User select action: Skip
         


Alt 16.10.2012, 14:20   #6
Psychotic
/// Malwareteam
 
Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt - Standard

Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt



Schritt 1: Fix mit TDSS-Killer


Dowloade Dir bitte TDSSKiller.exe und speichere die Datei am Desktop.
  • Schließe alle laufenden Programme.
  • Trenne dich von Internet.
  • Deaktiviere deine AntiViren Software.
  • Starte TDSSkiller.exe mit Doppelklick. Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Drücke auf Start scan. Mache während dem Scan nichts am Rechner
    1. Sollte das Tool keine Funde aufweisen, klicke Close um es zu schließen.
    2. Wurde etwas gefunden werden die Funde in Scan results - Select action for found objects angezeigt und geben 3 Auswahlmöglichkeiten. Gehe sicher, dass bei folgenden Einträgen Copy to quarantine ausgewählt ist:

      Code:
      ATTFilter
      Virus.Win32.ZAccess.aml
               
    3. Drücke Continue --> Reboot.
  • Das Logfile ist nach dem Neustart auf deinem Systemlaufwerk ( meist C: ) unter TDSSKiller_version_date_time_log.txt zu finden.
  • Bitte poste mir den Inhalt hier in deinen Thread.
Bebilderte Anleitung zur Benutzung von TDSSKiller.



Schritt 2: Combofix

Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.
Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Combofix wird überprüfen, ob die Microsoft Windows Wiederherstellungskonsole installiert ist.
    Ist diese nicht installiert, erlaube Combofix diese herunter zu laden und zu installieren. Folge dazu einfach den Anweisungen und aktzeptiere die End Nutzer Lizenz.
    Bei heutiger Malware ist dies sehr empfehlenswert, da diese uns eine Möglichkeit bietet, dein System zu reparieren, falls was schief geht.
    Bestätige die Information, dass die Wiederherstellungskonsole installiert wurde mit Ja.
Hinweis: Ist diese bereits installiert, wird Combofix mit der Malwareentfernung fortfahren.


Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.
__________________
--> Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt

Alt 16.10.2012, 15:52   #7
5CB
 
Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt - Standard

Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt



Hallo Marius,

habe Schritt 1 erfolgreich ausgeführt.
Bei Schritt 2 verschwand allerdings nach Akzeptieren der Lizenzvereinbarung nicht mur das Combofix-Programmfenster sondern auch die Taskleiste, sämtliche Deskopsymbole.... ich sehe nur noch meinen Desktophintergrund und meinen Cursor (der noch reagiert). Ist das normal (Zustand besteht jetzt schon seit mehr als 30 Minuten)??

Nachdem sich dort nichts getan hat, hab ich Neustart durchgeführt und Combofix erneut gestartet.... läuft gerade.

Code:
ATTFilter
ComboFix 12-10-16.02 - User 16.10.2012  19:50:43.1.1 - x86
Microsoft Windows XP Home Edition  5.1.2600.2.1252.49.1031.18.894.365 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\User\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
FW: Sunbelt Personal Firewall *Enabled* {BFD080F6-3BF0-40E1-9507-9CA969C35870}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokumente und einstellungen\All Users\Anwendungsdaten\TEMP
c:\dokumente und einstellungen\User\Eigene Dateien\~WRD2293.tmp
c:\dokumente und einstellungen\User\WebVpnRegKey6-10-0-0-1.dll
c:\dokumente und einstellungen\User\WebVpnRegKey6-vpn-uni-halle-de.dll
c:\dokumente und einstellungen\User\WINDOWS
c:\programme\SecureW2
c:\programme\SecureW2\SecureW2 TTLS Client\Uninstall.exe
c:\programme\xp-AntiSpy
c:\programme\xp-AntiSpy\Uninstall.exe
c:\programme\xp-AntiSpy\xp-AntiSpy.chm
c:\programme\xp-AntiSpy\xp-AntiSpy.exe
c:\programme\xp-AntiSpy\xp-AntiSpy.url
C:\Thumbs.db
c:\windows\$NtUninstallKB22607$
c:\windows\$NtUninstallKB22607$\3708716353\@
c:\windows\$NtUninstallKB22607$\3708716353\Desktop.ini
c:\windows\$NtUninstallKB22607$\3708716353\L\00000004.@
c:\windows\$NtUninstallKB22607$\3708716353\L\201d3dde
c:\windows\$NtUninstallKB22607$\3708716353\L\wpaciqel
c:\windows\$NtUninstallKB22607$\3708716353\U\00000004.@
c:\windows\$NtUninstallKB22607$\3708716353\U\00000008.@
c:\windows\$NtUninstallKB22607$\3708716353\U\000000cb.@
c:\windows\$NtUninstallKB22607$\3708716353\U\80000000.@
c:\windows\$NtUninstallKB22607$\3708716353\U\80000032.@
c:\windows\$NtUninstallKB22607$\3808081577
c:\windows\IsUn0407.exe
c:\windows\system32\SETAC.tmp
c:\windows\system32\SETAD.tmp
c:\windows\system32\SETB5.tmp
c:\windows\system32\SETB7.tmp
c:\windows\system32\SETB9.tmp
c:\windows\system32\SETBB.tmp
c:\windows\system32\SETC2.tmp
c:\windows\system32\SETC4.tmp
c:\windows\system32\SETC6.tmp
c:\windows\system32\SETC8.tmp
c:\windows\system32\SETCF.tmp
c:\windows\system32\SETD1.tmp
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
c:\windows\unin0407.exe
.
Infizierte Kopie von c:\windows\system32\drivers\khips.sys wurde gefunden und desinfiziert 
Kopie von - The cat found it :) wurde wiederhergestellt 
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_{79007602-0CDB-4405-9DBF-1257BB3226EE}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-09-16 bis 2012-10-16  ))))))))))))))))))))))))))))))
.
.
2012-10-16 17:42 . 2007-04-26 08:21	72624	----a-w-	c:\windows\system32\drivers\khips.sys
2012-10-16 13:35 . 2012-10-16 13:35	--------	d-----w-	C:\TDSSKiller_Quarantine
2012-10-15 16:33 . 2012-10-15 16:33	--------	d-----w-	c:\dokumente und einstellungen\User\Anwendungsdaten\Malwarebytes
2012-10-15 16:33 . 2012-10-15 16:33	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes
2012-10-15 16:33 . 2012-10-15 16:33	--------	d-----w-	c:\programme\Malwarebytes' Anti-Malware
2012-10-15 16:33 . 2012-09-07 15:04	22856	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-10-11 13:19 . 2012-10-11 13:19	--------	d-----w-	c:\windows\nidaq
2012-10-11 13:17 . 2012-10-11 13:17	--------	d-----w-	c:\windows\nimcorb
2012-10-11 13:15 . 2012-10-11 13:15	--------	d-----w-	c:\programme\cameralink
2012-10-11 12:50 . 2012-10-11 12:54	--------	d-----w-	C:\VXIPNP
2012-10-11 12:47 . 2012-10-11 12:47	--------	d-----w-	c:\programme\IVI
2012-10-11 12:25 . 2012-10-11 12:25	--------	d-----w-	c:\windows\system32\cvirte
2012-10-11 12:25 . 2012-10-11 13:19	--------	d-----w-	c:\programme\National Instruments
2012-09-28 12:52 . 2012-09-28 12:52	--------	d-----w-	C:\My Data
2012-09-28 12:52 . 2012-09-28 12:52	--------	d-----w-	c:\programme\SMaRT
2012-09-26 14:54 . 2012-09-26 14:56	--------	d-----w-	c:\programme\1ClickDownload
2012-09-24 23:42 . 2012-09-24 23:42	--------	d-----w-	c:\programme\Microsoft
2012-09-24 20:54 . 2012-09-24 20:54	--------	d-----w-	c:\windows\system32\Adobe
2012-09-24 20:53 . 2012-09-24 20:53	--------	d-----w-	c:\programme\Gemeinsame Dateien\Java
2012-09-24 20:53 . 2012-09-24 20:52	93672	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-12 20:48 . 2012-07-04 10:20	73656	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-12 20:48 . 2012-07-04 10:20	696760	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-09-24 20:52 . 2011-02-22 20:06	143872	----a-w-	c:\windows\system32\javacpl.cpl
2012-09-24 20:52 . 2012-06-07 08:00	821736	----a-w-	c:\windows\system32\npDeployJava1.dll
2012-09-24 20:52 . 2011-02-22 20:06	746984	----a-w-	c:\windows\system32\deployJava1.dll
2012-08-05 15:52 . 2012-08-05 15:52	40256	----a-w-	c:\windows\system32\drivers\rcudawdm.sys
2012-08-05 15:52 . 2012-08-05 15:52	65216	----a-w-	c:\windows\system32\drivers\rcusbwdm.sys
2012-08-05 15:52 . 2012-08-05 15:52	10304	----a-w-	c:\windows\system32\drivers\hostnt.sys
2012-08-01 22:41 . 2012-08-01 22:41	3026	----a-w-	c:\windows\system32\drivers\hwinterface.sys
2012-08-01 14:18 . 2012-08-01 14:18	307254	----a-w-	C:\juntemp.tmp
2012-07-25 23:14 . 2007-11-25 11:54	286720	------w-	c:\windows\Setup1.exe
2004-03-15 15:51 . 2004-03-15 15:51	114688	----a-w-	c:\programme\internet explorer\plugins\LV71ActiveXControl.dll
2003-05-01 07:36 . 2003-05-01 07:36	114688	----a-w-	c:\programme\internet explorer\plugins\LV7ActiveXControl.dll
2005-10-12 13:04 . 2005-10-12 13:04	131072	----a-w-	c:\programme\internet explorer\plugins\LV80ActiveXControl.dll
2012-09-11 06:26 . 2011-03-30 07:39	266720	----a-w-	c:\programme\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\dokumente und einstellungen\User\Anwendungsdaten\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\dokumente und einstellungen\User\Anwendungsdaten\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\dokumente und einstellungen\User\Anwendungsdaten\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\dokumente und einstellungen\User\Anwendungsdaten\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\programme\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"Rainlendar2"="c:\programme\Rainlendar2\Rainlendar2.exe" [2011-08-12 2433024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\programme\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-04-05 339968]
"SoundMan"="SOUNDMAN.EXE" [2005-08-01 77824]
"SynTPLpr"="c:\programme\Synaptics\SynTP\SynTPLpr.exe" [2005-08-01 98393]
"SynTPEnh"="c:\programme\Synaptics\SynTP\SynTPEnh.exe" [2005-08-01 688217]
"LaunchAp"="c:\launch manager\LaunchAp.exe" [2005-03-30 32768]
"LMgrVolOSD"="c:\launch manager\OSD.exe" [2005-03-16 204800]
"LMgrOSD"="c:\launch manager\OSDCtrl.exe" [2004-10-11 245760]
"Wbutton"="c:\launch manager\Wbutton.exe" [2005-04-18 81920]
"CtrlVol"="c:\launch manager\CtrlVol.exe" [2003-09-16 20480]
"FreePDF Assistant"="c:\programme\FreePDF_XP\fpassist.exe" [2005-05-27 147456]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2011-01-10 281768]
"TkBellExe"="c:\programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" [2006-06-18 180269]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 110592]
"HotkeyApp"="c:\launch manager\HotkeyApp.exe" [2005-05-02 57344]
"CanonMyPrinter"="c:\programme\Canon\MyPrinter\BJMyPrt.exe" [2011-07-19 2567272]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712]
"niDevMon"="c:\programme\National Instruments\NI-DAQ\HWConfig\nidevmon.exe" [2005-10-06 263168]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]
.
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\
Adobe Acrobat - Schnellstart.lnk - c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000002}\SC_Acrobat.exe [2006-6-10 25214]
Adobe Acrobat - Schnellstart.lnk.disabled [2008-9-1 2319]
Adobe Reader - Schnellstart.lnk.disabled [2006-6-10 1743]
Microsoft Office.lnk.disabled [2008-7-2 1720]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"TkBellExe"="c:\programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe"  -osboot
"QuickTime Task"="c:\programme\QuickTime\QTTask.exe" -atboottime
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
R0 PCIIMAQ;National Instruments IMAQ Driver;c:\windows\system32\drivers\pciimaq.sys [30.08.2005 10:38 374448]
R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [26.04.2007 10:21 302000]
R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [16.10.2012 19:42 72624]
R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [18.12.2009 21:48 136360]
R2 gpib420;GPIB Analyzer;c:\windows\system32\drivers\gpib420.sys [18.07.2005 01:45 31334]
R2 GpibPrtK;Gpib Port;c:\windows\system32\drivers\GpibPrtK.sys [18.07.2005 01:25 199783]
R2 HOSTNT;HOSTNT;c:\windows\system32\drivers\hostnt.sys [05.08.2012 17:52 10304]
R2 HWDeviceService.exe;HWDeviceService.exe;c:\dokumente und einstellungen\All Users\Anwendungsdaten\DatacardService\HWDeviceService.exe -/service --> c:\dokumente und einstellungen\All Users\Anwendungsdaten\DatacardService\HWDeviceService.exe -/service [?]
R2 Kithara-Ksts7;Kithara Tool Suite 7 Runtime;c:\windows\system32\Ksts7.sys [02.03.2008 00:32 242592]
R2 lvalarmk;lvalarmk;c:\windows\system32\drivers\lvalarmk.dll [27.07.2005 08:58 10829]
R2 niarbk;niarbk;c:\windows\system32\drivers\niarbk.dll [13.10.2005 09:29 37376]
R2 nibffrk;nibffrk;c:\windows\system32\drivers\nibffrk.dll [13.10.2005 09:29 21504]
R2 nicanpk;nicanpk;c:\windows\system32\drivers\NICANpk.dll [14.10.2005 06:02 136791]
R2 Nidaq32k;Nidaq32k;c:\windows\system32\drivers\nidaq32k.sys [13.10.2005 10:17 674304]
R2 nidevldu;nidevldu;system32\nipalsm.exe --> system32\nipalsm.exe [?]
R2 nidimk;nidimk;c:\windows\system32\drivers\nidimk.dll [28.09.2005 21:14 141824]
R2 nidmmk;NI DMM and Data Logger Kernel Driver;c:\windows\system32\drivers\nidmmk.dll [13.10.2005 10:18 50688]
R2 nidmxfk;nidmxfk;c:\windows\system32\drivers\nidmxfk.dll [13.10.2005 07:27 166912]
R2 nidwgk;nidwgk;c:\windows\system32\drivers\nidwgk.dll [20.09.2005 20:48 979456]
R2 niembrtk;niembrtk;c:\windows\system32\drivers\niembrtk.sys [08.07.2004 10:24 30720]
R2 niemrk;niemrk;c:\windows\system32\drivers\niemrk.dll [07.10.2005 00:19 346624]
R2 nifslk;nifslk;c:\windows\system32\drivers\nifslk.dll [06.10.2005 11:32 35328]
R2 nigplk;nigplk;c:\windows\system32\drivers\nigplk.dll [20.09.2005 18:17 100352]
R2 nihsdrk;nihsdrk;c:\windows\system32\drivers\nihsdrk.dll [20.09.2005 20:45 534016]
R2 niimaqk;niimaqk;c:\windows\system32\drivers\niimaqk.dll [21.09.2005 15:41 223232]
R2 nimdsk;nimdsk;c:\windows\system32\drivers\nimdsk.dll [13.10.2005 09:30 30208]
R2 nimxpk;nimxpk;c:\windows\system32\drivers\nimxpk.dll [06.10.2005 12:31 19456]
R2 nipxirmk;nipxirmk;c:\windows\system32\drivers\nipxirmk.dll [21.09.2005 11:30 55296]
R2 niRTProxy;niRTProxy;c:\windows\system32\RTProxy.exe c:\windows\system32\RTProxy.exe -s --> c:\windows\system32\RTProxy.exe c:\windows\system32\RTProxy.exe -s [?]
R2 nisldk;nisldk;c:\windows\system32\drivers\niSLDk.dll [20.09.2005 20:32 373863]
R2 nisrcdk;nisrcdk;c:\windows\system32\drivers\nisrcdk.dll [20.09.2005 20:04 677486]
R2 nistck;nistck;c:\windows\system32\drivers\niSTCk.dll [13.10.2005 09:30 111616]
R2 niswdk;niswdk;c:\windows\system32\drivers\niswdk.dll [08.10.2005 01:08 476160]
R2 PLCNDIS5;PLCNDIS5 NDIS Protocol Driver;c:\windows\system32\plcndis5.sys [17.05.2004 12:21 17280]
R2 Skype C2C Service;Skype C2C Service;c:\dokumente und einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe [13.08.2012 13:33 3064000]
R2 usb6xxxk;usb6xxxk;c:\windows\system32\drivers\usb6xxxk.dll [07.10.2005 00:06 19968]
R2 vpnagent;Cisco AnyConnect VPN Agent;c:\programme\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [18.12.2009 00:32 497856]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [20.05.2011 10:50 117504]
R3 HSFHWATI;HSFHWATI;c:\windows\system32\drivers\HSFHWATI.sys [15.11.2005 10:46 200192]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [20.05.2011 10:50 72576]
R3 nicdrk;nicdrk;c:\windows\system32\drivers\nicdrk.dll [06.10.2005 11:56 170496]
R3 nimru2k;nimru2k;c:\windows\system32\drivers\nimru2k.dll [28.09.2005 21:54 231936]
R3 nimsdrk;nimsdrk;c:\windows\system32\drivers\nimsdrk.dll [06.10.2005 12:19 131072]
R3 nimstsk;nimstsk;c:\windows\system32\drivers\nimstsk.dll [06.10.2005 12:25 51200]
R3 niscdk;niscdk;c:\windows\system32\drivers\niscdk.dll [06.10.2005 12:07 497664]
S1 mailKmd;mailKmd; [x]
S2 Mobile Partner. RunOuc;Mobile Partner. OUC;c:\programme\Mobile Partner\UpdateDog\ouc.exe [20.05.2011 10:49 218624]
S2 SkypeUpdate;Skype Updater;c:\programme\Skype\Updater\Updater.exe [03.07.2012 13:19 160944]
S2 SPF4;Sunbelt Personal Firewall 4;c:\programme\Sunbelt Software\Personal Firewall\kpf4ss.exe [26.04.2007 10:21 1234480]
S3 AVMUNET;Eumex 300 IP;c:\windows\system32\drivers\avmunet.sys [12.02.2006 19:05 15104]
S3 CMIUSB;Motic New MC Camera;c:\windows\system32\drivers\MC1001200130012001B\cmiusb.sys [17.05.2011 17:40 10373]
S3 CSVirtA;Cisco Systems SSL VPN Adapter;c:\windows\system32\drivers\CSVirtA.sys [03.10.2007 12:54 22136]
S3 DFSTR2K;DATAFAB based USB Mass Storage Driver;c:\windows\system32\drivers\DfStor2K.sys [02.06.2009 15:57 37972]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [20.05.2011 10:50 102784]
S3 FTLUND;Lundinova Filter Driver;c:\windows\system32\drivers\ftlund.sys [13.03.2006 12:29 6828]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\programme\Mozilla Maintenance Service\maintenanceservice.exe [04.07.2012 12:12 114144]
S3 nidsark;nidsark;c:\windows\system32\drivers\nidsark.dll [06.10.2005 12:14 714752]
S3 niesrk;niesrk;c:\windows\system32\drivers\niesrk.dll [07.10.2005 00:19 489984]
S3 nimslk;nimslk;c:\windows\system32\drivers\nimslk.dll [06.10.2005 01:00 14464]
S3 nimsrlk;nimsrlk;c:\windows\system32\drivers\nimsrlk.dll [06.10.2005 01:00 151683]
S3 nisdigk;nisdigk;c:\windows\system32\drivers\nisdigk.dll [07.10.2005 00:06 233472]
S3 nisftk;nisftk;c:\windows\system32\drivers\nisftk.dll [06.10.2005 11:48 163328]
S3 nispdk;nispdk;c:\windows\system32\drivers\nispdk.dll [06.10.2005 12:07 42496]
S3 nissrk;nissrk;c:\windows\system32\drivers\nissrk.dll [07.10.2005 00:20 1058304]
S3 nistc2k;nistc2k;c:\windows\system32\drivers\nistc2k.dll [06.10.2005 12:03 163328]
S3 nistcrk;nistcrk;c:\windows\system32\drivers\nistcrk.dll [10.10.2005 20:07 110080]
S3 nitiork;nitiork;c:\windows\system32\drivers\nitiork.dll [07.10.2005 00:54 692736]
S3 NiViFWK;NI-VISA FireWire Driver;c:\windows\system32\drivers\NiViFWK.sys [12.10.2005 17:13 8704]
S3 NiViPciK;NI-VISA PCI Driver;c:\windows\system32\drivers\NiViPciK.sys [12.10.2005 17:04 37376]
S3 NiViPxiK;NI-VISA PXI Driver;c:\windows\system32\drivers\NiViPxiK.sys [12.10.2005 17:04 10752]
S3 niwdk;niwdk;c:\windows\system32\drivers\niwdk.sys [05.10.2005 17:34 18432]
S3 niwfrk;niwfrk;c:\windows\system32\drivers\niwfrk.dll [07.10.2005 00:20 422400]
S3 nixsrk;nixsrk;c:\windows\system32\drivers\nixsrk.dll [07.10.2005 00:20 926720]
S3 PLCMPR5;PLCMPR5 NDIS Protocol Driver;\??\c:\windows\system32\PLCMPR5.SYS --> c:\windows\system32\PLCMPR5.SYS [?]
S3 Samsung UPD Service2;Samsung UPD Service2;c:\windows\system32\SUPDSvc2.exe [14.08.2012 19:26 129536]
S3 siusbmod;siusbmod;c:\windows\system32\DRIVERS\siusbmod.sys --> c:\windows\system32\DRIVERS\siusbmod.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper	REG_MULTI_SZ   	getPlusHelper
.
Inhalt des "geplante Tasks" Ordners
.
2012-10-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2638560129-685934672-2847317654-1007Core.job
- c:\dokumente und einstellungen\User\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe [2011-07-15 07:48]
.
2012-10-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2638560129-685934672-2847317654-1007UA.job
- c:\dokumente und einstellungen\User\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe [2011-07-15 07:48]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
mStart Page = hxxp://de.yahoo.com/fsc/
uInternet Settings,ProxyOverride = eumex.ip
uSearchURL,(Default) = hxxp://red.clientapps.yahoo.com/customize/fuji/defaults/su/*hxxp://www.yahoo.com
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\dokumente und einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\w7lhpv45.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: network.proxy.type - 0
user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);
.
.
------- Dateityp-Verknüpfung -------
.
.scr=RasWin.Script
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-SunJavaUpdateSched - c:\programme\Java\jre1.5.0_06\bin\jusched.exe
AddRemove-Adobe Acrobat 3.01 - c:\windows\unin0407.exe
AddRemove-Adobe Type Manager 4.1 - c:\windows\unin0407.exe
AddRemove-High Precision Ephemeris Tool - c:\windows\unin0407.exe
AddRemove-Media Reader 1.15 - c:\windows\ISUN0407.EXE
AddRemove-Microsoft Interactive Training - c:\windows\IsUn0407.exe
AddRemove-SecureW2 TTLS Client - c:\programme\SecureW2\SecureW2 TTLS Client\Uninstall.exe
AddRemove-Virtual Sky 5 - c:\windows\unin0407.exe
AddRemove-xp-AntiSpy - c:\programme\xp-AntiSpy\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-10-16 20:30
Windows 5.1.2600 Service Pack 2 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
  CtrlVol = c:\launch manager\CtrlVol.exe???????8???????8???T??????|x??|????q??|?j?wQj?w????????,??? ???|???????????\??????|????????h?????@????????????????s???????s???sx??s@??????????????|h??sl??????????s?????????????????C?sc"?sx??s????(J?w??@?N'?s????-6@???????????? 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\DeterministicNetworks\DNE\Parameters]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,79,00,73,00,\
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\ð•€|ÿÿÿÿ.•€|	–Ñw*]
"7040A10900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
"7040211900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'winlogon.exe'(1872)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(2776)
c:\dokumente und einstellungen\User\Anwendungsdaten\Dropbox\bin\DropboxExt.14.dll
c:\windows\system32\msi.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\programme\Cisco Systems\SSL VPN Client\agent.exe
c:\programme\Avira\AntiVir Desktop\avguard.exe
c:\dokumente und einstellungen\All Users\Anwendungsdaten\DatacardService\HWDeviceService.exe
c:\programme\Java\jre7\bin\jqs.exe
c:\windows\system32\lkcitdl.exe
c:\programme\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\lkads.exe
c:\windows\system32\lktsrv.exe
c:\programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\Ati2evxx.exe
c:\dokumente und einstellungen\All Users\Anwendungsdaten\Mobile Partner\OnlineUpdate\ouc.exe
c:\programme\National Instruments\MAX\nimxs.exe
c:\programme\National Instruments\Shared\Security\nidmsrv.exe
c:\windows\system32\RTProxy.exe
c:\windows\system32\nisvcloc.exe
c:\programme\National Instruments\Shared\Tagger\tagsrv.exe
c:\windows\system32\HPZipm12.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\nipalsm.exe
c:\windows\system32\nipalsm.exe
c:\windows\system32\nipalsm.exe
c:\windows\system32\nipalsm.exe
c:\programme\Mobile Partner\Mobile Partner.exe
c:\windows\SOUNDMAN.EXE
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-10-16  20:42:43 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-10-16 18:42
.
Vor Suchlauf: 5 112 004 608 Bytes frei
Nach Suchlauf: 5 835 223 040 Bytes frei
.
WindowsXP-KB310994-SP2-Home-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - B14FA29C0C5471D15C6B43361989FDFE
         
Oh...hab ich vergessen zu posten:
Code:
ATTFilter
15:34:42.0593 0960  TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
15:34:42.0625 0960  ============================================================
15:34:42.0625 0960  Current date / time: 2012/10/16 15:34:42.0625
15:34:42.0625 0960  SystemInfo:
15:34:42.0625 0960  
15:34:42.0625 0960  OS Version: 5.1.2600 ServicePack: 2.0
15:34:42.0625 0960  Product type: Workstation
15:34:42.0625 0960  ComputerName: KAROOSU-II
15:34:42.0625 0960  UserName: User
15:34:42.0625 0960  Windows directory: C:\WINDOWS
15:34:42.0625 0960  System windows directory: C:\WINDOWS
15:34:42.0625 0960  Processor architecture: Intel x86
15:34:42.0625 0960  Number of processors: 1
15:34:42.0625 0960  Page size: 0x1000
15:34:42.0625 0960  Boot type: Normal boot
15:34:42.0625 0960  ============================================================
15:34:44.0640 0960  Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
15:34:44.0640 0960  ============================================================
15:34:44.0640 0960  \Device\Harddisk0\DR0:
15:34:44.0640 0960  MBR partitions:
15:34:44.0640 0960  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950E482
15:34:44.0640 0960  ============================================================
15:34:44.0687 0960  C: <-> \Device\Harddisk0\DR0\Partition1
15:34:44.0687 0960  ============================================================
15:34:44.0687 0960  Initialize success
15:34:44.0687 0960  ============================================================
15:34:50.0359 1032  ============================================================
15:34:50.0359 1032  Scan started
15:34:50.0359 1032  Mode: Manual; 
15:34:50.0359 1032  ============================================================
15:34:50.0968 1032  ================ Scan system memory ========================
15:34:52.0765 1032  System memory - ok
15:34:52.0781 1032  ================ Scan services =============================
15:34:52.0984 1032  [ A6F2BE018400EE84231AC34C2F359491 ] 6to4            C:\WINDOWS\System32\6to4svc.dll
15:34:52.0984 1032  6to4 - ok
15:34:53.0031 1032  Abiosdsk - ok
15:34:53.0046 1032  abp480n5 - ok
15:34:53.0109 1032  [ 94B4741D2CF9ED38140B831293D1601A ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:34:53.0109 1032  ACPI - ok
15:34:53.0171 1032  [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC          C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
15:34:53.0171 1032  ACPIEC - ok
15:34:53.0218 1032  [ 6463D1DB354B13E6CED4D67F6E4910F4 ] actser          C:\WINDOWS\system32\drivers\actser.sys
15:34:53.0218 1032  actser - ok
15:34:53.0343 1032  [ 6D182C31ACF16213407F2768F1107FE3 ] Adobe LM Service C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
15:34:53.0343 1032  Adobe LM Service - ok
15:34:53.0359 1032  adpu160m - ok
15:34:53.0453 1032  [ 841F385C6CFAF66B58FBD898722BB4F0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
15:34:53.0453 1032  aec - ok
15:34:53.0531 1032  [ 6A0397376853E604DE8E1E7A87FC08AC ] AFD             C:\WINDOWS\System32\drivers\afd.sys
15:34:53.0531 1032  AFD - ok
15:34:53.0546 1032  Aha154x - ok
15:34:53.0562 1032  aic78u2 - ok
15:34:53.0593 1032  aic78xx - ok
15:34:53.0765 1032  [ BEA942FF21154FEE4F71DDD477621C70 ] ALCXWDM         C:\WINDOWS\system32\drivers\ALCXWDM.SYS
15:34:53.0796 1032  ALCXWDM - ok
15:34:53.0859 1032  [ 1AAB6C5F8376357CB9B16C38C42C4076 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
15:34:53.0875 1032  Alerter - ok
15:34:53.0906 1032  [ 6596DD260FFDE1BDC994C1DF236307BB ] ALG             C:\WINDOWS\System32\alg.exe
15:34:53.0906 1032  ALG - ok
15:34:53.0937 1032  AliIde - ok
15:34:54.0000 1032  [ A2D5F093F9CB160C183C77015704F156 ] AmdK8           C:\WINDOWS\system32\DRIVERS\AmdK8.sys
15:34:54.0000 1032  AmdK8 - ok
15:34:54.0015 1032  amsint - ok
15:34:54.0109 1032  [ C27D46B06D340293670450FCE9DFB166 ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
15:34:54.0109 1032  AntiVirSchedulerService - ok
15:34:54.0187 1032  [ 72D90E56563165984224493069C69ED4 ] AntiVirService  C:\Programme\Avira\AntiVir Desktop\avguard.exe
15:34:54.0203 1032  AntiVirService - ok
15:34:54.0218 1032  AppMgmt - ok
15:34:54.0312 1032  [ D4E7ED3AE224C851B08F3A3A85C37E88 ] AR5211          C:\WINDOWS\system32\DRIVERS\ar5211.sys
15:34:54.0312 1032  AR5211 - ok
15:34:54.0406 1032  [ F0D692B0BFFB46E30EB3CEA168BBC49F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
15:34:54.0406 1032  Arp1394 - ok
15:34:54.0421 1032  asc - ok
15:34:54.0437 1032  asc3350p - ok
15:34:54.0453 1032  asc3550 - ok
15:34:54.0609 1032  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:34:54.0609 1032  aspnet_state - ok
15:34:54.0671 1032  [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:34:54.0671 1032  AsyncMac - ok
15:34:54.0718 1032  [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
15:34:54.0718 1032  atapi - ok
15:34:54.0734 1032  Atdisk - ok
15:34:54.0812 1032  [ 6BDB117F5CF40FE91FF50E1BB3F28184 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
15:34:54.0828 1032  Ati HotKey Poller - ok
15:34:54.0921 1032  [ E9EBF7DCA6C5EB9C597035A10A5A6A1B ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
15:34:54.0937 1032  ati2mtag - ok
15:34:55.0000 1032  [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:34:55.0000 1032  Atmarpc - ok
15:34:55.0046 1032  [ 523CA82A8810F4354E6425406AFBC130 ] ATMsrvc         C:\WINDOWS\System32\ATMsrvc.exe
15:34:55.0046 1032  ATMsrvc - ok
15:34:55.0109 1032  [ E98B8250398F6637B335A76BA8DFB602 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
15:34:55.0109 1032  AudioSrv - ok
15:34:55.0187 1032  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
15:34:55.0187 1032  audstub - ok
15:34:55.0265 1032  [ 0B497C79824F8E1BF22FA6AACD3DE3A0 ] avgio           C:\Programme\Avira\AntiVir Desktop\avgio.sys
15:34:55.0265 1032  avgio - ok
15:34:55.0375 1032  [ 1E4114685DE1FFA9675E09C6A1FB3F4B ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
15:34:55.0375 1032  avgntflt - ok
15:34:55.0453 1032  [ 0F78D3DAE6DEDD99AE54C9491C62ADF2 ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
15:34:55.0453 1032  avipbb - ok
15:34:55.0515 1032  [ 077B3692F4376D1539755761FEEF659A ] AVMUNET         C:\WINDOWS\system32\DRIVERS\avmunet.sys
15:34:55.0515 1032  AVMUNET - ok
15:34:55.0578 1032  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
15:34:55.0578 1032  Beep - ok
15:34:55.0640 1032  [ D8653DCD80CF2EBB333FC4FCC43A7DEF ] Browser         C:\WINDOWS\System32\browser.dll
15:34:55.0640 1032  Browser - ok
15:34:55.0703 1032  [ D24B8D1784C68A25060FFFBE8ED34B76 ] BthEnum         C:\WINDOWS\system32\DRIVERS\BthEnum.sys
15:34:55.0703 1032  BthEnum - ok
15:34:55.0750 1032  [ 9DF0ADF74CE1D6371ED60CF92EB1D9A6 ] BTHMODEM        C:\WINDOWS\system32\DRIVERS\bthmodem.sys
15:34:55.0750 1032  BTHMODEM - ok
15:34:55.0796 1032  [ 10355270BE12641B9764235DA39DCF0F ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys
15:34:55.0796 1032  BthPan - ok
15:34:55.0859 1032  [ 3A7A07B55ADC58E2001537EB6E0A980D ] BTHPORT         C:\WINDOWS\system32\Drivers\BTHport.sys
15:34:55.0875 1032  BTHPORT - ok
15:34:55.0921 1032  [ 822D1875B12B6219CECE1D221349CEF4 ] BthServ         C:\WINDOWS\System32\bthserv.dll
15:34:55.0921 1032  BthServ - ok
15:34:55.0937 1032  [ F06D4CB9918B462A84D9AC00027EFC30 ] BTHUSB          C:\WINDOWS\system32\Drivers\BTHUSB.sys
15:34:55.0937 1032  BTHUSB - ok
15:34:56.0000 1032  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
15:34:56.0000 1032  cbidf2k - ok
15:34:56.0046 1032  [ 6163ED60B684BAB19D3352AB22FC48B2 ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
15:34:56.0046 1032  CCDECODE - ok
15:34:56.0062 1032  cd20xrnt - ok
15:34:56.0109 1032  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
15:34:56.0109 1032  Cdaudio - ok
15:34:56.0156 1032  [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
15:34:56.0156 1032  Cdfs - ok
15:34:56.0203 1032  [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:34:56.0203 1032  Cdrom - ok
15:34:56.0218 1032  Changer - ok
15:34:56.0265 1032  [ 234D52C63C67A8CF4AF9BECCE43BFB4A ] CiSvc           C:\WINDOWS\system32\cisvc.exe
15:34:56.0265 1032  CiSvc - ok
15:34:56.0328 1032  [ 0461868578D29DC18FB1C79933C5158A ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
15:34:56.0328 1032  ClipSrv - ok
15:34:56.0375 1032  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:34:56.0390 1032  clr_optimization_v2.0.50727_32 - ok
15:34:56.0437 1032  [ 4266BE808F85826AEDF3C64C1E240203 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
15:34:56.0453 1032  CmBatt - ok
15:34:56.0468 1032  CmdIde - ok
15:34:56.0515 1032  [ E9BD8DB1D7F5014DB5F4A82DF96BD83D ] CMIUSB          C:\WINDOWS\system32\Drivers\MC1001200130012001B\cmiusb.sys
15:34:56.0531 1032  CMIUSB - ok
15:34:56.0578 1032  [ DF1B1A24BF52D0EBC01ED4ECE8979F50 ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
15:34:56.0578 1032  Compbatt - ok
15:34:56.0593 1032  COMSysApp - ok
15:34:56.0625 1032  Cpqarray - ok
15:34:56.0671 1032  [ 1A5F9DB98DF7955B4C7CBDBF2C638238 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
15:34:56.0671 1032  CryptSvc - ok
15:34:56.0718 1032  [ B90B0A61045DB0C63487D1995F957680 ] CSVirtA         C:\WINDOWS\system32\DRIVERS\CSVirtA.sys
15:34:56.0734 1032  CSVirtA - ok
15:34:56.0781 1032  [ DBD89BC0DBE00DCD245BE8F61DBEE291 ] cvintdrv        C:\WINDOWS\system32\drivers\cvintdrv.sys
15:34:56.0781 1032  cvintdrv - ok
15:34:56.0828 1032  [ 5C706C06C1279952D2CC1A609CA948BF ] CVirtA          C:\WINDOWS\system32\DRIVERS\CVirtA.sys
15:34:56.0828 1032  CVirtA - ok
15:34:56.0843 1032  dac2w2k - ok
15:34:56.0859 1032  dac960nt - ok
15:34:56.0953 1032  [ 8AFBC2E1E5555A1C29953AF854F0FCA5 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
15:34:56.0953 1032  DcomLaunch - ok
15:34:57.0015 1032  [ A1B414D2AA66A71146371539444BE45D ] DFSTR2K         C:\WINDOWS\system32\DRIVERS\DFSTOR2K.SYS
15:34:57.0015 1032  DFSTR2K - ok
15:34:57.0062 1032  [ 69F986B2688BA95A0D9362B0E233D5FF ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
15:34:57.0062 1032  Dhcp - ok
15:34:57.0125 1032  [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
15:34:57.0125 1032  Disk - ok
15:34:57.0140 1032  dmadmin - ok
15:34:57.0234 1032  [ 5789B83BA87FC84C3568CF86CACEF8CE ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
15:34:57.0250 1032  dmboot - ok
15:34:57.0296 1032  [ 084EB0A50A4F7B4705C8A57F234E5291 ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
15:34:57.0296 1032  dmio - ok
15:34:57.0328 1032  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
15:34:57.0328 1032  dmload - ok
15:34:57.0390 1032  [ FA2D9D1A9F6B5A88D01E1685CE2378BA ] dmserver        C:\WINDOWS\System32\dmserver.dll
15:34:57.0390 1032  dmserver - ok
15:34:57.0453 1032  [ A6F881284AC1150E37D9AE47FF601267 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
15:34:57.0468 1032  DMusic - ok
15:34:57.0515 1032  [ 2EDDBB3EF1DD5A28CB07C149D36E7286 ] DNE             C:\WINDOWS\system32\DRIVERS\dne2000.sys
15:34:57.0515 1032  DNE - ok
15:34:57.0562 1032  [ D1F5B71BBAEEE07B78980DBD878C0BC7 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
15:34:57.0562 1032  Dnscache - ok
15:34:57.0593 1032  dpti2o - ok
15:34:57.0640 1032  [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
15:34:57.0640 1032  drmkaud - ok
15:34:57.0687 1032  [ 877A4512CC9074D6954776AF47021766 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
15:34:57.0687 1032  ERSvc - ok
15:34:57.0750 1032  [ A07CA23EA361A01E627D911CF139B950 ] Eventlog        C:\WINDOWS\system32\services.exe
15:34:57.0750 1032  Eventlog - ok
15:34:57.0812 1032  [ D68ED3908C7A0DB446111D34AC40DC18 ] EventSystem     C:\WINDOWS\system32\es.dll
15:34:57.0812 1032  EventSystem - ok
15:34:57.0875 1032  [ A52794C010C6DF5B4BC70C4AB5E04088 ] ewusbnet        C:\WINDOWS\system32\DRIVERS\ewusbnet.sys
15:34:57.0875 1032  ewusbnet - ok
15:34:57.0921 1032  [ 57C171EA22F0A7F068FCB0CAEDD1E8E7 ] ew_hwusbdev     C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys
15:34:57.0921 1032  ew_hwusbdev - ok
15:34:57.0984 1032  [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
15:34:57.0984 1032  Fastfat - ok
15:34:58.0046 1032  [ BAC5F7F0C2B8C1B9832594851E0F9914 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
15:34:58.0062 1032  FastUserSwitchingCompatibility - ok
15:34:58.0125 1032  [ 030DEF1B6AD98FA70A51C9994DABC924 ] Fax             C:\WINDOWS\system32\fxssvc.exe
15:34:58.0125 1032  Fax - ok
15:34:58.0156 1032  [ CED2E8396A8838E59D8FD529C680E02C ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
15:34:58.0156 1032  Fdc - ok
15:34:58.0218 1032  [ 9E9AF89F9B14AA6249065C309CE73BD8 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
15:34:58.0218 1032  Fips - ok
15:34:58.0265 1032  [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
15:34:58.0265 1032  Flpydisk - ok
15:34:58.0328 1032  [ 157754F0DF355A9E0A6F54721914F9C6 ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
15:34:58.0328 1032  FltMgr - ok
15:34:58.0468 1032  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:34:58.0468 1032  FontCache3.0.0.0 - ok
15:34:58.0531 1032  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:34:58.0531 1032  Fs_Rec - ok
15:34:58.0578 1032  [ 8672947AEEC467DC5907BA024BAF06EF ] FTDIBUS         C:\WINDOWS\system32\drivers\ftdibus.sys
15:34:58.0593 1032  FTDIBUS - ok
15:34:58.0640 1032  [ 8F1955CE42E1484714B542F341647778 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:34:58.0640 1032  Ftdisk - ok
15:34:58.0703 1032  [ E51EC9D232494C0713E0A0938DD9C893 ] FTLUND          C:\WINDOWS\system32\drivers\ftlund.sys
15:34:58.0703 1032  FTLUND - ok
15:34:58.0734 1032  [ 1BAEA6F4A629ABCBD87267C2C732C982 ] FTSER2K         C:\WINDOWS\system32\drivers\ftser2k.sys
15:34:58.0734 1032  FTSER2K - ok
15:34:58.0796 1032  [ 3A3929B7A0EEEF83DF3A6C81E43A1FA9 ] fwdrv           C:\WINDOWS\system32\drivers\fwdrv.sys
15:34:58.0796 1032  fwdrv - ok
15:34:58.0859 1032  [ 0879DC7444A201DF84E69C5DD5083D61 ] getPlusHelper   C:\Programme\NOS\bin\getPlus_Helper.dll
15:34:58.0859 1032  getPlusHelper - ok
15:34:58.0875 1032  [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:34:58.0890 1032  Gpc - ok
15:34:58.0937 1032  [ D220B8EBC4149E266AD9157B5A981AC0 ] gpib420         C:\WINDOWS\system32\drivers\gpib420.sys
15:34:58.0937 1032  gpib420 - ok
15:34:58.0984 1032  [ DE10DC1E0E954FCCFA61B6C92C83A091 ] GpibPrtK        C:\WINDOWS\system32\drivers\gpibprtk.sys
15:34:59.0000 1032  GpibPrtK - ok
15:34:59.0078 1032  [ BA85BCF1A2BCF927C3600574173403E0 ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:34:59.0078 1032  helpsvc - ok
15:34:59.0140 1032  [ B647CA198B9C73056ABFB0A9D8F4916D ] HidServ         C:\WINDOWS\System32\hidserv.dll
15:34:59.0140 1032  HidServ - ok
15:34:59.0203 1032  [ 1DE6783B918F540149AA69943BDFEBA8 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:34:59.0203 1032  HidUsb - ok
15:34:59.0265 1032  [ 0573480A26DB723364C65373094CF73C ] HOSTNT          C:\WINDOWS\system32\drivers\HOSTNT.sys
15:34:59.0265 1032  HOSTNT - ok
15:34:59.0312 1032  [ 8B566EA71D5B76157A9CDB78F25A5731 ] Hotkey          C:\WINDOWS\system32\drivers\Hotkey.sys
15:34:59.0312 1032  Hotkey - ok
15:34:59.0328 1032  hpn - ok
15:34:59.0375 1032  [ 9F1D80908658EB7F1BF70809E0B51470 ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys
15:34:59.0390 1032  HPZid412 - ok
15:34:59.0437 1032  [ F7E3E9D50F9CD3DE28085A8FDAA0A1C3 ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
15:34:59.0437 1032  HPZipr12 - ok
15:34:59.0484 1032  [ CF1B7951B4EC8D13F3C93B74BB2B461B ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
15:34:59.0484 1032  HPZius12 - ok
15:34:59.0562 1032  [ 13D4B70BF2F9BC550E9079DA864D3EC1 ] HSFHWATI        C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys
15:34:59.0562 1032  HSFHWATI - ok
15:34:59.0625 1032  [ DFA8F86C0DBCA7DB948043AA3BE6793B ] HSF_DP          C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
15:34:59.0656 1032  HSF_DP - ok
15:34:59.0718 1032  [ 9F8B0F4276F618964FD118BE4289B7CD ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
15:34:59.0734 1032  HTTP - ok
15:34:59.0796 1032  [ 9EC7E866BBDBF3ECC0E67F4E0A838EB2 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
15:34:59.0796 1032  HTTPFilter - ok
15:34:59.0859 1032  [ BED3A9F86A637CC6C2C5296CD82423D8 ] huawei_enumerator C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys
15:34:59.0859 1032  huawei_enumerator - ok
15:34:59.0906 1032  [ 1F40368DC40B17DE3FA0FBE8A9D82F9E ] hwdatacard      C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
15:34:59.0906 1032  hwdatacard - ok
15:35:00.0046 1032  HWDeviceService.exe - ok
15:35:00.0093 1032  [ 448BB2FE30F1DDE9EAA4F0E87B52B687 ] hwinterface     C:\WINDOWS\system32\Drivers\hwinterface.sys
15:35:00.0093 1032  hwinterface - ok
15:35:00.0125 1032  i2omgmt - ok
15:35:00.0140 1032  i2omp - ok
15:35:00.0203 1032  [ 7C575018D0413440D75432A78B88C899 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:35:00.0203 1032  i8042prt - ok
15:35:00.0281 1032  [ BDCE6B54E1D7D8399175A83A02274B7A ] iaStor          C:\WINDOWS\system32\drivers\iaStor.sys
15:35:00.0296 1032  iaStor - ok
15:35:00.0531 1032  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:35:00.0546 1032  idsvc - ok
15:35:00.0593 1032  [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
15:35:00.0609 1032  Imapi - ok
15:35:00.0656 1032  [ 57D7267A9ED91ECAF4336B08C9628FCA ] ImapiService    C:\WINDOWS\system32\imapi.exe
15:35:00.0671 1032  ImapiService - ok
15:35:00.0687 1032  ini910u - ok
15:35:00.0718 1032  IntelIde - ok
15:35:00.0781 1032  [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
15:35:00.0781 1032  Ip6Fw - ok
15:35:00.0828 1032  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:35:00.0828 1032  IpFilterDriver - ok
15:35:00.0875 1032  [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:35:00.0875 1032  IpInIp - ok
15:35:00.0921 1032  [ E2168CBC7098FFE963C6F23F472A3593 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:35:00.0921 1032  IpNat - ok
15:35:00.0984 1032  [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:35:00.0984 1032  IPSec - ok
15:35:01.0031 1032  [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
15:35:01.0031 1032  IRENUM - ok
15:35:01.0093 1032  [ CE9B7AFDF0A3D7DD8D1487262316B959 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:35:01.0093 1032  isapnp - ok
15:35:01.0234 1032  [ A12175F063302CD68F8FC6D572D7E5FD ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
15:35:01.0234 1032  JavaQuickStarterService - ok
15:35:01.0296 1032  [ B128FC0A5CD83F669D5DE4B58F77C7D6 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:35:01.0296 1032  Kbdclass - ok
15:35:01.0359 1032  [ 7EC877AA899323B92874FE62C7DDCDE7 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
15:35:01.0359 1032  kbdhid - ok
15:35:01.0390 1032  [ 406441109101895BCE2C934434DE2F25 ] khips           C:\WINDOWS\system32\drivers\khips.sys
15:35:01.0390 1032  Suspicious file (Forged): C:\WINDOWS\system32\drivers\khips.sys. Real md5: 406441109101895BCE2C934434DE2F25, Fake md5: D44C0F4FC254344BAD74581632339963
15:35:01.0406 1032  khips ( Virus.Win32.ZAccess.aml ) - infected
15:35:01.0406 1032  khips - detected Virus.Win32.ZAccess.aml (0)
15:35:01.0468 1032  [ 859C2200E6123CE8BCAE7CE2CC84E93E ] Kithara-Ksts7   C:\WINDOWS\system32\Ksts7.sys
15:35:01.0484 1032  Kithara-Ksts7 - ok
15:35:01.0515 1032  [ D93CAD07C5683DB066B0B2D2D3790EAD ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
15:35:01.0515 1032  kmixer - ok
15:35:01.0562 1032  [ 1BE7CC2535D760AE4D481576EB789F24 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
15:35:01.0562 1032  KSecDD - ok
15:35:01.0625 1032  [ 2865FA4ED4471929881C053A6E5A85F6 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
15:35:01.0625 1032  lanmanserver - ok
15:35:01.0687 1032  [ F716A6F5BABB6DA60C0532510AB52245 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
15:35:01.0687 1032  lanmanworkstation - ok
15:35:01.0718 1032  lbrtfdc - ok
15:35:01.0843 1032  [ 47A111A4DC0D67DA431DF9F91EE09682 ] LkCitadelServer C:\WINDOWS\system32\lkcitdl.exe
15:35:01.0859 1032  LkCitadelServer - ok
15:35:01.0890 1032  [ 405F1B0B939D362736A7F6583FB057C4 ] lkClassAds      C:\WINDOWS\system32\lkads.exe
15:35:01.0906 1032  lkClassAds - ok
15:35:01.0953 1032  [ 8A18F0674712F9D99848875666A0E599 ] lkTimeSync      C:\WINDOWS\system32\lktsrv.exe
15:35:01.0953 1032  lkTimeSync - ok
15:35:02.0000 1032  [ 4C25FADD7FE1D5BD779B20D3D0EB8D7C ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
15:35:02.0015 1032  LmHosts - ok
15:35:02.0078 1032  [ AD1A428085F6499AFC085DB14E6C2EBC ] lvalarmk        C:\WINDOWS\system32\drivers\lvalarmk.dll
15:35:02.0078 1032  lvalarmk - ok
15:35:02.0078 1032  mailKmd - ok
15:35:02.0187 1032  [ 11F714F85530A2BD134074DC30E99FCA ] MDM             C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
15:35:02.0187 1032  MDM - ok
15:35:02.0234 1032  [ 3C318B9CD391371BED62126581EE9961 ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
15:35:02.0234 1032  mdmxsdk - ok
15:35:02.0281 1032  [ E5215AB942C5AC5F7EB0E54871D7A27C ] Messenger       C:\WINDOWS\System32\msgsvc.dll
15:35:02.0281 1032  Messenger - ok
15:35:02.0343 1032  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
15:35:02.0343 1032  mnmdd - ok
15:35:02.0406 1032  [ BB2470D20405B272EA47CA5E18F1C58E ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
15:35:02.0406 1032  mnmsrvc - ok
15:35:02.0515 1032  [ 38106C7BD34EAE89D2769AC0BA2E846B ] Mobile Partner. RunOuc C:\Programme\Mobile Partner\UpdateDog\ouc.exe
15:35:02.0515 1032  Mobile Partner. RunOuc - ok
15:35:02.0562 1032  [ 91A3DA4B12F6F1D760463A7F7857F748 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
15:35:02.0562 1032  Modem - ok
15:35:02.0609 1032  [ 71E15CA47FD947552054AFB28536268F ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:35:02.0609 1032  Mouclass - ok
15:35:02.0656 1032  [ 66A6F73C74E1791464160A7065CE711A ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:35:02.0656 1032  mouhid - ok
15:35:02.0687 1032  [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
15:35:02.0687 1032  MountMgr - ok
15:35:02.0765 1032  [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
15:35:02.0765 1032  MozillaMaintenance - ok
15:35:02.0781 1032  mraid35x - ok
15:35:02.0843 1032  [ 46EDCC8F2DB2F322C24F48785CB46366 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:35:02.0843 1032  MRxDAV - ok
15:35:02.0921 1032  [ FB6C89BB3CE282B08BDB1E3C179E1C39 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:35:02.0921 1032  MRxSmb - ok
15:35:02.0984 1032  [ D059F9C7752EF461476E83180DAA5C62 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
15:35:02.0984 1032  MSDTC - ok
15:35:03.0046 1032  [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
15:35:03.0062 1032  Msfs - ok
15:35:03.0078 1032  MSIServer - ok
15:35:03.0125 1032  [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:35:03.0125 1032  MSKSSRV - ok
15:35:03.0171 1032  [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:35:03.0171 1032  MSPCLOCK - ok
15:35:03.0218 1032  [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
15:35:03.0218 1032  MSPQM - ok
15:35:03.0250 1032  [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:35:03.0250 1032  mssmbios - ok
15:35:03.0296 1032  [ BF13612142995096AB084F2DB7F40F77 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
15:35:03.0296 1032  MSTEE - ok
15:35:03.0359 1032  [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
15:35:03.0359 1032  Mup - ok
15:35:03.0484 1032  [ 028E3BE58A83E671A349F84704F80387 ] mxssvr          C:\Programme\National Instruments\MAX\nimxs.exe
15:35:03.0500 1032  mxssvr - ok
15:35:03.0562 1032  [ 5C8DC6429C43DC6177C1FA5B76290D1A ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
15:35:03.0562 1032  NABTSFEC - ok
15:35:03.0609 1032  [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
15:35:03.0625 1032  NDIS - ok
15:35:03.0671 1032  [ 520CE427A8B298F54112857BCF6BDE15 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
15:35:03.0671 1032  NdisIP - ok
15:35:03.0718 1032  [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:35:03.0718 1032  NdisTapi - ok
15:35:03.0765 1032  [ 8D3CE6B579CDE8D37ACC690B67DC2106 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:35:03.0765 1032  Ndisuio - ok
15:35:03.0828 1032  [ 0B90E255A9490166AB368CD55A529893 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:35:03.0828 1032  NdisWan - ok
15:35:03.0875 1032  [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
15:35:03.0875 1032  NDProxy - ok
15:35:03.0906 1032  [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
15:35:03.0906 1032  NetBIOS - ok
15:35:03.0968 1032  [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
15:35:03.0968 1032  NetBT - ok
15:35:04.0000 1032  [ F4EFF57254F565F39B6029150414A0D5 ] NetDDE          C:\WINDOWS\system32\netdde.exe
15:35:04.0015 1032  NetDDE - ok
15:35:04.0031 1032  [ F4EFF57254F565F39B6029150414A0D5 ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
15:35:04.0046 1032  NetDDEdsdm - ok
15:35:04.0093 1032  [ 183805EB05BCA5A1E4AAAED4D2BE3690 ] Netlogon        C:\WINDOWS\system32\lsass.exe
15:35:04.0093 1032  Netlogon - ok
15:35:04.0171 1032  [ 1E5218FBE323C375B488318950E10FB4 ] Netman          C:\WINDOWS\System32\netman.dll
15:35:04.0171 1032  Netman - ok
15:35:04.0265 1032  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:35:04.0281 1032  NetTcpPortSharing - ok
15:35:04.0343 1032  [ 5D249C5365F819F70882570A1746C9D2 ] niarbk          C:\WINDOWS\system32\drivers\niarbk.dll
15:35:04.0343 1032  niarbk - ok
15:35:04.0390 1032  [ EC11F3561E9EF42B515839C5FEED393B ] nibffrk         C:\WINDOWS\system32\drivers\nibffrk.dll
15:35:04.0390 1032  nibffrk - ok
15:35:04.0421 1032  [ 5C5C53DB4FEF16CF87B9911C7E8C6FBC ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
15:35:04.0421 1032  NIC1394 - ok
15:35:04.0500 1032  [ 1093A51BCF319482CFB69DA8B340B0A5 ] nicanpk         C:\WINDOWS\system32\DRIVERS\nicanpk.dll
15:35:04.0500 1032  nicanpk - ok
15:35:04.0562 1032  [ 45D9C1DC06FAD0395E0861CC89700FBC ] nicdrk          C:\WINDOWS\system32\drivers\nicdrk.dll
15:35:04.0562 1032  nicdrk - ok
15:35:04.0703 1032  [ 6DEB11476814065B9A59434F266FC69D ] Nidaq32k        C:\WINDOWS\system32\drivers\Nidaq32k.sys
15:35:04.0718 1032  Nidaq32k - ok
15:35:04.0781 1032  [ 028E3BE58A83E671A349F84704F80387 ] nidevldu        C:\WINDOWS\system32\nipalsm.exe
15:35:04.0781 1032  nidevldu - ok
15:35:04.0843 1032  [ 07AF1E1DD9AA923CD3F3D5CF5EF5E27B ] nidimk          C:\WINDOWS\system32\drivers\nidimk.dll
15:35:04.0843 1032  nidimk - ok
15:35:04.0906 1032  [ D87CF93416AD39647F47F69E527C9507 ] nidmmk          C:\WINDOWS\system32\drivers\nidmmk.dll
15:35:04.0906 1032  nidmmk - ok
15:35:04.0968 1032  [ 89662F827524A030EF10BDF1EA00D74A ] nidmxfk         C:\WINDOWS\system32\drivers\nidmxfk.dll
15:35:04.0968 1032  nidmxfk - ok
15:35:05.0078 1032  [ 046609D2DF2A399AB05D17959243930A ] NIDomainService C:\Programme\National Instruments\Shared\Security\nidmsrv.exe
15:35:05.0078 1032  NIDomainService - ok
15:35:05.0250 1032  [ 19ED03F78107F2776796FA5C7AAB8835 ] nidsark         C:\WINDOWS\system32\drivers\nidsark.dll
15:35:05.0265 1032  nidsark - ok
15:35:05.0437 1032  [ 243539C91EF531C73C4CF40C9E49FE21 ] nidwgk          C:\WINDOWS\system32\drivers\nidwgk.dll
15:35:05.0453 1032  nidwgk - ok
15:35:05.0515 1032  [ 23D8891AB70CB1B6004AED1602554B16 ] niembrtk        C:\WINDOWS\system32\drivers\niembrtk.sys
15:35:05.0515 1032  niembrtk - ok
15:35:05.0671 1032  [ 73CBA5BE1EE9801118DB76C88E241FD5 ] niemrk          C:\WINDOWS\system32\drivers\niemrk.dll
15:35:05.0671 1032  niemrk - ok
15:35:05.0796 1032  [ C6A616068A91BE726F391EDF5DBB712E ] niesrk          C:\WINDOWS\system32\drivers\niesrk.dll
15:35:05.0812 1032  niesrk - ok
15:35:05.0875 1032  [ E3A20952DEF1A835A8D41D31B1E23FAA ] nifslk          C:\WINDOWS\system32\drivers\nifslk.dll
15:35:05.0875 1032  nifslk - ok
15:35:05.0937 1032  [ 8CD4C73E3E14F1C339214BDA702B67F2 ] nigplk          C:\WINDOWS\system32\drivers\nigplk.dll
15:35:05.0937 1032  nigplk - ok
15:35:06.0046 1032  [ 15A5FF7BE3412E34164734F29C9FFC97 ] nihsdrk         C:\WINDOWS\system32\drivers\nihsdrk.dll
15:35:06.0062 1032  nihsdrk - ok
15:35:06.0140 1032  [ 4DE37E30CCA8C9CC7CAE64EC4113CD48 ] niimaqk         C:\WINDOWS\system32\drivers\niimaqk.dll
15:35:06.0140 1032  niimaqk - ok
15:35:06.0390 1032  [ 7E0A2B37E28B70A3A11BA0670D6978FB ] NILM License Manager C:\Programme\National Instruments\Shared\License Manager\Bin\lmgrd.exe
15:35:06.0406 1032  NILM License Manager - ok
15:35:06.0484 1032  [ E9308B3113F88198B50CEAC72194B71D ] nimcdfxk        C:\WINDOWS\system32\drivers\nimcdfxk.dll
15:35:06.0484 1032  nimcdfxk - ok
15:35:06.0562 1032  [ CE94FC9BF9D3517D1DC1D3EF40B7F8EC ] nimcdlbk        C:\WINDOWS\system32\drivers\nimcdlbk.dll
15:35:06.0562 1032  nimcdlbk - ok
15:35:06.0609 1032  [ 028E3BE58A83E671A349F84704F80387 ] nimcdldu        C:\WINDOWS\system32\nipalsm.exe
15:35:06.0609 1032  nimcdldu - ok
15:35:06.0625 1032  [ 028E3BE58A83E671A349F84704F80387 ] nimcrpcsu       C:\WINDOWS\system32\nipalsm.exe
15:35:06.0640 1032  nimcrpcsu - ok
15:35:06.0703 1032  [ 7FFC2CA3E678D05D3B22C5DB9846F3D8 ] nimdbgk         C:\WINDOWS\system32\drivers\nimdbgk.dll
15:35:06.0703 1032  nimdbgk - ok
15:35:06.0765 1032  [ DD4B89019AB1ECA5C04757E2F7D8A9E4 ] nimdsk          C:\WINDOWS\system32\drivers\nimdsk.dll
15:35:06.0765 1032  nimdsk - ok
15:35:06.0859 1032  [ 17293237E455E79F5B15FC262EC44647 ] nimru2k         C:\WINDOWS\system32\drivers\nimru2k.dll
15:35:06.0875 1032  nimru2k - ok
15:35:06.0921 1032  [ 11A086D764C8B7B46AEFAC0A5A85B3CF ] nimsdrk         C:\WINDOWS\system32\drivers\nimsdrk.dll
15:35:06.0921 1032  nimsdrk - ok
15:35:06.0984 1032  [ 99521722C0858AB23E06855E1069C725 ] nimslk          C:\WINDOWS\system32\drivers\nimslk.dll
15:35:06.0984 1032  nimslk - ok
15:35:07.0078 1032  [ ACFD05455DF010E85E0C8A56E9C255C3 ] nimsrlk         C:\WINDOWS\system32\drivers\nimsrlk.dll
15:35:07.0078 1032  nimsrlk - ok
15:35:07.0156 1032  [ 3B42DFBD8EF619C788477DEEF36D5BD3 ] nimstsk         C:\WINDOWS\system32\drivers\nimstsk.dll
15:35:07.0156 1032  nimstsk - ok
15:35:07.0203 1032  [ 87B956CBD9B360D46D0D5B8936ABAF8F ] nimxdfk         C:\WINDOWS\system32\drivers\nimxdfk.dll
15:35:07.0218 1032  nimxdfk - ok
15:35:07.0265 1032  [ 5F903BC1B9F9E956414BBDDBA16FAC2A ] nimxpk          C:\WINDOWS\system32\drivers\nimxpk.dll
15:35:07.0265 1032  nimxpk - ok
15:35:07.0312 1032  [ 4D2D48CA86BD80AE4A6E449910201EEF ] niorbk          C:\WINDOWS\system32\drivers\niorbk.dll
15:35:07.0312 1032  niorbk - ok
15:35:07.0375 1032  [ 9E596685B0FE0EB78D429B066196F461 ] NIPALK          C:\WINDOWS\system32\drivers\nipalk.sys
15:35:07.0375 1032  NIPALK - ok
15:35:07.0437 1032  [ D91EB361C2FC2253719D4F653320FDD1 ] nipxirmk        C:\WINDOWS\system32\drivers\nipxirmk.dll
15:35:07.0437 1032  nipxirmk - ok
15:35:07.0453 1032  [ 028E3BE58A83E671A349F84704F80387 ] nipxirmu        C:\WINDOWS\system32\nipalsm.exe
15:35:07.0453 1032  nipxirmu - ok
15:35:07.0468 1032  niRTProxy - ok
15:35:07.0593 1032  [ 011786A34D27187AD3ABBD8805D57B5D ] niscdk          C:\WINDOWS\system32\drivers\niscdk.dll
15:35:07.0609 1032  niscdk - ok
15:35:07.0718 1032  [ 363CB4CB12FC75EACF9B5F88ED80F51A ] nisdigk         C:\WINDOWS\system32\drivers\nisdigk.dll
15:35:07.0718 1032  nisdigk - ok
15:35:07.0843 1032  [ 2039B087947B5ACA8C84DF59258CBEE6 ] nisftk          C:\WINDOWS\system32\drivers\nisftk.dll
15:35:07.0859 1032  nisftk - ok
15:35:07.0968 1032  [ 01B7543E24734AB41C254D57ED3E404D ] nisldk          C:\WINDOWS\system32\drivers\nisldk.dll
15:35:07.0984 1032  nisldk - ok
15:35:08.0046 1032  [ B3727737C07311A76B21864EAAD5E662 ] nispdk          C:\WINDOWS\system32\drivers\nispdk.dll
15:35:08.0062 1032  nispdk - ok
15:35:08.0265 1032  [ 809E7C28F267A275391181CA1C5128A7 ] nisrcdk         C:\WINDOWS\system32\drivers\nisrcdk.dll
15:35:08.0281 1032  nisrcdk - ok
15:35:08.0484 1032  [ 9FA3FF402715EF0F99CB574CAC1CDBB3 ] nissrk          C:\WINDOWS\system32\drivers\nissrk.dll
15:35:08.0500 1032  nissrk - ok
15:35:08.0609 1032  [ 26B93D94209352D239000D1B177C1D01 ] nistc2k         C:\WINDOWS\system32\drivers\nistc2k.dll
15:35:08.0609 1032  nistc2k - ok
15:35:08.0656 1032  [ 45BFFAED056B917407CC2D52A520A582 ] nistck          C:\WINDOWS\system32\drivers\nistck.dll
15:35:08.0656 1032  nistck - ok
15:35:08.0765 1032  [ C48BDF1B1EEF9FD086302194C8D928EA ] nistcrk         C:\WINDOWS\system32\drivers\nistcrk.dll
15:35:08.0765 1032  nistcrk - ok
15:35:08.0781 1032  niSvcLoc - ok
15:35:08.0937 1032  [ C89E56ECA46FDDB251D303AFE1BD61B5 ] niswdk          C:\WINDOWS\system32\drivers\niswdk.dll
15:35:08.0937 1032  niswdk - ok
15:35:09.0062 1032  [ 748D66B8F133B7C650BCE469ADCF432D ] NITaggerService C:\Programme\National Instruments\Shared\Tagger\tagsrv.exe
15:35:09.0078 1032  NITaggerService - ok
15:35:09.0250 1032  [ 3806925CA9B1654404837B664139E2B0 ] nitiork         C:\WINDOWS\system32\drivers\nitiork.dll
15:35:09.0265 1032  nitiork - ok
15:35:09.0328 1032  [ A4C4BFDDCAB8E54FC716284289B4DDB3 ] NiViFWK         C:\WINDOWS\system32\drivers\NiViFWK.sys
15:35:09.0328 1032  NiViFWK - ok
15:35:09.0406 1032  [ 00830F80DAD4A25D1C81635B523F8492 ] NiViPciK        C:\WINDOWS\system32\drivers\NiViPciK.sys
15:35:09.0406 1032  NiViPciK - ok
15:35:09.0453 1032  [ 0DC80DB7CE9CA2951F94392AB5B026A7 ] NiViPxiK        C:\WINDOWS\system32\drivers\NiViPxiK.sys
15:35:09.0453 1032  NiViPxiK - ok
15:35:09.0531 1032  [ 9D42E04768F46DEFF0F618420FC31097 ] niwdk           C:\WINDOWS\system32\drivers\niwdk.sys
15:35:09.0546 1032  niwdk - ok
15:35:09.0671 1032  [ AF3915B82B4A1596C2BD238F2AA7D412 ] niwfrk          C:\WINDOWS\system32\drivers\niwfrk.dll
15:35:09.0687 1032  niwfrk - ok
15:35:09.0875 1032  [ 60701781EF0DBEB2DD2037E7BC247995 ] nixsrk          C:\WINDOWS\system32\drivers\nixsrk.dll
15:35:09.0890 1032  nixsrk - ok
15:35:09.0968 1032  [ EB55B1D9978B61E9913EDCD27EEC4C7C ] Nla             C:\WINDOWS\System32\mswsock.dll
15:35:09.0968 1032  Nla - ok
15:35:10.0046 1032  [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
15:35:10.0046 1032  Npfs - ok
15:35:10.0140 1032  [ B78BE402C3F63DD55521F73876951CDD ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
15:35:10.0156 1032  Ntfs - ok
15:35:10.0203 1032  [ 183805EB05BCA5A1E4AAAED4D2BE3690 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
15:35:10.0203 1032  NtLmSsp - ok
15:35:10.0281 1032  [ 428AA946A8D9F32DBB4260C8E6E13377 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
15:35:10.0296 1032  NtmsSvc - ok
15:35:10.0343 1032  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
15:35:10.0343 1032  Null - ok
15:35:10.0390 1032  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:35:10.0390 1032  NwlnkFlt - ok
15:35:10.0406 1032  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:35:10.0406 1032  NwlnkFwd - ok
15:35:10.0625 1032  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
15:35:10.0625 1032  odserv - ok
15:35:10.0687 1032  [ C91F4AB66638A255660137A36E729FC4 ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
15:35:10.0687 1032  ohci1394 - ok
15:35:10.0765 1032  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
15:35:10.0765 1032  ose - ok
15:35:10.0796 1032  [ B2F17A2EDB5450E61973A037F63A595B ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
15:35:10.0812 1032  Parport - ok
15:35:10.0843 1032  [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
15:35:10.0843 1032  PartMgr - ok
15:35:10.0875 1032  [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
15:35:10.0875 1032  ParVdm - ok
15:35:10.0906 1032  [ 6FB463E5B243FBD6F3D3C83F914D94FB ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
15:35:10.0906 1032  PCI - ok
15:35:10.0921 1032  PCIDump - ok
15:35:10.0968 1032  [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
15:35:10.0984 1032  PCIIde - ok
15:35:11.0046 1032  [ 7B91463DF28DC4BD91323A28BEB0D751 ] PCIIMAQ         C:\WINDOWS\system32\drivers\PCIIMAQ.sys
15:35:11.0062 1032  PCIIMAQ - ok
15:35:11.0093 1032  [ E2363F4C1DAFF89ABEE5F593E13D8A05 ] Pcmcia          C:\WINDOWS\system32\DRIVERS\pcmcia.sys
15:35:11.0093 1032  Pcmcia - ok
15:35:11.0125 1032  PDCOMP - ok
15:35:11.0140 1032  PDFRAME - ok
15:35:11.0156 1032  PDRELI - ok
15:35:11.0171 1032  PDRFRAME - ok
15:35:11.0203 1032  perc2 - ok
15:35:11.0218 1032  perc2hib - ok
15:35:11.0312 1032  [ D2D2FA02B722336960EEAE0AE7107891 ] PID_0928        C:\WINDOWS\system32\DRIVERS\LV561AV.SYS
15:35:11.0328 1032  PID_0928 - ok
15:35:11.0343 1032  PLCMPR5 - ok
15:35:11.0390 1032  [ 2ABA2F545B35F9C6CC2CFC4E1D539A80 ] PLCNDIS5        C:\WINDOWS\system32\plcndis5.sys
15:35:11.0390 1032  PLCNDIS5 - ok
15:35:11.0421 1032  [ A07CA23EA361A01E627D911CF139B950 ] PlugPlay        C:\WINDOWS\system32\services.exe
15:35:11.0421 1032  PlugPlay - ok
15:35:11.0468 1032  [ 9D84376931440F3679BEEF2A414FA493 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
15:35:11.0468 1032  Pml Driver HPZ12 - ok
15:35:11.0500 1032  [ 183805EB05BCA5A1E4AAAED4D2BE3690 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
15:35:11.0500 1032  PolicyAgent - ok
15:35:11.0531 1032  [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:35:11.0531 1032  PptpMiniport - ok
15:35:11.0593 1032  [ F04317FB351B75233979DC65D4CEAD54 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys
15:35:11.0593 1032  Processor - ok
15:35:11.0609 1032  [ 183805EB05BCA5A1E4AAAED4D2BE3690 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
15:35:11.0609 1032  ProtectedStorage - ok
15:35:11.0640 1032  [ 48671F327553DCF1D27F6197F622A668 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
15:35:11.0640 1032  PSched - ok
15:35:11.0687 1032  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:35:11.0687 1032  Ptilink - ok
15:35:11.0734 1032  [ 183EF96BCC2EC3D5294CB2C2C0ECBCD1 ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
15:35:11.0750 1032  PxHelp20 - ok
15:35:11.0750 1032  ql1080 - ok
15:35:11.0765 1032  Ql10wnt - ok
15:35:11.0796 1032  ql12160 - ok
15:35:11.0796 1032  ql1240 - ok
15:35:11.0812 1032  ql1280 - ok
15:35:11.0875 1032  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:35:11.0875 1032  RasAcd - ok
15:35:11.0906 1032  [ E3C6E87C1F84584A773D7C3DD205DBFF ] RasAuto         C:\WINDOWS\System32\rasauto.dll
15:35:11.0906 1032  RasAuto - ok
15:35:11.0937 1032  [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:35:11.0937 1032  Rasl2tp - ok
15:35:11.0984 1032  [ A5D2D745A2AEFA327DCA6DA317B5FD70 ] RasMan          C:\WINDOWS\System32\rasmans.dll
15:35:11.0984 1032  RasMan - ok
15:35:12.0015 1032  [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:35:12.0015 1032  RasPppoe - ok
15:35:12.0062 1032  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
15:35:12.0062 1032  Raspti - ok
15:35:12.0125 1032  [ 809CA45CAA9072B3176AD44579D7F688 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:35:12.0125 1032  Rdbss - ok
15:35:12.0156 1032  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:35:12.0156 1032  RDPCDD - ok
15:35:12.0218 1032  [ B54CD38A9EBFBF2B3561426E3FE26F62 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
15:35:12.0218 1032  RDPWD - ok
15:35:12.0281 1032  [ AEC159942DF64A9890072D7BB1797762 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
15:35:12.0281 1032  RDSessMgr - ok
15:35:12.0328 1032  [ AA56702E230860565CB8D43680F57F33 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
15:35:12.0328 1032  redbook - ok
15:35:12.0375 1032  [ EBA80CDF25E02084857957E820004934 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
15:35:12.0375 1032  RemoteAccess - ok
15:35:12.0437 1032  [ 99C4B74981A1413F142A3903130088CB ] RFCOMM          C:\WINDOWS\system32\DRIVERS\rfcomm.sys
15:35:12.0437 1032  RFCOMM - ok
15:35:12.0500 1032  [ DA23F9F3F1B1871120F980A6879581AC ] RpcLocator      C:\WINDOWS\system32\locator.exe
15:35:12.0500 1032  RpcLocator - ok
15:35:12.0562 1032  [ 8AFBC2E1E5555A1C29953AF854F0FCA5 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
15:35:12.0578 1032  RpcSs - ok
15:35:12.0640 1032  [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP            C:\WINDOWS\system32\rsvp.exe
15:35:12.0640 1032  RSVP - ok
15:35:12.0671 1032  [ 4A0AE7891FCF74ACC848B109294CB80F ] RTL8023xp       C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys
15:35:12.0671 1032  RTL8023xp - ok
15:35:12.0703 1032  [ D507C1400284176573224903819FFDA3 ] rtl8139         C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
15:35:12.0703 1032  rtl8139 - ok
15:35:12.0734 1032  [ 183805EB05BCA5A1E4AAAED4D2BE3690 ] SamSs           C:\WINDOWS\system32\lsass.exe
15:35:12.0734 1032  SamSs - ok
15:35:12.0796 1032  [ E17FE33C703FFBE1A0AF66B9DCF49345 ] Samsung UPD Service2 C:\WINDOWS\system32\SUPDSvc2.exe
15:35:12.0812 1032  Samsung UPD Service2 - ok
15:35:12.0875 1032  [ B4CF7B42DE6CFA6FDE7D6AF4DAA55F57 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
15:35:12.0875 1032  SCardSvr - ok
15:35:12.0937 1032  [ D5E73842F38E24457C63FEF8CEFFBE19 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
15:35:12.0937 1032  Schedule - ok
15:35:12.0984 1032  [ D26E26EA516450AF9D072635C60387F4 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:35:12.0984 1032  Secdrv - ok
15:35:13.0046 1032  [ FED544B43903FB801B106F062110358A ] seclogon        C:\WINDOWS\System32\seclogon.dll
15:35:13.0046 1032  seclogon - ok
15:35:13.0109 1032  [ AB74D986C1DD0D0C95B6AD37EC1E9F4F ] SENS            C:\WINDOWS\system32\sens.dll
15:35:13.0109 1032  SENS - ok
15:35:13.0171 1032  [ B490AD520257DDA26C1D587A71E527B5 ] Ser2pl          C:\WINDOWS\system32\DRIVERS\ser2pl.sys
15:35:13.0171 1032  Ser2pl - ok
15:35:13.0234 1032  [ A2D868AEEFF612E70E213C451A70CAFB ] Serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
15:35:13.0234 1032  Serenum - ok
15:35:13.0265 1032  [ CD5B9995AFCDB466C9EFC048D167E3BE ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
15:35:13.0265 1032  Serial - ok
15:35:13.0328 1032  [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy         C:\WINDOWS\system32\DRIVERS\sfloppy.sys
15:35:13.0328 1032  Sfloppy - ok
15:35:13.0359 1032  [ BAC5F7F0C2B8C1B9832594851E0F9914 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
15:35:13.0375 1032  ShellHWDetection - ok
15:35:13.0390 1032  Simbad - ok
15:35:13.0437 1032  [ B8A2F8DCDC75F19962D975727F393920 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
15:35:13.0437 1032  SiSRaid2 - ok
15:35:13.0437 1032  siusbmod - ok
15:35:13.0875 1032  [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe
15:35:13.0906 1032  Skype C2C Service - ok
15:35:14.0000 1032  [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate     C:\Programme\Skype\Updater\Updater.exe
15:35:14.0000 1032  SkypeUpdate - ok
15:35:14.0062 1032  [ 5CAEED86821FA2C6139E32E9E05CCDC9 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
15:35:14.0062 1032  SLIP - ok
15:35:14.0125 1032  [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1        C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
15:35:14.0125 1032  SONYPVU1 - ok
15:35:14.0140 1032  Sparrow - ok
15:35:14.0312 1032  [ 7234E4B852F8FA0C48FF0E4FD7394490 ] SPF4            C:\Programme\Sunbelt Software\Personal Firewall\kpf4ss.exe
15:35:14.0328 1032  SPF4 - ok
15:35:14.0390 1032  [ 8E186B8F23295D1E42C573B82B80D548 ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
15:35:14.0390 1032  splitter - ok
15:35:14.0453 1032  [ DA81EC57ACD4CDC3D4C51CF3D409AF9F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
15:35:14.0468 1032  Spooler - ok
15:35:14.0515 1032  [ E4200CB2F418D8FC4ACDD7E38C419D6A ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
15:35:14.0515 1032  sr - ok
15:35:14.0578 1032  [ E150E7618328562598F4CE0B5851B5CD ] srservice       C:\WINDOWS\system32\srsvc.dll
15:35:14.0578 1032  srservice - ok
15:35:14.0656 1032  [ 7A4F147CC6B133F905F6E65E2F8669FB ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
15:35:14.0656 1032  Srv - ok
15:35:14.0703 1032  [ 6FA03B462B2FFFE2627171B7FE73EE29 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
15:35:14.0703 1032  SSDPSRV - ok
15:35:14.0765 1032  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
15:35:14.0765 1032  ssmdrv - ok
15:35:14.0875 1032  [ 07D04C9FE87D21434162D977B56414E6 ] STCAgent        C:\Programme\Cisco Systems\SSL VPN Client\agent.exe
15:35:14.0890 1032  STCAgent - ok
15:35:14.0953 1032  [ A2DBCC4C8860449DF1AB758EA28B4DE0 ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
15:35:14.0953 1032  StillCam - ok
15:35:15.0031 1032  [ 7E751068ADA60FC77638622E86A7CD9E ] stisvc          C:\WINDOWS\system32\wiaservc.dll
15:35:15.0031 1032  stisvc - ok
15:35:15.0093 1032  [ 284C57DF5DC7ABCA656BC2B96A667AFB ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
15:35:15.0109 1032  streamip - ok
15:35:15.0156 1032  [ 03C1BAE4766E2450219D20B993D6E046 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
15:35:15.0156 1032  swenum - ok
15:35:15.0203 1032  [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
15:35:15.0203 1032  swmidi - ok
15:35:15.0218 1032  SwPrv - ok
15:35:15.0234 1032  symc810 - ok
15:35:15.0250 1032  symc8xx - ok
15:35:15.0281 1032  sym_hi - ok
15:35:15.0296 1032  sym_u3 - ok
15:35:15.0328 1032  [ 59E9D90D6373F8AD4E3EBD0ECDEDD35E ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
15:35:15.0343 1032  SynTP - ok
15:35:15.0375 1032  [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
15:35:15.0375 1032  sysaudio - ok
15:35:15.0406 1032  [ 6D0C43DF9D3A7C5A9B4F94772CBD5DDC ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
15:35:15.0421 1032  SysmonLog - ok
15:35:15.0484 1032  [ 427D7EB3B453347082C8F4B370065D60 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
15:35:15.0484 1032  TapiSrv - ok
15:35:15.0562 1032  [ 744E57C99232201AE98C49168B918F48 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:35:15.0562 1032  Tcpip - ok
15:35:15.0625 1032  [ 7DDA159DEDA4FEF8523EEFC34E524013 ] Tcpip6          C:\WINDOWS\system32\DRIVERS\tcpip6.sys
15:35:15.0625 1032  Tcpip6 - ok
15:35:15.0671 1032  [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
15:35:15.0671 1032  TDPIPE - ok
15:35:15.0703 1032  [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
15:35:15.0703 1032  TDTCP - ok
15:35:15.0750 1032  [ A540A99C281D933F3D69D55E48727F47 ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
15:35:15.0750 1032  TermDD - ok
15:35:15.0812 1032  [ 1850BC10DE5DCCCEDE063FC2D0F2CEDA ] TermService     C:\WINDOWS\System32\termsrv.dll
15:35:15.0812 1032  TermService - ok
15:35:15.0843 1032  [ BAC5F7F0C2B8C1B9832594851E0F9914 ] Themes          C:\WINDOWS\System32\shsvcs.dll
15:35:15.0843 1032  Themes - ok
15:35:15.0906 1032  [ 467FF7FB078DCEC24C3F4DB602190E3D ] tifm21          C:\WINDOWS\system32\drivers\tifm21.sys
15:35:15.0906 1032  tifm21 - ok
15:35:15.0921 1032  TosIde - ok
15:35:15.0968 1032  [ A34E894201D66E380E1FA96FE11B587E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
15:35:15.0968 1032  TrkWks - ok
15:35:16.0031 1032  [ 87A0E9E18C10A9E454238E3330E2A26D ] tunmp           C:\WINDOWS\system32\DRIVERS\tunmp.sys
15:35:16.0031 1032  tunmp - ok
15:35:16.0093 1032  [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
15:35:16.0093 1032  Udfs - ok
15:35:16.0109 1032  ultra - ok
15:35:16.0156 1032  [ AB0A7CA90D9E3D6A193905DC1715DED0 ] UMWdf           C:\WINDOWS\system32\wdfmgr.exe
15:35:16.0156 1032  UMWdf - ok
15:35:16.0218 1032  [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
15:35:16.0218 1032  Update - ok
15:35:16.0281 1032  [ 09D4A2D7C5A8ABEC227D118765FAADDF ] upnphost        C:\WINDOWS\System32\upnphost.dll
15:35:16.0281 1032  upnphost - ok
15:35:16.0328 1032  [ A99F867E76CFDAA28EE305B93F70E84F ] UPS             C:\WINDOWS\System32\ups.exe
15:35:16.0328 1032  UPS - ok
15:35:16.0390 1032  [ 473224D785649D95FE77FEF008DEB794 ] usb6xxxk        C:\WINDOWS\system32\drivers\usb6xxxk.dll
15:35:16.0390 1032  usb6xxxk - ok
15:35:16.0453 1032  [ 45A0D14B26C35497AD93BCE7E15C9941 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
15:35:16.0453 1032  usbaudio - ok
15:35:16.0500 1032  [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:35:16.0500 1032  usbccgp - ok
15:35:16.0562 1032  [ 7481D843E672B51039B7E8A161B746B8 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:35:16.0562 1032  usbehci - ok
15:35:16.0609 1032  [ D31E07BF822C7F2BD32714E9DDCA8BE2 ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:35:16.0609 1032  usbhub - ok
15:35:16.0671 1032  [ BDFE799A8531BAD8A5A985821FE78760 ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys
15:35:16.0671 1032  usbohci - ok
15:35:16.0718 1032  [ A42369B7CD8886CD7C70F33DA6FCBCF5 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:35:16.0718 1032  usbprint - ok
15:35:16.0750 1032  [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:35:16.0750 1032  usbscan - ok
15:35:16.0812 1032  [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:35:16.0812 1032  USBSTOR - ok
15:35:16.0859 1032  [ 8968FF3973A883C49E8B564200F565B9 ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys
15:35:16.0875 1032  usbvideo - ok
15:35:16.0890 1032  [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
15:35:16.0906 1032  VgaSave - ok
15:35:16.0906 1032  ViaIde - ok
15:35:16.0968 1032  [ 6AAA39DD79A8341CE0EF9249F21D6B89 ] viamraid        C:\WINDOWS\system32\drivers\viamraid.sys
15:35:16.0984 1032  viamraid - ok
15:35:17.0046 1032  [ D6888520FF56D72A50437E371CA25FC9 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
15:35:17.0046 1032  VolSnap - ok
15:35:17.0125 1032  [ 5EA22CB6B100212837A97F281EDB3C47 ] vpnagent        C:\Programme\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
15:35:17.0140 1032  vpnagent - ok
15:35:17.0187 1032  [ E1F2333A88EC4A5C8EA6BE357323B72D ] vpnva           C:\WINDOWS\system32\DRIVERS\vpnva.sys
15:35:17.0187 1032  vpnva - ok
15:35:17.0250 1032  [ 1C8A783E90C34D205596F1AB4A97E261 ] vsbus           C:\WINDOWS\system32\DRIVERS\vsb.sys
15:35:17.0250 1032  vsbus - ok
15:35:17.0265 1032  vsdatant - ok
15:35:17.0296 1032  [ 3377DAA1CB8CAC46A538C236F5F3D58F ] vserial         C:\WINDOWS\system32\DRIVERS\vserial.sys
15:35:17.0312 1032  vserial - ok
15:35:17.0375 1032  [ 6635ECBF0D8090DC3A452D0D072B5D5B ] VSS             C:\WINDOWS\System32\vssvc.exe
15:35:17.0375 1032  VSS - ok
15:35:17.0437 1032  [ C6D874CD2A5B83CD11CDEBD28A638584 ] W32Time         C:\WINDOWS\system32\w32time.dll
15:35:17.0453 1032  W32Time - ok
15:35:17.0500 1032  [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:35:17.0515 1032  Wanarp - ok
15:35:17.0531 1032  Wbutton - ok
15:35:17.0609 1032  [ D918617B46457B9AC28027722E30F647 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
15:35:17.0609 1032  Wdf01000 - ok
15:35:17.0640 1032  WDICA - ok
15:35:17.0671 1032  [ 2797F33EBF50466020C430EE4F037933 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
15:35:17.0671 1032  wdmaud - ok
15:35:17.0718 1032  [ 1EB51FEEA9D3208EAE60604F4346C02E ] WebClient       C:\WINDOWS\System32\webclnt.dll
15:35:17.0734 1032  WebClient - ok
15:35:17.0828 1032  [ 473EE64C368CE2EED110376C11960259 ] winachsf        C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
15:35:17.0843 1032  winachsf - ok
15:35:17.0937 1032  [ DA2DADB42916E59C6E4BBA593BCCDA73 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
15:35:17.0953 1032  winmgmt - ok
15:35:18.0031 1032  [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUSB          C:\WINDOWS\system32\DRIVERS\WinUSB.sys
15:35:18.0031 1032  WinUSB - ok
15:35:18.0109 1032  [ 94A85E956A065E23E0010A6A7826243B ] WLSetupSvc      C:\Programme\Windows Live\installer\WLSetupSvc.exe
15:35:18.0109 1032  WLSetupSvc - ok
15:35:18.0171 1032  [ 140EF97B64F560FD78643CAE2CDAD838 ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
15:35:18.0171 1032  WmdmPmSN - ok
15:35:18.0234 1032  [ AE2C8544E747C20062DB27456EA2D67A ] WmiAcpi         C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
15:35:18.0234 1032  WmiAcpi - ok
15:35:18.0296 1032  [ 042A78FCD1ADFB0FBA9865D55C6F5CC1 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:35:18.0312 1032  WmiApSrv - ok
15:35:18.0359 1032  [ 1385E5AA9C9821790D33A9563B8D2DD0 ] WpdUsb          C:\WINDOWS\system32\Drivers\wpdusb.sys
15:35:18.0359 1032  WpdUsb - ok
15:35:18.0406 1032  [ D5842484F05E12121C511AA93F6439EC ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
15:35:18.0406 1032  WSTCODEC - ok
15:35:18.0484 1032  [ EB52B74A5DAADC2CCA68B3E7D81007E6 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
15:35:18.0500 1032  WZCSVC - ok
15:35:18.0562 1032  [ 8302DE1C64618D72346DD0034DBC5D9B ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
15:35:18.0578 1032  xmlprov - ok
15:35:18.0703 1032  ================ Scan global ===============================
15:35:18.0750 1032  [ 1B91BAC6996731EE8925F58205DCB016 ] C:\WINDOWS\system32\basesrv.dll
15:35:18.0812 1032  [ 340A91FBD2A371CBF52E35E3B7DFE2EC ] C:\WINDOWS\system32\winsrv.dll
15:35:18.0843 1032  [ 340A91FBD2A371CBF52E35E3B7DFE2EC ] C:\WINDOWS\system32\winsrv.dll
15:35:18.0859 1032  [ A07CA23EA361A01E627D911CF139B950 ] C:\WINDOWS\system32\services.exe
15:35:18.0875 1032  [Global] - ok
15:35:18.0875 1032  ================ Scan MBR ==================================
15:35:18.0906 1032  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
15:35:19.0156 1032  \Device\Harddisk0\DR0 - ok
15:35:19.0156 1032  ================ Scan VBR ==================================
15:35:19.0156 1032  [ 0AC7EA54F1874C8AE1170D25A530857C ] \Device\Harddisk0\DR0\Partition1
15:35:19.0171 1032  \Device\Harddisk0\DR0\Partition1 - ok
15:35:19.0171 1032  ============================================================
15:35:19.0171 1032  Scan finished
15:35:19.0171 1032  ============================================================
15:35:19.0187 3632  Detected object count: 1
15:35:19.0187 3632  Actual detected object count: 1
15:35:35.0984 3632  C:\WINDOWS\system32\drivers\khips.sys - copied to quarantine
15:35:37.0312 3632  C:\WINDOWS\$NtUninstallKB22607$\3708716353\@ - copied to quarantine
15:35:37.0343 3632  C:\WINDOWS\$NtUninstallKB22607$\3708716353\Desktop.ini - copied to quarantine
15:35:37.0343 3632  C:\WINDOWS\$NtUninstallKB22607$\3708716353\L\00000004.@ - copied to quarantine
15:35:37.0343 3632  C:\WINDOWS\$NtUninstallKB22607$\3708716353\L\201d3dde - copied to quarantine
15:35:37.0359 3632  C:\WINDOWS\$NtUninstallKB22607$\3708716353\L\wpaciqel - copied to quarantine
15:35:37.0375 3632  C:\WINDOWS\$NtUninstallKB22607$\3708716353\U\00000004.@ - copied to quarantine
15:35:37.0421 3632  C:\WINDOWS\$NtUninstallKB22607$\3708716353\U\00000008.@ - copied to quarantine
15:35:37.0453 3632  C:\WINDOWS\$NtUninstallKB22607$\3708716353\U\000000cb.@ - copied to quarantine
15:35:37.0468 3632  C:\WINDOWS\$NtUninstallKB22607$\3708716353\U\80000000.@ - copied to quarantine
15:35:37.0609 3632  C:\WINDOWS\$NtUninstallKB22607$\3708716353\U\80000032.@ - copied to quarantine
15:35:39.0484 3632  khips ( Virus.Win32.ZAccess.aml ) - User select action: Quarantine 
15:36:08.0078 0200  Deinitialize success
         

Alt 17.10.2012, 09:33   #8
Psychotic
/// Malwareteam
 
Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt - Standard

Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt



Kontrollscan mit TDSS-Killer



Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen.

Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und speichere das Logfile. TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern ( Meistens C:\ ) Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt
Poste den Inhalt bitte hier in deinen Thread.
__________________
Kein Asylrecht für Trojaner!

Proud Member of UNITE

Hinweis: Ich bin nur werktags erreichbar!
Anfragen über PM werden ignoriert!

Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board!

Alt 17.10.2012, 10:15   #9
5CB
 
Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt - Standard

Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt



ok...

Code:
ATTFilter
11:17:11.0421 0892  TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
11:17:11.0593 0892  ============================================================
11:17:11.0593 0892  Current date / time: 2012/10/17 11:17:11.0593
11:17:11.0593 0892  SystemInfo:
11:17:11.0593 0892  
11:17:11.0593 0892  OS Version: 5.1.2600 ServicePack: 2.0
11:17:11.0593 0892  Product type: Workstation
11:17:11.0593 0892  ComputerName: KAROOSU-II
11:17:11.0593 0892  UserName: User
11:17:11.0593 0892  Windows directory: C:\WINDOWS
11:17:11.0593 0892  System windows directory: C:\WINDOWS
11:17:11.0593 0892  Processor architecture: Intel x86
11:17:11.0593 0892  Number of processors: 1
11:17:11.0593 0892  Page size: 0x1000
11:17:11.0593 0892  Boot type: Normal boot
11:17:11.0593 0892  ============================================================
11:17:14.0890 0892  Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:17:14.0906 0892  ============================================================
11:17:14.0906 0892  \Device\Harddisk0\DR0:
11:17:14.0906 0892  MBR partitions:
11:17:14.0906 0892  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950E482
11:17:14.0906 0892  ============================================================
11:17:14.0937 0892  C: <-> \Device\Harddisk0\DR0\Partition1
11:17:14.0937 0892  ============================================================
11:17:14.0937 0892  Initialize success
11:17:14.0937 0892  ============================================================
11:17:17.0140 0128  ============================================================
11:17:17.0140 0128  Scan started
11:17:17.0140 0128  Mode: Manual; 
11:17:17.0140 0128  ============================================================
11:17:20.0265 0128  ================ Scan system memory ========================
11:17:24.0187 0128  System memory - ok
11:17:24.0203 0128  ================ Scan services =============================
11:17:24.0437 0128  [ A6F2BE018400EE84231AC34C2F359491 ] 6to4            C:\WINDOWS\System32\6to4svc.dll
11:17:24.0437 0128  6to4 - ok
11:17:24.0484 0128  Abiosdsk - ok
11:17:24.0515 0128  abp480n5 - ok
11:17:24.0593 0128  [ 94B4741D2CF9ED38140B831293D1601A ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:17:24.0609 0128  ACPI - ok
11:17:24.0656 0128  [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC          C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
11:17:24.0656 0128  ACPIEC - ok
11:17:24.0718 0128  [ 6463D1DB354B13E6CED4D67F6E4910F4 ] actser          C:\WINDOWS\system32\drivers\actser.sys
11:17:24.0718 0128  actser - ok
11:17:24.0828 0128  [ 6D182C31ACF16213407F2768F1107FE3 ] Adobe LM Service C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
11:17:24.0859 0128  Adobe LM Service - ok
11:17:24.0875 0128  adpu160m - ok
11:17:24.0937 0128  [ 841F385C6CFAF66B58FBD898722BB4F0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
11:17:24.0968 0128  aec - ok
11:17:25.0031 0128  [ 6A0397376853E604DE8E1E7A87FC08AC ] AFD             C:\WINDOWS\System32\drivers\afd.sys
11:17:25.0046 0128  AFD - ok
11:17:25.0062 0128  Aha154x - ok
11:17:25.0078 0128  aic78u2 - ok
11:17:25.0093 0128  aic78xx - ok
11:17:25.0250 0128  [ BEA942FF21154FEE4F71DDD477621C70 ] ALCXWDM         C:\WINDOWS\system32\drivers\ALCXWDM.SYS
11:17:25.0500 0128  ALCXWDM - ok
11:17:25.0562 0128  [ 1AAB6C5F8376357CB9B16C38C42C4076 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
11:17:25.0562 0128  Alerter - ok
11:17:25.0609 0128  [ 6596DD260FFDE1BDC994C1DF236307BB ] ALG             C:\WINDOWS\System32\alg.exe
11:17:25.0609 0128  ALG - ok
11:17:25.0625 0128  AliIde - ok
11:17:25.0671 0128  [ A2D5F093F9CB160C183C77015704F156 ] AmdK8           C:\WINDOWS\system32\DRIVERS\AmdK8.sys
11:17:25.0718 0128  AmdK8 - ok
11:17:25.0734 0128  amsint - ok
11:17:25.0875 0128  [ C27D46B06D340293670450FCE9DFB166 ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
11:17:25.0875 0128  AntiVirSchedulerService - ok
11:17:25.0953 0128  [ 72D90E56563165984224493069C69ED4 ] AntiVirService  C:\Programme\Avira\AntiVir Desktop\avguard.exe
11:17:25.0953 0128  AntiVirService - ok
11:17:25.0968 0128  AppMgmt - ok
11:17:26.0046 0128  [ D4E7ED3AE224C851B08F3A3A85C37E88 ] AR5211          C:\WINDOWS\system32\DRIVERS\ar5211.sys
11:17:26.0125 0128  AR5211 - ok
11:17:26.0187 0128  [ F0D692B0BFFB46E30EB3CEA168BBC49F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
11:17:26.0203 0128  Arp1394 - ok
11:17:26.0218 0128  asc - ok
11:17:26.0250 0128  asc3350p - ok
11:17:26.0265 0128  asc3550 - ok
11:17:26.0437 0128  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
11:17:26.0546 0128  aspnet_state - ok
11:17:26.0578 0128  [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:17:26.0578 0128  AsyncMac - ok
11:17:26.0625 0128  [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
11:17:26.0640 0128  atapi - ok
11:17:26.0656 0128  Atdisk - ok
11:17:26.0718 0128  [ 6BDB117F5CF40FE91FF50E1BB3F28184 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
11:17:26.0734 0128  Ati HotKey Poller - ok
11:17:26.0859 0128  [ E9EBF7DCA6C5EB9C597035A10A5A6A1B ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
11:17:26.0984 0128  ati2mtag - ok
11:17:27.0031 0128  [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:17:27.0031 0128  Atmarpc - ok
11:17:27.0078 0128  [ 523CA82A8810F4354E6425406AFBC130 ] ATMsrvc         C:\WINDOWS\System32\ATMsrvc.exe
11:17:27.0093 0128  ATMsrvc - ok
11:17:27.0140 0128  [ E98B8250398F6637B335A76BA8DFB602 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
11:17:27.0140 0128  AudioSrv - ok
11:17:27.0203 0128  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
11:17:27.0234 0128  audstub - ok
11:17:27.0281 0128  [ 0B497C79824F8E1BF22FA6AACD3DE3A0 ] avgio           C:\Programme\Avira\AntiVir Desktop\avgio.sys
11:17:27.0281 0128  avgio - ok
11:17:27.0343 0128  [ 1E4114685DE1FFA9675E09C6A1FB3F4B ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
11:17:27.0359 0128  avgntflt - ok
11:17:27.0437 0128  [ 0F78D3DAE6DEDD99AE54C9491C62ADF2 ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
11:17:27.0453 0128  avipbb - ok
11:17:27.0500 0128  [ 077B3692F4376D1539755761FEEF659A ] AVMUNET         C:\WINDOWS\system32\DRIVERS\avmunet.sys
11:17:27.0515 0128  AVMUNET - ok
11:17:27.0562 0128  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
11:17:27.0578 0128  Beep - ok
11:17:27.0656 0128  [ 3A5E54A9AB96EF2D273B58136FB58EFE ] BITS            C:\WINDOWS\system32\qmgr.dll
11:17:27.0765 0128  BITS - ok
11:17:27.0828 0128  [ D8653DCD80CF2EBB333FC4FCC43A7DEF ] Browser         C:\WINDOWS\System32\browser.dll
11:17:27.0828 0128  Browser - ok
11:17:27.0875 0128  [ D24B8D1784C68A25060FFFBE8ED34B76 ] BthEnum         C:\WINDOWS\system32\DRIVERS\BthEnum.sys
11:17:27.0890 0128  BthEnum - ok
11:17:27.0937 0128  [ 9DF0ADF74CE1D6371ED60CF92EB1D9A6 ] BTHMODEM        C:\WINDOWS\system32\DRIVERS\bthmodem.sys
11:17:27.0968 0128  BTHMODEM - ok
11:17:28.0015 0128  [ 10355270BE12641B9764235DA39DCF0F ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys
11:17:28.0031 0128  BthPan - ok
11:17:28.0093 0128  [ 3A7A07B55ADC58E2001537EB6E0A980D ] BTHPORT         C:\WINDOWS\system32\Drivers\BTHport.sys
11:17:28.0187 0128  BTHPORT - ok
11:17:28.0234 0128  [ 822D1875B12B6219CECE1D221349CEF4 ] BthServ         C:\WINDOWS\System32\bthserv.dll
11:17:28.0234 0128  BthServ - ok
11:17:28.0250 0128  [ F06D4CB9918B462A84D9AC00027EFC30 ] BTHUSB          C:\WINDOWS\system32\Drivers\BTHUSB.sys
11:17:28.0265 0128  BTHUSB - ok
11:17:28.0281 0128  catchme - ok
11:17:28.0312 0128  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
11:17:28.0328 0128  cbidf2k - ok
11:17:28.0390 0128  [ 6163ED60B684BAB19D3352AB22FC48B2 ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
11:17:28.0406 0128  CCDECODE - ok
11:17:28.0421 0128  cd20xrnt - ok
11:17:28.0484 0128  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
11:17:28.0500 0128  Cdaudio - ok
11:17:28.0546 0128  [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
11:17:28.0562 0128  Cdfs - ok
11:17:28.0625 0128  [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:17:28.0640 0128  Cdrom - ok
11:17:28.0656 0128  Changer - ok
11:17:28.0718 0128  [ 234D52C63C67A8CF4AF9BECCE43BFB4A ] CiSvc           C:\WINDOWS\system32\cisvc.exe
11:17:28.0718 0128  CiSvc - ok
11:17:28.0781 0128  [ 0461868578D29DC18FB1C79933C5158A ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
11:17:28.0796 0128  ClipSrv - ok
11:17:28.0843 0128  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:17:28.0968 0128  clr_optimization_v2.0.50727_32 - ok
11:17:28.0984 0128  [ 4266BE808F85826AEDF3C64C1E240203 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
11:17:29.0000 0128  CmBatt - ok
11:17:29.0015 0128  CmdIde - ok
11:17:29.0078 0128  [ E9BD8DB1D7F5014DB5F4A82DF96BD83D ] CMIUSB          C:\WINDOWS\system32\Drivers\MC1001200130012001B\cmiusb.sys
11:17:29.0093 0128  CMIUSB - ok
11:17:29.0109 0128  [ DF1B1A24BF52D0EBC01ED4ECE8979F50 ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
11:17:29.0125 0128  Compbatt - ok
11:17:29.0125 0128  COMSysApp - ok
11:17:29.0171 0128  Cpqarray - ok
11:17:29.0218 0128  [ 1A5F9DB98DF7955B4C7CBDBF2C638238 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
11:17:29.0218 0128  CryptSvc - ok
11:17:29.0265 0128  [ B90B0A61045DB0C63487D1995F957680 ] CSVirtA         C:\WINDOWS\system32\DRIVERS\CSVirtA.sys
11:17:29.0281 0128  CSVirtA - ok
11:17:29.0343 0128  [ DBD89BC0DBE00DCD245BE8F61DBEE291 ] cvintdrv        C:\WINDOWS\system32\drivers\cvintdrv.sys
11:17:29.0343 0128  cvintdrv - ok
11:17:29.0437 0128  [ 5C706C06C1279952D2CC1A609CA948BF ] CVirtA          C:\WINDOWS\system32\DRIVERS\CVirtA.sys
11:17:29.0453 0128  CVirtA - ok
11:17:29.0468 0128  dac2w2k - ok
11:17:29.0484 0128  dac960nt - ok
11:17:29.0562 0128  [ 8AFBC2E1E5555A1C29953AF854F0FCA5 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
11:17:29.0562 0128  DcomLaunch - ok
11:17:29.0625 0128  [ A1B414D2AA66A71146371539444BE45D ] DFSTR2K         C:\WINDOWS\system32\DRIVERS\DFSTOR2K.SYS
11:17:29.0656 0128  DFSTR2K - ok
11:17:29.0703 0128  [ 69F986B2688BA95A0D9362B0E233D5FF ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
11:17:29.0718 0128  Dhcp - ok
11:17:29.0750 0128  [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
11:17:29.0765 0128  Disk - ok
11:17:29.0796 0128  dmadmin - ok
11:17:29.0875 0128  [ 5789B83BA87FC84C3568CF86CACEF8CE ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
11:17:29.0968 0128  dmboot - ok
11:17:30.0015 0128  [ 084EB0A50A4F7B4705C8A57F234E5291 ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
11:17:30.0046 0128  dmio - ok
11:17:30.0093 0128  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
11:17:30.0093 0128  dmload - ok
11:17:30.0140 0128  [ FA2D9D1A9F6B5A88D01E1685CE2378BA ] dmserver        C:\WINDOWS\System32\dmserver.dll
11:17:30.0171 0128  dmserver - ok
11:17:30.0234 0128  [ A6F881284AC1150E37D9AE47FF601267 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
11:17:30.0265 0128  DMusic - ok
11:17:30.0328 0128  [ 2EDDBB3EF1DD5A28CB07C149D36E7286 ] DNE             C:\WINDOWS\system32\DRIVERS\dne2000.sys
11:17:30.0375 0128  DNE - ok
11:17:30.0437 0128  [ D1F5B71BBAEEE07B78980DBD878C0BC7 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
11:17:30.0437 0128  Dnscache - ok
11:17:30.0453 0128  dpti2o - ok
11:17:30.0515 0128  [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
11:17:30.0531 0128  drmkaud - ok
11:17:30.0578 0128  [ 877A4512CC9074D6954776AF47021766 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
11:17:30.0578 0128  ERSvc - ok
11:17:30.0703 0128  [ A07CA23EA361A01E627D911CF139B950 ] Eventlog        C:\WINDOWS\system32\services.exe
11:17:30.0718 0128  Eventlog - ok
11:17:31.0000 0128  [ D68ED3908C7A0DB446111D34AC40DC18 ] EventSystem     C:\WINDOWS\system32\es.dll
11:17:31.0046 0128  EventSystem - ok
11:17:31.0375 0128  [ A52794C010C6DF5B4BC70C4AB5E04088 ] ewusbnet        C:\WINDOWS\system32\DRIVERS\ewusbnet.sys
11:17:31.0453 0128  ewusbnet - ok
11:17:31.0625 0128  [ 57C171EA22F0A7F068FCB0CAEDD1E8E7 ] ew_hwusbdev     C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys
11:17:31.0843 0128  ew_hwusbdev - ok
11:17:32.0171 0128  [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
11:17:32.0593 0128  Fastfat - ok
11:17:32.0843 0128  [ BAC5F7F0C2B8C1B9832594851E0F9914 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
11:17:32.0843 0128  FastUserSwitchingCompatibility - ok
11:17:33.0281 0128  [ 030DEF1B6AD98FA70A51C9994DABC924 ] Fax             C:\WINDOWS\system32\fxssvc.exe
11:17:33.0781 0128  Fax - ok
11:17:33.0906 0128  [ CED2E8396A8838E59D8FD529C680E02C ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
11:17:34.0031 0128  Fdc - ok
11:17:34.0234 0128  [ 9E9AF89F9B14AA6249065C309CE73BD8 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
11:17:34.0296 0128  Fips - ok
11:17:34.0546 0128  [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
11:17:34.0593 0128  Flpydisk - ok
11:17:34.0843 0128  [ 157754F0DF355A9E0A6F54721914F9C6 ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
11:17:35.0156 0128  FltMgr - ok
11:17:35.0734 0128  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:17:36.0000 0128  FontCache3.0.0.0 - ok
11:17:36.0218 0128  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:17:36.0265 0128  Fs_Rec - ok
11:17:36.0500 0128  [ 8672947AEEC467DC5907BA024BAF06EF ] FTDIBUS         C:\WINDOWS\system32\drivers\ftdibus.sys
11:17:36.0531 0128  FTDIBUS - ok
11:17:36.0609 0128  [ 8F1955CE42E1484714B542F341647778 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:17:36.0625 0128  Ftdisk - ok
11:17:36.0656 0128  [ E51EC9D232494C0713E0A0938DD9C893 ] FTLUND          C:\WINDOWS\system32\drivers\ftlund.sys
11:17:36.0656 0128  FTLUND - ok
11:17:36.0718 0128  [ 1BAEA6F4A629ABCBD87267C2C732C982 ] FTSER2K         C:\WINDOWS\system32\drivers\ftser2k.sys
11:17:36.0734 0128  FTSER2K - ok
11:17:36.0796 0128  [ 3A3929B7A0EEEF83DF3A6C81E43A1FA9 ] fwdrv           C:\WINDOWS\system32\drivers\fwdrv.sys
11:17:36.0843 0128  fwdrv - ok
11:17:36.0906 0128  [ 0879DC7444A201DF84E69C5DD5083D61 ] getPlusHelper   C:\Programme\NOS\bin\getPlus_Helper.dll
11:17:36.0968 0128  getPlusHelper - ok
11:17:37.0000 0128  [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:17:37.0031 0128  Gpc - ok
11:17:37.0093 0128  [ D220B8EBC4149E266AD9157B5A981AC0 ] gpib420         C:\WINDOWS\system32\drivers\gpib420.sys
11:17:37.0093 0128  gpib420 - ok
11:17:37.0171 0128  [ DE10DC1E0E954FCCFA61B6C92C83A091 ] GpibPrtK        C:\WINDOWS\system32\drivers\gpibprtk.sys
11:17:37.0187 0128  GpibPrtK - ok
11:17:37.0265 0128  [ BA85BCF1A2BCF927C3600574173403E0 ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:17:37.0265 0128  helpsvc - ok
11:17:37.0312 0128  [ B647CA198B9C73056ABFB0A9D8F4916D ] HidServ         C:\WINDOWS\System32\hidserv.dll
11:17:37.0312 0128  HidServ - ok
11:17:37.0421 0128  [ 1DE6783B918F540149AA69943BDFEBA8 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:17:37.0437 0128  HidUsb - ok
11:17:37.0484 0128  [ 0573480A26DB723364C65373094CF73C ] HOSTNT          C:\WINDOWS\system32\drivers\HOSTNT.sys
11:17:37.0484 0128  HOSTNT - ok
11:17:37.0546 0128  [ 8B566EA71D5B76157A9CDB78F25A5731 ] Hotkey          C:\WINDOWS\system32\drivers\Hotkey.sys
11:17:37.0546 0128  Hotkey - ok
11:17:37.0562 0128  hpn - ok
11:17:37.0609 0128  [ 9F1D80908658EB7F1BF70809E0B51470 ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys
11:17:37.0625 0128  HPZid412 - ok
11:17:37.0656 0128  [ F7E3E9D50F9CD3DE28085A8FDAA0A1C3 ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
11:17:37.0671 0128  HPZipr12 - ok
11:17:37.0718 0128  [ CF1B7951B4EC8D13F3C93B74BB2B461B ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
11:17:37.0734 0128  HPZius12 - ok
11:17:37.0781 0128  [ 13D4B70BF2F9BC550E9079DA864D3EC1 ] HSFHWATI        C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys
11:17:37.0796 0128  HSFHWATI - ok
11:17:37.0859 0128  [ DFA8F86C0DBCA7DB948043AA3BE6793B ] HSF_DP          C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
11:17:37.0937 0128  HSF_DP - ok
11:17:38.0000 0128  [ 9F8B0F4276F618964FD118BE4289B7CD ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
11:17:38.0031 0128  HTTP - ok
11:17:38.0078 0128  [ 9EC7E866BBDBF3ECC0E67F4E0A838EB2 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
11:17:38.0093 0128  HTTPFilter - ok
11:17:38.0140 0128  [ BED3A9F86A637CC6C2C5296CD82423D8 ] huawei_enumerator C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys
11:17:38.0156 0128  huawei_enumerator - ok
11:17:38.0187 0128  [ 1F40368DC40B17DE3FA0FBE8A9D82F9E ] hwdatacard      C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
11:17:38.0203 0128  hwdatacard - ok
11:17:38.0359 0128  HWDeviceService.exe - ok
11:17:38.0421 0128  [ 448BB2FE30F1DDE9EAA4F0E87B52B687 ] hwinterface     C:\WINDOWS\system32\Drivers\hwinterface.sys
11:17:38.0421 0128  hwinterface - ok
11:17:38.0453 0128  i2omgmt - ok
11:17:38.0453 0128  i2omp - ok
11:17:38.0500 0128  [ 7C575018D0413440D75432A78B88C899 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:17:38.0515 0128  i8042prt - ok
11:17:38.0625 0128  [ BDCE6B54E1D7D8399175A83A02274B7A ] iaStor          C:\WINDOWS\system32\drivers\iaStor.sys
11:17:38.0656 0128  iaStor - ok
11:17:38.0890 0128  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:17:39.0093 0128  idsvc - ok
11:17:39.0156 0128  [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
11:17:39.0171 0128  Imapi - ok
11:17:39.0218 0128  [ 57D7267A9ED91ECAF4336B08C9628FCA ] ImapiService    C:\WINDOWS\system32\imapi.exe
11:17:39.0250 0128  ImapiService - ok
11:17:39.0281 0128  ini910u - ok
11:17:39.0312 0128  IntelIde - ok
11:17:39.0421 0128  [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
11:17:39.0437 0128  Ip6Fw - ok
11:17:39.0484 0128  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:17:39.0484 0128  IpFilterDriver - ok
11:17:39.0515 0128  [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:17:39.0531 0128  IpInIp - ok
11:17:39.0578 0128  [ E2168CBC7098FFE963C6F23F472A3593 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:17:39.0593 0128  IpNat - ok
11:17:39.0625 0128  [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:17:39.0640 0128  IPSec - ok
11:17:39.0687 0128  [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
11:17:39.0687 0128  IRENUM - ok
11:17:39.0750 0128  [ CE9B7AFDF0A3D7DD8D1487262316B959 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:17:39.0781 0128  isapnp - ok
11:17:39.0953 0128  [ A12175F063302CD68F8FC6D572D7E5FD ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
11:17:39.0953 0128  JavaQuickStarterService - ok
11:17:40.0000 0128  [ B128FC0A5CD83F669D5DE4B58F77C7D6 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:17:40.0000 0128  Kbdclass - ok
11:17:40.0062 0128  [ 7EC877AA899323B92874FE62C7DDCDE7 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:17:40.0062 0128  kbdhid - ok
11:17:40.0125 0128  [ D44C0F4FC254344BAD74581632339963 ] khips           C:\WINDOWS\system32\drivers\khips.sys
11:17:40.0140 0128  khips - ok
11:17:40.0218 0128  [ 859C2200E6123CE8BCAE7CE2CC84E93E ] Kithara-Ksts7   C:\WINDOWS\system32\Ksts7.sys
11:17:40.0265 0128  Kithara-Ksts7 - ok
11:17:40.0296 0128  [ D93CAD07C5683DB066B0B2D2D3790EAD ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
11:17:40.0328 0128  kmixer - ok
11:17:40.0406 0128  [ 1BE7CC2535D760AE4D481576EB789F24 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
11:17:40.0406 0128  KSecDD - ok
11:17:40.0453 0128  [ 2865FA4ED4471929881C053A6E5A85F6 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
11:17:40.0468 0128  lanmanserver - ok
11:17:40.0531 0128  [ F716A6F5BABB6DA60C0532510AB52245 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
11:17:40.0546 0128  lanmanworkstation - ok
11:17:40.0562 0128  lbrtfdc - ok
11:17:40.0687 0128  [ 47A111A4DC0D67DA431DF9F91EE09682 ] LkCitadelServer C:\WINDOWS\system32\lkcitdl.exe
11:17:40.0718 0128  LkCitadelServer - ok
11:17:40.0750 0128  [ 405F1B0B939D362736A7F6583FB057C4 ] lkClassAds      C:\WINDOWS\system32\lkads.exe
11:17:40.0750 0128  lkClassAds - ok
11:17:40.0796 0128  [ 8A18F0674712F9D99848875666A0E599 ] lkTimeSync      C:\WINDOWS\system32\lktsrv.exe
11:17:40.0796 0128  lkTimeSync - ok
11:17:40.0843 0128  [ 4C25FADD7FE1D5BD779B20D3D0EB8D7C ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
11:17:40.0843 0128  LmHosts - ok
11:17:40.0906 0128  [ AD1A428085F6499AFC085DB14E6C2EBC ] lvalarmk        C:\WINDOWS\system32\drivers\lvalarmk.dll
11:17:40.0906 0128  lvalarmk - ok
11:17:40.0921 0128  mailKmd - ok
11:17:41.0015 0128  [ 11F714F85530A2BD134074DC30E99FCA ] MDM             C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
11:17:41.0015 0128  MDM - ok
11:17:41.0062 0128  [ 3C318B9CD391371BED62126581EE9961 ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
11:17:41.0078 0128  mdmxsdk - ok
11:17:41.0125 0128  [ E5215AB942C5AC5F7EB0E54871D7A27C ] Messenger       C:\WINDOWS\System32\msgsvc.dll
11:17:41.0140 0128  Messenger - ok
11:17:41.0187 0128  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
11:17:41.0203 0128  mnmdd - ok
11:17:41.0234 0128  [ BB2470D20405B272EA47CA5E18F1C58E ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
11:17:41.0250 0128  mnmsrvc - ok
11:17:41.0375 0128  [ 38106C7BD34EAE89D2769AC0BA2E846B ] Mobile Partner. RunOuc C:\Programme\Mobile Partner\UpdateDog\ouc.exe
11:17:41.0406 0128  Mobile Partner. RunOuc - ok
11:17:41.0453 0128  [ 91A3DA4B12F6F1D760463A7F7857F748 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
11:17:41.0468 0128  Modem - ok
11:17:41.0546 0128  [ 71E15CA47FD947552054AFB28536268F ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:17:41.0546 0128  Mouclass - ok
11:17:41.0593 0128  [ 66A6F73C74E1791464160A7065CE711A ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:17:41.0593 0128  mouhid - ok
11:17:41.0640 0128  [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
11:17:41.0656 0128  MountMgr - ok
11:17:41.0734 0128  [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
11:17:41.0750 0128  MozillaMaintenance - ok
11:17:41.0765 0128  mraid35x - ok
11:17:41.0812 0128  [ 46EDCC8F2DB2F322C24F48785CB46366 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:17:41.0843 0128  MRxDAV - ok
11:17:41.0921 0128  [ FB6C89BB3CE282B08BDB1E3C179E1C39 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:17:42.0015 0128  MRxSmb - ok
11:17:42.0078 0128  [ D059F9C7752EF461476E83180DAA5C62 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
11:17:42.0093 0128  MSDTC - ok
11:17:42.0140 0128  [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
11:17:42.0156 0128  Msfs - ok
11:17:42.0187 0128  MSIServer - ok
11:17:42.0234 0128  [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:17:42.0234 0128  MSKSSRV - ok
11:17:42.0281 0128  [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:17:42.0281 0128  MSPCLOCK - ok
11:17:42.0328 0128  [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
11:17:42.0343 0128  MSPQM - ok
11:17:42.0359 0128  [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:17:42.0375 0128  mssmbios - ok
11:17:42.0437 0128  [ BF13612142995096AB084F2DB7F40F77 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
11:17:42.0468 0128  MSTEE - ok
11:17:42.0515 0128  [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
11:17:42.0531 0128  Mup - ok
11:17:42.0656 0128  [ 028E3BE58A83E671A349F84704F80387 ] mxssvr          C:\Programme\National Instruments\MAX\nimxs.exe
11:17:42.0656 0128  mxssvr - ok
11:17:42.0718 0128  [ 5C8DC6429C43DC6177C1FA5B76290D1A ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
11:17:42.0734 0128  NABTSFEC - ok
11:17:42.0796 0128  [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
11:17:42.0843 0128  NDIS - ok
11:17:42.0875 0128  [ 520CE427A8B298F54112857BCF6BDE15 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
11:17:42.0875 0128  NdisIP - ok
11:17:42.0937 0128  [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:17:42.0937 0128  NdisTapi - ok
11:17:43.0000 0128  [ 8D3CE6B579CDE8D37ACC690B67DC2106 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:17:43.0000 0128  Ndisuio - ok
11:17:43.0062 0128  [ 0B90E255A9490166AB368CD55A529893 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:17:43.0093 0128  NdisWan - ok
11:17:43.0140 0128  [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
11:17:43.0156 0128  NDProxy - ok
11:17:43.0187 0128  [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
11:17:43.0203 0128  NetBIOS - ok
11:17:43.0234 0128  [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
11:17:43.0265 0128  NetBT - ok
11:17:43.0312 0128  [ F4EFF57254F565F39B6029150414A0D5 ] NetDDE          C:\WINDOWS\system32\netdde.exe
11:17:43.0359 0128  NetDDE - ok
11:17:43.0375 0128  [ F4EFF57254F565F39B6029150414A0D5 ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
11:17:43.0375 0128  NetDDEdsdm - ok
11:17:43.0437 0128  [ 183805EB05BCA5A1E4AAAED4D2BE3690 ] Netlogon        C:\WINDOWS\system32\lsass.exe
11:17:43.0453 0128  Netlogon - ok
11:17:43.0515 0128  [ 1E5218FBE323C375B488318950E10FB4 ] Netman          C:\WINDOWS\System32\netman.dll
11:17:43.0515 0128  Netman - ok
11:17:43.0656 0128  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:17:43.0687 0128  NetTcpPortSharing - ok
11:17:43.0734 0128  [ 5D249C5365F819F70882570A1746C9D2 ] niarbk          C:\WINDOWS\system32\drivers\niarbk.dll
11:17:43.0750 0128  niarbk - ok
11:17:43.0812 0128  [ EC11F3561E9EF42B515839C5FEED393B ] nibffrk         C:\WINDOWS\system32\drivers\nibffrk.dll
11:17:43.0812 0128  nibffrk - ok
11:17:43.0859 0128  [ 5C5C53DB4FEF16CF87B9911C7E8C6FBC ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
11:17:43.0875 0128  NIC1394 - ok
11:17:43.0937 0128  [ 1093A51BCF319482CFB69DA8B340B0A5 ] nicanpk         C:\WINDOWS\system32\DRIVERS\nicanpk.dll
11:17:43.0953 0128  nicanpk - ok
11:17:44.0015 0128  [ 45D9C1DC06FAD0395E0861CC89700FBC ] nicdrk          C:\WINDOWS\system32\drivers\nicdrk.dll
11:17:44.0046 0128  nicdrk - ok
11:17:44.0187 0128  [ 6DEB11476814065B9A59434F266FC69D ] Nidaq32k        C:\WINDOWS\system32\drivers\Nidaq32k.sys
11:17:44.0296 0128  Nidaq32k - ok
11:17:44.0359 0128  [ 028E3BE58A83E671A349F84704F80387 ] nidevldu        C:\WINDOWS\system32\nipalsm.exe
11:17:44.0359 0128  nidevldu - ok
11:17:44.0453 0128  [ 07AF1E1DD9AA923CD3F3D5CF5EF5E27B ] nidimk          C:\WINDOWS\system32\drivers\nidimk.dll
11:17:44.0515 0128  nidimk - ok
11:17:44.0562 0128  [ D87CF93416AD39647F47F69E527C9507 ] nidmmk          C:\WINDOWS\system32\drivers\nidmmk.dll
11:17:44.0578 0128  nidmmk - ok
11:17:44.0640 0128  [ 89662F827524A030EF10BDF1EA00D74A ] nidmxfk         C:\WINDOWS\system32\drivers\nidmxfk.dll
11:17:44.0671 0128  nidmxfk - ok
11:17:44.0765 0128  [ 046609D2DF2A399AB05D17959243930A ] NIDomainService C:\Programme\National Instruments\Shared\Security\nidmsrv.exe
11:17:44.0765 0128  NIDomainService - ok
11:17:44.0921 0128  [ 19ED03F78107F2776796FA5C7AAB8835 ] nidsark         C:\WINDOWS\system32\drivers\nidsark.dll
11:17:45.0031 0128  nidsark - ok
11:17:45.0218 0128  [ 243539C91EF531C73C4CF40C9E49FE21 ] nidwgk          C:\WINDOWS\system32\drivers\nidwgk.dll
11:17:45.0343 0128  nidwgk - ok
11:17:45.0421 0128  [ 23D8891AB70CB1B6004AED1602554B16 ] niembrtk        C:\WINDOWS\system32\drivers\niembrtk.sys
11:17:45.0437 0128  niembrtk - ok
11:17:45.0578 0128  [ 73CBA5BE1EE9801118DB76C88E241FD5 ] niemrk          C:\WINDOWS\system32\drivers\niemrk.dll
11:17:45.0609 0128  niemrk - ok
11:17:45.0765 0128  [ C6A616068A91BE726F391EDF5DBB712E ] niesrk          C:\WINDOWS\system32\drivers\niesrk.dll
11:17:45.0890 0128  niesrk - ok
11:17:45.0953 0128  [ E3A20952DEF1A835A8D41D31B1E23FAA ] nifslk          C:\WINDOWS\system32\drivers\nifslk.dll
11:17:45.0968 0128  nifslk - ok
11:17:46.0015 0128  [ 8CD4C73E3E14F1C339214BDA702B67F2 ] nigplk          C:\WINDOWS\system32\drivers\nigplk.dll
11:17:46.0031 0128  nigplk - ok
11:17:46.0125 0128  [ 15A5FF7BE3412E34164734F29C9FFC97 ] nihsdrk         C:\WINDOWS\system32\drivers\nihsdrk.dll
11:17:46.0218 0128  nihsdrk - ok
11:17:46.0281 0128  [ 4DE37E30CCA8C9CC7CAE64EC4113CD48 ] niimaqk         C:\WINDOWS\system32\drivers\niimaqk.dll
11:17:46.0312 0128  niimaqk - ok
11:17:46.0562 0128  [ 7E0A2B37E28B70A3A11BA0670D6978FB ] NILM License Manager C:\Programme\National Instruments\Shared\License Manager\Bin\lmgrd.exe
11:17:46.0703 0128  NILM License Manager - ok
11:17:46.0796 0128  [ E9308B3113F88198B50CEAC72194B71D ] nimcdfxk        C:\WINDOWS\system32\drivers\nimcdfxk.dll
11:17:46.0812 0128  nimcdfxk - ok
11:17:46.0890 0128  [ CE94FC9BF9D3517D1DC1D3EF40B7F8EC ] nimcdlbk        C:\WINDOWS\system32\drivers\nimcdlbk.dll
11:17:46.0890 0128  nimcdlbk - ok
11:17:46.0937 0128  [ 028E3BE58A83E671A349F84704F80387 ] nimcdldu        C:\WINDOWS\system32\nipalsm.exe
11:17:46.0953 0128  nimcdldu - ok
11:17:46.0968 0128  [ 028E3BE58A83E671A349F84704F80387 ] nimcrpcsu       C:\WINDOWS\system32\nipalsm.exe
11:17:46.0968 0128  nimcrpcsu - ok
11:17:47.0031 0128  [ 7FFC2CA3E678D05D3B22C5DB9846F3D8 ] nimdbgk         C:\WINDOWS\system32\drivers\nimdbgk.dll
11:17:47.0062 0128  nimdbgk - ok
11:17:47.0109 0128  [ DD4B89019AB1ECA5C04757E2F7D8A9E4 ] nimdsk          C:\WINDOWS\system32\drivers\nimdsk.dll
11:17:47.0125 0128  nimdsk - ok
11:17:47.0218 0128  [ 17293237E455E79F5B15FC262EC44647 ] nimru2k         C:\WINDOWS\system32\drivers\nimru2k.dll
11:17:47.0250 0128  nimru2k - ok
11:17:47.0296 0128  [ 11A086D764C8B7B46AEFAC0A5A85B3CF ] nimsdrk         C:\WINDOWS\system32\drivers\nimsdrk.dll
11:17:47.0328 0128  nimsdrk - ok
11:17:47.0390 0128  [ 99521722C0858AB23E06855E1069C725 ] nimslk          C:\WINDOWS\system32\drivers\nimslk.dll
11:17:47.0406 0128  nimslk - ok
11:17:47.0500 0128  [ ACFD05455DF010E85E0C8A56E9C255C3 ] nimsrlk         C:\WINDOWS\system32\drivers\nimsrlk.dll
11:17:47.0546 0128  nimsrlk - ok
11:17:47.0593 0128  [ 3B42DFBD8EF619C788477DEEF36D5BD3 ] nimstsk         C:\WINDOWS\system32\drivers\nimstsk.dll
11:17:47.0609 0128  nimstsk - ok
11:17:47.0671 0128  [ 87B956CBD9B360D46D0D5B8936ABAF8F ] nimxdfk         C:\WINDOWS\system32\drivers\nimxdfk.dll
11:17:47.0687 0128  nimxdfk - ok
11:17:47.0750 0128  [ 5F903BC1B9F9E956414BBDDBA16FAC2A ] nimxpk          C:\WINDOWS\system32\drivers\nimxpk.dll
11:17:47.0750 0128  nimxpk - ok
11:17:47.0812 0128  [ 4D2D48CA86BD80AE4A6E449910201EEF ] niorbk          C:\WINDOWS\system32\drivers\niorbk.dll
11:17:47.0828 0128  niorbk - ok
11:17:47.0875 0128  [ 9E596685B0FE0EB78D429B066196F461 ] NIPALK          C:\WINDOWS\system32\drivers\nipalk.sys
11:17:47.0953 0128  NIPALK - ok
11:17:48.0000 0128  [ D91EB361C2FC2253719D4F653320FDD1 ] nipxirmk        C:\WINDOWS\system32\drivers\nipxirmk.dll
11:17:48.0015 0128  nipxirmk - ok
11:17:48.0046 0128  [ 028E3BE58A83E671A349F84704F80387 ] nipxirmu        C:\WINDOWS\system32\nipalsm.exe
11:17:48.0062 0128  nipxirmu - ok
11:17:48.0078 0128  niRTProxy - ok
11:17:48.0218 0128  [ 011786A34D27187AD3ABBD8805D57B5D ] niscdk          C:\WINDOWS\system32\drivers\niscdk.dll
11:17:48.0328 0128  niscdk - ok
11:17:48.0421 0128  [ 363CB4CB12FC75EACF9B5F88ED80F51A ] nisdigk         C:\WINDOWS\system32\drivers\nisdigk.dll
11:17:48.0453 0128  nisdigk - ok
11:17:48.0593 0128  [ 2039B087947B5ACA8C84DF59258CBEE6 ] nisftk          C:\WINDOWS\system32\drivers\nisftk.dll
11:17:48.0625 0128  nisftk - ok
11:17:48.0750 0128  [ 01B7543E24734AB41C254D57ED3E404D ] nisldk          C:\WINDOWS\system32\drivers\nisldk.dll
11:17:48.0812 0128  nisldk - ok
11:17:48.0875 0128  [ B3727737C07311A76B21864EAAD5E662 ] nispdk          C:\WINDOWS\system32\drivers\nispdk.dll
11:17:48.0890 0128  nispdk - ok
11:17:49.0109 0128  [ 809E7C28F267A275391181CA1C5128A7 ] nisrcdk         C:\WINDOWS\system32\drivers\nisrcdk.dll
11:17:49.0156 0128  nisrcdk - ok
11:17:49.0406 0128  [ 9FA3FF402715EF0F99CB574CAC1CDBB3 ] nissrk          C:\WINDOWS\system32\drivers\nissrk.dll
11:17:49.0546 0128  nissrk - ok
11:17:49.0656 0128  [ 26B93D94209352D239000D1B177C1D01 ] nistc2k         C:\WINDOWS\system32\drivers\nistc2k.dll
11:17:49.0671 0128  nistc2k - ok
11:17:49.0718 0128  [ 45BFFAED056B917407CC2D52A520A582 ] nistck          C:\WINDOWS\system32\drivers\nistck.dll
11:17:49.0734 0128  nistck - ok
11:17:49.0843 0128  [ C48BDF1B1EEF9FD086302194C8D928EA ] nistcrk         C:\WINDOWS\system32\drivers\nistcrk.dll
11:17:49.0859 0128  nistcrk - ok
11:17:49.0875 0128  niSvcLoc - ok
11:17:50.0031 0128  [ C89E56ECA46FDDB251D303AFE1BD61B5 ] niswdk          C:\WINDOWS\system32\drivers\niswdk.dll
11:17:50.0125 0128  niswdk - ok
11:17:50.0250 0128  [ 748D66B8F133B7C650BCE469ADCF432D ] NITaggerService C:\Programme\National Instruments\Shared\Tagger\tagsrv.exe
11:17:50.0265 0128  NITaggerService - ok
11:17:50.0468 0128  [ 3806925CA9B1654404837B664139E2B0 ] nitiork         C:\WINDOWS\system32\drivers\nitiork.dll
11:17:50.0593 0128  nitiork - ok
11:17:50.0671 0128  [ A4C4BFDDCAB8E54FC716284289B4DDB3 ] NiViFWK         C:\WINDOWS\system32\drivers\NiViFWK.sys
11:17:50.0687 0128  NiViFWK - ok
11:17:50.0750 0128  [ 00830F80DAD4A25D1C81635B523F8492 ] NiViPciK        C:\WINDOWS\system32\drivers\NiViPciK.sys
11:17:50.0765 0128  NiViPciK - ok
11:17:50.0812 0128  [ 0DC80DB7CE9CA2951F94392AB5B026A7 ] NiViPxiK        C:\WINDOWS\system32\drivers\NiViPxiK.sys
11:17:50.0828 0128  NiViPxiK - ok
11:17:50.0890 0128  [ 9D42E04768F46DEFF0F618420FC31097 ] niwdk           C:\WINDOWS\system32\drivers\niwdk.sys
11:17:50.0906 0128  niwdk - ok
11:17:51.0046 0128  [ AF3915B82B4A1596C2BD238F2AA7D412 ] niwfrk          C:\WINDOWS\system32\drivers\niwfrk.dll
11:17:51.0109 0128  niwfrk - ok
11:17:51.0281 0128  [ 60701781EF0DBEB2DD2037E7BC247995 ] nixsrk          C:\WINDOWS\system32\drivers\nixsrk.dll
11:17:51.0484 0128  nixsrk - ok
11:17:51.0562 0128  [ EB55B1D9978B61E9913EDCD27EEC4C7C ] Nla             C:\WINDOWS\System32\mswsock.dll
11:17:51.0578 0128  Nla - ok
11:17:51.0625 0128  [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
11:17:51.0656 0128  Npfs - ok
11:17:51.0750 0128  [ B78BE402C3F63DD55521F73876951CDD ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
11:17:51.0843 0128  Ntfs - ok
11:17:51.0859 0128  [ 183805EB05BCA5A1E4AAAED4D2BE3690 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
11:17:51.0859 0128  NtLmSsp - ok
11:17:51.0937 0128  [ 428AA946A8D9F32DBB4260C8E6E13377 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
11:17:52.0000 0128  NtmsSvc - ok
11:17:52.0046 0128  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
11:17:52.0046 0128  Null - ok
11:17:52.0093 0128  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:17:52.0109 0128  NwlnkFlt - ok
11:17:52.0125 0128  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:17:52.0140 0128  NwlnkFwd - ok
11:17:52.0328 0128  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
11:17:52.0375 0128  odserv - ok
11:17:52.0453 0128  [ C91F4AB66638A255660137A36E729FC4 ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
11:17:52.0468 0128  ohci1394 - ok
11:17:52.0546 0128  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
11:17:52.0562 0128  ose - ok
11:17:52.0625 0128  [ B2F17A2EDB5450E61973A037F63A595B ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
11:17:52.0656 0128  Parport - ok
11:17:52.0703 0128  [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
11:17:52.0703 0128  PartMgr - ok
11:17:52.0750 0128  [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
11:17:52.0765 0128  ParVdm - ok
11:17:52.0812 0128  [ 6FB463E5B243FBD6F3D3C83F914D94FB ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
11:17:52.0843 0128  PCI - ok
11:17:52.0859 0128  PCIDump - ok
11:17:52.0906 0128  [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
11:17:52.0921 0128  PCIIde - ok
11:17:52.0984 0128  [ 7B91463DF28DC4BD91323A28BEB0D751 ] PCIIMAQ         C:\WINDOWS\system32\drivers\PCIIMAQ.sys
11:17:53.0031 0128  PCIIMAQ - ok
11:17:53.0078 0128  [ E2363F4C1DAFF89ABEE5F593E13D8A05 ] Pcmcia          C:\WINDOWS\system32\DRIVERS\pcmcia.sys
11:17:53.0109 0128  Pcmcia - ok
11:17:53.0109 0128  PDCOMP - ok
11:17:53.0125 0128  PDFRAME - ok
11:17:53.0156 0128  PDRELI - ok
11:17:53.0171 0128  PDRFRAME - ok
11:17:53.0187 0128  perc2 - ok
11:17:53.0203 0128  perc2hib - ok
11:17:53.0312 0128  [ D2D2FA02B722336960EEAE0AE7107891 ] PID_0928        C:\WINDOWS\system32\DRIVERS\LV561AV.SYS
11:17:53.0437 0128  PID_0928 - ok
11:17:53.0453 0128  PLCMPR5 - ok
11:17:53.0562 0128  [ 2ABA2F545B35F9C6CC2CFC4E1D539A80 ] PLCNDIS5        C:\WINDOWS\system32\plcndis5.sys
11:17:53.0578 0128  PLCNDIS5 - ok
11:17:53.0609 0128  [ A07CA23EA361A01E627D911CF139B950 ] PlugPlay        C:\WINDOWS\system32\services.exe
11:17:53.0625 0128  PlugPlay - ok
11:17:53.0671 0128  [ 9D84376931440F3679BEEF2A414FA493 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
11:17:53.0671 0128  Pml Driver HPZ12 - ok
11:17:53.0703 0128  [ 183805EB05BCA5A1E4AAAED4D2BE3690 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
11:17:53.0703 0128  PolicyAgent - ok
11:17:53.0765 0128  [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:17:53.0781 0128  PptpMiniport - ok
11:17:53.0843 0128  [ F04317FB351B75233979DC65D4CEAD54 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys
11:17:53.0859 0128  Processor - ok
11:17:53.0875 0128  [ 183805EB05BCA5A1E4AAAED4D2BE3690 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
11:17:53.0890 0128  ProtectedStorage - ok
11:17:53.0906 0128  [ 48671F327553DCF1D27F6197F622A668 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
11:17:53.0921 0128  PSched - ok
11:17:53.0968 0128  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:17:53.0984 0128  Ptilink - ok
11:17:54.0031 0128  [ 183EF96BCC2EC3D5294CB2C2C0ECBCD1 ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
11:17:54.0046 0128  PxHelp20 - ok
11:17:54.0062 0128  ql1080 - ok
11:17:54.0078 0128  Ql10wnt - ok
11:17:54.0093 0128  ql12160 - ok
11:17:54.0109 0128  ql1240 - ok
11:17:54.0125 0128  ql1280 - ok
11:17:54.0187 0128  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:17:54.0187 0128  RasAcd - ok
11:17:54.0234 0128  [ E3C6E87C1F84584A773D7C3DD205DBFF ] RasAuto         C:\WINDOWS\System32\rasauto.dll
11:17:54.0250 0128  RasAuto - ok
11:17:54.0265 0128  [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:17:54.0281 0128  Rasl2tp - ok
11:17:54.0312 0128  [ A5D2D745A2AEFA327DCA6DA317B5FD70 ] RasMan          C:\WINDOWS\System32\rasmans.dll
11:17:54.0328 0128  RasMan - ok
11:17:54.0343 0128  [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:17:54.0359 0128  RasPppoe - ok
11:17:54.0406 0128  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
11:17:54.0406 0128  Raspti - ok
11:17:54.0468 0128  [ 809CA45CAA9072B3176AD44579D7F688 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:17:54.0484 0128  Rdbss - ok
11:17:54.0531 0128  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:17:54.0546 0128  RDPCDD - ok
11:17:54.0625 0128  [ B54CD38A9EBFBF2B3561426E3FE26F62 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
11:17:54.0656 0128  RDPWD - ok
11:17:54.0734 0128  [ AEC159942DF64A9890072D7BB1797762 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
11:17:54.0750 0128  RDSessMgr - ok
11:17:54.0796 0128  [ AA56702E230860565CB8D43680F57F33 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
11:17:54.0796 0128  redbook - ok
11:17:54.0859 0128  [ EBA80CDF25E02084857957E820004934 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
11:17:54.0859 0128  RemoteAccess - ok
11:17:54.0906 0128  [ 99C4B74981A1413F142A3903130088CB ] RFCOMM          C:\WINDOWS\system32\DRIVERS\rfcomm.sys
11:17:54.0921 0128  RFCOMM - ok
11:17:54.0984 0128  [ DA23F9F3F1B1871120F980A6879581AC ] RpcLocator      C:\WINDOWS\system32\locator.exe
11:17:55.0031 0128  RpcLocator - ok
11:17:55.0093 0128  [ 8AFBC2E1E5555A1C29953AF854F0FCA5 ] RpcSs           C:\WINDOWS\System32\rpcss.dll
11:17:55.0093 0128  RpcSs - ok
11:17:55.0156 0128  [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP            C:\WINDOWS\system32\rsvp.exe
11:17:55.0171 0128  RSVP - ok
11:17:55.0203 0128  [ 4A0AE7891FCF74ACC848B109294CB80F ] RTL8023xp       C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys
11:17:55.0218 0128  RTL8023xp - ok
11:17:55.0250 0128  [ D507C1400284176573224903819FFDA3 ] rtl8139         C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
11:17:55.0250 0128  rtl8139 - ok
11:17:55.0281 0128  [ 183805EB05BCA5A1E4AAAED4D2BE3690 ] SamSs           C:\WINDOWS\system32\lsass.exe
11:17:55.0281 0128  SamSs - ok
11:17:55.0343 0128  [ E17FE33C703FFBE1A0AF66B9DCF49345 ] Samsung UPD Service2 C:\WINDOWS\system32\SUPDSvc2.exe
11:17:55.0359 0128  Samsung UPD Service2 - ok
11:17:55.0406 0128  [ B4CF7B42DE6CFA6FDE7D6AF4DAA55F57 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
11:17:55.0421 0128  SCardSvr - ok
11:17:55.0484 0128  [ D5E73842F38E24457C63FEF8CEFFBE19 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
11:17:55.0500 0128  Schedule - ok
11:17:55.0546 0128  [ D26E26EA516450AF9D072635C60387F4 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:17:55.0562 0128  Secdrv - ok
11:17:55.0593 0128  [ FED544B43903FB801B106F062110358A ] seclogon        C:\WINDOWS\System32\seclogon.dll
11:17:55.0609 0128  seclogon - ok
11:17:55.0656 0128  [ AB74D986C1DD0D0C95B6AD37EC1E9F4F ] SENS            C:\WINDOWS\system32\sens.dll
11:17:55.0671 0128  SENS - ok
11:17:55.0734 0128  [ B490AD520257DDA26C1D587A71E527B5 ] Ser2pl          C:\WINDOWS\system32\DRIVERS\ser2pl.sys
11:17:55.0750 0128  Ser2pl - ok
11:17:55.0796 0128  [ A2D868AEEFF612E70E213C451A70CAFB ] Serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
11:17:55.0812 0128  Serenum - ok
11:17:55.0859 0128  [ CD5B9995AFCDB466C9EFC048D167E3BE ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
11:17:55.0875 0128  Serial - ok
11:17:55.0921 0128  [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy         C:\WINDOWS\system32\DRIVERS\sfloppy.sys
11:17:55.0921 0128  Sfloppy - ok
11:17:56.0000 0128  [ 9245420422E409A25C1410ACB4244060 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
11:17:56.0000 0128  SharedAccess - ok
11:17:56.0031 0128  [ BAC5F7F0C2B8C1B9832594851E0F9914 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:17:56.0031 0128  ShellHWDetection - ok
11:17:56.0046 0128  Simbad - ok
11:17:56.0093 0128  [ B8A2F8DCDC75F19962D975727F393920 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
11:17:56.0125 0128  SiSRaid2 - ok
11:17:56.0140 0128  siusbmod - ok
11:17:56.0625 0128  [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe
11:17:56.0875 0128  Skype C2C Service - ok
11:17:56.0968 0128  [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate     C:\Programme\Skype\Updater\Updater.exe
11:17:57.0109 0128  SkypeUpdate - ok
11:17:57.0171 0128  [ 5CAEED86821FA2C6139E32E9E05CCDC9 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
11:17:57.0187 0128  SLIP - ok
11:17:57.0250 0128  [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1        C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
11:17:57.0265 0128  SONYPVU1 - ok
11:17:57.0281 0128  Sparrow - ok
11:17:57.0484 0128  [ 7234E4B852F8FA0C48FF0E4FD7394490 ] SPF4            C:\Programme\Sunbelt Software\Personal Firewall\kpf4ss.exe
11:17:57.0687 0128  SPF4 - ok
11:17:57.0750 0128  [ 8E186B8F23295D1E42C573B82B80D548 ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
11:17:57.0765 0128  splitter - ok
11:17:57.0812 0128  [ DA81EC57ACD4CDC3D4C51CF3D409AF9F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
11:17:57.0812 0128  Spooler - ok
11:17:57.0859 0128  [ E4200CB2F418D8FC4ACDD7E38C419D6A ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
11:17:57.0875 0128  sr - ok
11:17:57.0937 0128  [ E150E7618328562598F4CE0B5851B5CD ] srservice       C:\WINDOWS\system32\srsvc.dll
11:17:57.0953 0128  srservice - ok
11:17:58.0015 0128  [ 7A4F147CC6B133F905F6E65E2F8669FB ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
11:17:58.0062 0128  Srv - ok
11:17:58.0125 0128  [ 6FA03B462B2FFFE2627171B7FE73EE29 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
11:17:58.0125 0128  SSDPSRV - ok
11:17:58.0187 0128  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
11:17:58.0187 0128  ssmdrv - ok
11:17:58.0312 0128  [ 07D04C9FE87D21434162D977B56414E6 ] STCAgent        C:\Programme\Cisco Systems\SSL VPN Client\agent.exe
11:17:58.0312 0128  STCAgent - ok
11:17:58.0359 0128  [ A2DBCC4C8860449DF1AB758EA28B4DE0 ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
11:17:58.0421 0128  StillCam - ok
11:17:58.0500 0128  [ 7E751068ADA60FC77638622E86A7CD9E ] stisvc          C:\WINDOWS\system32\wiaservc.dll
11:17:58.0515 0128  stisvc - ok
11:17:58.0578 0128  [ 284C57DF5DC7ABCA656BC2B96A667AFB ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
11:17:58.0593 0128  streamip - ok
11:17:58.0656 0128  [ 03C1BAE4766E2450219D20B993D6E046 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
11:17:58.0671 0128  swenum - ok
11:17:58.0703 0128  [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
11:17:58.0718 0128  swmidi - ok
11:17:58.0734 0128  SwPrv - ok
11:17:58.0765 0128  symc810 - ok
11:17:58.0781 0128  symc8xx - ok
11:17:58.0796 0128  sym_hi - ok
11:17:58.0812 0128  sym_u3 - ok
11:17:58.0843 0128  [ 59E9D90D6373F8AD4E3EBD0ECDEDD35E ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
11:17:58.0875 0128  SynTP - ok
11:17:58.0890 0128  [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
11:17:58.0906 0128  sysaudio - ok
11:17:58.0953 0128  [ 6D0C43DF9D3A7C5A9B4F94772CBD5DDC ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
11:17:58.0968 0128  SysmonLog - ok
11:17:59.0031 0128  [ 427D7EB3B453347082C8F4B370065D60 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
11:17:59.0031 0128  TapiSrv - ok
11:17:59.0093 0128  [ 744E57C99232201AE98C49168B918F48 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:17:59.0140 0128  Tcpip - ok
11:17:59.0203 0128  [ 7DDA159DEDA4FEF8523EEFC34E524013 ] Tcpip6          C:\WINDOWS\system32\DRIVERS\tcpip6.sys
11:17:59.0234 0128  Tcpip6 - ok
11:17:59.0281 0128  [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
11:17:59.0281 0128  TDPIPE - ok
11:17:59.0296 0128  [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
11:17:59.0312 0128  TDTCP - ok
11:17:59.0359 0128  [ A540A99C281D933F3D69D55E48727F47 ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
11:17:59.0375 0128  TermDD - ok
11:17:59.0437 0128  [ 1850BC10DE5DCCCEDE063FC2D0F2CEDA ] TermService     C:\WINDOWS\System32\termsrv.dll
11:17:59.0453 0128  TermService - ok
11:17:59.0484 0128  [ BAC5F7F0C2B8C1B9832594851E0F9914 ] Themes          C:\WINDOWS\System32\shsvcs.dll
11:17:59.0484 0128  Themes - ok
11:17:59.0593 0128  [ 467FF7FB078DCEC24C3F4DB602190E3D ] tifm21          C:\WINDOWS\system32\drivers\tifm21.sys
11:17:59.0609 0128  tifm21 - ok
11:17:59.0640 0128  TosIde - ok
11:17:59.0687 0128  [ A34E894201D66E380E1FA96FE11B587E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
11:17:59.0687 0128  TrkWks - ok
11:17:59.0750 0128  [ 87A0E9E18C10A9E454238E3330E2A26D ] tunmp           C:\WINDOWS\system32\DRIVERS\tunmp.sys
11:17:59.0765 0128  tunmp - ok
11:17:59.0812 0128  [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
11:17:59.0828 0128  Udfs - ok
11:17:59.0843 0128  ultra - ok
11:17:59.0875 0128  [ AB0A7CA90D9E3D6A193905DC1715DED0 ] UMWdf           C:\WINDOWS\system32\wdfmgr.exe
11:17:59.0875 0128  UMWdf - ok
11:17:59.0937 0128  [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
11:17:59.0968 0128  Update - ok
11:18:00.0015 0128  [ 09D4A2D7C5A8ABEC227D118765FAADDF ] upnphost        C:\WINDOWS\System32\upnphost.dll
11:18:00.0046 0128  upnphost - ok
11:18:00.0078 0128  [ A99F867E76CFDAA28EE305B93F70E84F ] UPS             C:\WINDOWS\System32\ups.exe
11:18:00.0093 0128  UPS - ok
11:18:00.0156 0128  [ 473224D785649D95FE77FEF008DEB794 ] usb6xxxk        C:\WINDOWS\system32\drivers\usb6xxxk.dll
11:18:00.0156 0128  usb6xxxk - ok
11:18:00.0218 0128  [ 45A0D14B26C35497AD93BCE7E15C9941 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
11:18:00.0234 0128  usbaudio - ok
11:18:00.0281 0128  [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:18:00.0312 0128  usbccgp - ok
11:18:00.0375 0128  [ 7481D843E672B51039B7E8A161B746B8 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:18:00.0375 0128  usbehci - ok
11:18:00.0468 0128  [ D31E07BF822C7F2BD32714E9DDCA8BE2 ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:18:00.0468 0128  usbhub - ok
11:18:00.0531 0128  [ BDFE799A8531BAD8A5A985821FE78760 ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys
11:18:00.0531 0128  usbohci - ok
11:18:00.0593 0128  [ A42369B7CD8886CD7C70F33DA6FCBCF5 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
11:18:00.0593 0128  usbprint - ok
11:18:00.0640 0128  [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:18:00.0656 0128  usbscan - ok
11:18:00.0703 0128  [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:18:00.0718 0128  USBSTOR - ok
11:18:00.0765 0128  [ 8968FF3973A883C49E8B564200F565B9 ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys
11:18:00.0781 0128  usbvideo - ok
11:18:00.0812 0128  [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
11:18:00.0812 0128  VgaSave - ok
11:18:00.0843 0128  ViaIde - ok
11:18:00.0890 0128  [ 6AAA39DD79A8341CE0EF9249F21D6B89 ] viamraid        C:\WINDOWS\system32\drivers\viamraid.sys
11:18:00.0906 0128  viamraid - ok
11:18:00.0968 0128  [ D6888520FF56D72A50437E371CA25FC9 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
11:18:00.0984 0128  VolSnap - ok
11:18:01.0062 0128  [ 5EA22CB6B100212837A97F281EDB3C47 ] vpnagent        C:\Programme\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
11:18:01.0078 0128  vpnagent - ok
11:18:01.0125 0128  [ E1F2333A88EC4A5C8EA6BE357323B72D ] vpnva           C:\WINDOWS\system32\DRIVERS\vpnva.sys
11:18:01.0140 0128  vpnva - ok
11:18:01.0187 0128  [ 1C8A783E90C34D205596F1AB4A97E261 ] vsbus           C:\WINDOWS\system32\DRIVERS\vsb.sys
11:18:01.0187 0128  vsbus - ok
11:18:01.0203 0128  vsdatant - ok
11:18:01.0250 0128  [ 3377DAA1CB8CAC46A538C236F5F3D58F ] vserial         C:\WINDOWS\system32\DRIVERS\vserial.sys
11:18:01.0265 0128  vserial - ok
11:18:01.0312 0128  [ 6635ECBF0D8090DC3A452D0D072B5D5B ] VSS             C:\WINDOWS\System32\vssvc.exe
11:18:01.0375 0128  VSS - ok
11:18:01.0437 0128  [ C6D874CD2A5B83CD11CDEBD28A638584 ] W32Time         C:\WINDOWS\system32\w32time.dll
11:18:01.0437 0128  W32Time - ok
11:18:01.0484 0128  [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:18:01.0500 0128  Wanarp - ok
11:18:01.0515 0128  Wbutton - ok
11:18:01.0609 0128  [ D918617B46457B9AC28027722E30F647 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
11:18:01.0718 0128  Wdf01000 - ok
11:18:01.0734 0128  WDICA - ok
11:18:01.0765 0128  [ 2797F33EBF50466020C430EE4F037933 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
11:18:01.0765 0128  wdmaud - ok
11:18:01.0828 0128  [ 1EB51FEEA9D3208EAE60604F4346C02E ] WebClient       C:\WINDOWS\System32\webclnt.dll
11:18:01.0843 0128  WebClient - ok
11:18:01.0921 0128  [ 473EE64C368CE2EED110376C11960259 ] winachsf        C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
11:18:01.0984 0128  winachsf - ok
11:18:02.0093 0128  [ DA2DADB42916E59C6E4BBA593BCCDA73 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
11:18:02.0093 0128  winmgmt - ok
11:18:02.0171 0128  [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUSB          C:\WINDOWS\system32\DRIVERS\WinUSB.sys
11:18:02.0171 0128  WinUSB - ok
11:18:02.0250 0128  [ 94A85E956A065E23E0010A6A7826243B ] WLSetupSvc      C:\Programme\Windows Live\installer\WLSetupSvc.exe
11:18:02.0296 0128  WLSetupSvc - ok
11:18:02.0359 0128  [ 140EF97B64F560FD78643CAE2CDAD838 ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
11:18:02.0359 0128  WmdmPmSN - ok
11:18:02.0437 0128  [ AE2C8544E747C20062DB27456EA2D67A ] WmiAcpi         C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
11:18:02.0453 0128  WmiAcpi - ok
11:18:02.0500 0128  [ 042A78FCD1ADFB0FBA9865D55C6F5CC1 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
11:18:02.0500 0128  WmiApSrv - ok
11:18:02.0546 0128  [ 1385E5AA9C9821790D33A9563B8D2DD0 ] WpdUsb          C:\WINDOWS\system32\Drivers\wpdusb.sys
11:18:02.0562 0128  WpdUsb - ok
11:18:02.0609 0128  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
11:18:02.0609 0128  WS2IFSL - ok
11:18:02.0656 0128  [ BD3561AAE748150CF51C2CA876449EA7 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
11:18:02.0687 0128  wscsvc - ok
11:18:02.0718 0128  [ D5842484F05E12121C511AA93F6439EC ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
11:18:02.0734 0128  WSTCODEC - ok
11:18:02.0781 0128  [ 1EDDD5C0ECF3FA6EDFD8A25B2B4E7DF6 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
11:18:02.0796 0128  wuauserv - ok
11:18:02.0890 0128  [ EB52B74A5DAADC2CCA68B3E7D81007E6 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
11:18:02.0921 0128  WZCSVC - ok
11:18:02.0984 0128  [ 8302DE1C64618D72346DD0034DBC5D9B ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
11:18:03.0000 0128  xmlprov - ok
11:18:03.0156 0128  ================ Scan global ===============================
11:18:03.0203 0128  [ 1B91BAC6996731EE8925F58205DCB016 ] C:\WINDOWS\system32\basesrv.dll
11:18:03.0250 0128  [ 340A91FBD2A371CBF52E35E3B7DFE2EC ] C:\WINDOWS\system32\winsrv.dll
11:18:03.0281 0128  [ 340A91FBD2A371CBF52E35E3B7DFE2EC ] C:\WINDOWS\system32\winsrv.dll
11:18:03.0312 0128  [ A07CA23EA361A01E627D911CF139B950 ] C:\WINDOWS\system32\services.exe
11:18:03.0312 0128  [Global] - ok
11:18:03.0328 0128  ================ Scan MBR ==================================
11:18:03.0343 0128  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
11:18:03.0609 0128  \Device\Harddisk0\DR0 - ok
11:18:03.0609 0128  ================ Scan VBR ==================================
11:18:03.0609 0128  [ 0AC7EA54F1874C8AE1170D25A530857C ] \Device\Harddisk0\DR0\Partition1
11:18:03.0625 0128  \Device\Harddisk0\DR0\Partition1 - ok
11:18:03.0625 0128  ============================================================
11:18:03.0625 0128  Scan finished
11:18:03.0625 0128  ============================================================
11:18:03.0671 2296  Detected object count: 0
11:18:03.0671 2296  Actual detected object count: 0
         

Alt 17.10.2012, 10:20   #10
Psychotic
/// Malwareteam
 
Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt - Standard

Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt



Wie verhält sich der Rechner?
__________________
Kein Asylrecht für Trojaner!

Proud Member of UNITE

Hinweis: Ich bin nur werktags erreichbar!
Anfragen über PM werden ignoriert!

Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board!

Alt 17.10.2012, 10:35   #11
5CB
 
Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt - Standard

Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt



Probleme sind behoben, soweit ich das einschätzen kann alles ok.
Geschafft? Wenn ja, vielen vielen Dank.

Grüße
Martin

Alt 17.10.2012, 10:53   #12
Psychotic
/// Malwareteam
 
Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt - Standard

Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt



Sieht ganz gut aus - kontrollieren wir alles nochmal!


Schritt 1: MBAM vollständig


Downloade Dir bitte Malwarebytes
  • Installiere das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere Vollständigen Scan durchführen und drücke auf Scannen. (Hinweis: Alle Festplatten anhaken!)
  • Wenn der Scan beendet ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.



Schritt 2: ESET


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
Kein Asylrecht für Trojaner!

Proud Member of UNITE

Hinweis: Ich bin nur werktags erreichbar!
Anfragen über PM werden ignoriert!

Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board!

Alt 17.10.2012, 23:18   #13
5CB
 
Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt - Standard

Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt



Hi Marius,

hier erstmal das Malewarebytes-Log:
Code:
ATTFilter
Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Datenbank Version: v2012.10.17.05

Windows XP Service Pack 2 x86 NTFS
Internet Explorer 6.0.2900.2180
User :: KAROOSU-II [Administrator]

17.10.2012 12:05:25
mbam-log-2012-10-17 (12-05-25).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 416291
Laufzeit: 4 Stunde(n), 31 Minute(n), 37 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 7
C:\TDSSKiller_Quarantine\16.10.2012_15.34.42\rtkt0000\zafs0000\tsk0001.dta (Rootkit.0Access) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\TDSSKiller_Quarantine\16.10.2012_15.34.42\rtkt0000\zafs0000\tsk0005.dta (Rootkit.Zaccess) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\TDSSKiller_Quarantine\16.10.2012_15.34.42\rtkt0000\zafs0000\tsk0006.dta (Trojan.Dropper.BCMiner) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\TDSSKiller_Quarantine\16.10.2012_15.34.42\rtkt0000\zafs0000\tsk0007.dta (Rootkit.0Access) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\TDSSKiller_Quarantine\16.10.2012_15.34.42\rtkt0000\zafs0000\tsk0008.dta (Trojan.Small) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\TDSSKiller_Quarantine\16.10.2012_15.34.42\rtkt0000\zafs0000\tsk0009.dta (Rootkit.0Access) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\boot.bin (Malware.Trace) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         
Code:
ATTFilter
C:\Dokumente und Einstellungen\User\Eigene Dateien\Downloads\LabView_8.exe	Win32/Adware.1ClickDownload.G application
C:\Programme\SlySoft\AnyDVD\AnyDVD_.exe	probably a variant of Win32/VB.HQGUAIF trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\Drivers\khips.sys.vir	Win32/Sirefef.DA trojan
C:\TDSSKiller_Quarantine\16.10.2012_15.34.42\rtkt0000\svc0000\tsk0000.dta	Win32/Sirefef.DA trojan
         

Alt 18.10.2012, 10:27   #14
Psychotic
/// Malwareteam
 
Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt - Standard

Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt



Service Pack installieren

Downloade dir Windows XP Service Packe 3 von hier und speichere die Datei auf deinem Desktop.

Starte das Setup und folge den Anweisungen auf deinem Bildschirm, um dein System zu aktualisieren.
__________________
Kein Asylrecht für Trojaner!

Proud Member of UNITE

Hinweis: Ich bin nur werktags erreichbar!
Anfragen über PM werden ignoriert!

Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board!

Alt 19.10.2012, 08:33   #15
5CB
 
Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt - Standard

Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt



Ok, SP3 ist installiert...Laptop funktioniert soweit.

Antwort

Themen zu Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt
antivir, application/pdf:, avira, bho, desktop, entfernen, error, excel, fehler, firefox, flash player, format, google, google-redirect, home, hotkey.sys, installation, langsam, launch, mozilla, mp3, national, office 2007, plug-in, programm, realtek, registry, rootkit, rundll, safer networking, scan, security, sehr langsam, software, system, total commander, tracker



Ähnliche Themen: Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt


  1. GMER-Rootkit-Analyse !
    Log-Analyse und Auswertung - 05.11.2014 (6)
  2. GMER - Rootkit - Analayse
    Log-Analyse und Auswertung - 09.07.2014 (3)
  3. Nach dem Scan mit GMER hat er Festgestellt dass System Modifikationen bestehen
    Log-Analyse und Auswertung - 12.02.2014 (11)
  4. gmer log bei rootkit
    Log-Analyse und Auswertung - 21.12.2013 (7)
  5. GMER - Rootkit Scanner - VMAUTHSERVICE Rootkit
    Log-Analyse und Auswertung - 27.10.2013 (5)
  6. Rootkit Infektion, danach Windows-Neuinstallation, GMER zeigt erneut Rootkit Aktivitäten an (Avast! false positive?)
    Log-Analyse und Auswertung - 05.03.2013 (2)
  7. google leitet mich auf falsche Seiten um (google redirect?)
    Log-Analyse und Auswertung - 14.08.2012 (20)
  8. TR/Atraps.Gen2 TR/Sirefef.AG.35 TR/Small.FI - Gmer meldet Rootkit Aktivität
    Plagegeister aller Art und deren Bekämpfung - 28.06.2012 (8)
  9. Gmer.exe findet Rootkit/Malware
    Plagegeister aller Art und deren Bekämpfung - 04.02.2011 (5)
  10. Absturz durch Rootkit beim GMER Rootkit Scan
    Plagegeister aller Art und deren Bekämpfung - 16.12.2010 (4)
  11. Pc Absturz durch Rootkit bei GMER Rootkit Scan
    Plagegeister aller Art und deren Bekämpfung - 12.08.2010 (20)
  12. GMER hat Rootkit gefunden!
    Plagegeister aller Art und deren Bekämpfung - 08.03.2010 (1)
  13. Rootkit mit Gmer gefunden
    Plagegeister aller Art und deren Bekämpfung - 03.03.2010 (5)
  14. Rootkit? (Bisher nur gmer-Log)
    Mülltonne - 08.02.2010 (2)
  15. Google Redirect / Umleitung bei jeder Suche - Rootkit?
    Log-Analyse und Auswertung - 18.01.2010 (4)
  16. Google redirect -> rootkit?
    Log-Analyse und Auswertung - 11.12.2009 (21)
  17. Rootkit Untersuchung mit GMER
    Plagegeister aller Art und deren Bekämpfung - 16.11.2009 (5)

Zum Thema Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt - Hallo TB-Team, ich habe seit einigen Tagen Probleme mit meinem Laptop: Rechner ist sehr langsam, Freeze, Redirect auf Google, wenn ich mit Firefox surfe. GMER hat Rootkit-Aktivität festgestellt, ein Log-File - Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt...
Archiv
Du betrachtest: Redirect auf Google, GMER hat Rootkit-Aktivität festgestellt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.