Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Stream,Downloads,Flash Player Hängt.

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 26.09.2012, 21:58   #1
une fille
 
Stream,Downloads,Flash Player Hängt. - Standard

Stream,Downloads,Flash Player Hängt.



Hallo zusammen,

ich hatte vor ein paar Tagen das Problem mit searchnu, das sich bei jedem neuen Tab selbst geöffnet hat. Dieses wurde aber durch die löschung des Videoconverters der mir das beschert hat und die deaktivierug von Java gelöst.

Nun stehe ich vor folgendem Problem. Immer wenn ich Irgend einen Stream öffne, Youtube MyVideo etc. hängt dieser. Es stottert, geht elend schleppend voran ich muss ewig warten. Habe Flashplayer aktualisiert, Java gelöscht, brachte beides nichts. Bei Itunes spielt es selbt im Store die Liedervorschauen nicht stotterfrei ab, es kommt immer eine zwischenmeldung, das der Stream geladen wird dauert nur einige Sekunden. Mein Itunes muss ich noch aktualisieren aber besteht da (k)ein Zusammenhang mit dem Browserstream?

Des weiteren dauern meine Downloads aus Mozilla immer eeeewig, das letzte ITunes Setup hat beinahe 2 Stunden gedauert, bei AntiVir(free) lädt es nur bis 23 MB runter dann ist tutti-logischerweise nicht das ganze Setup und daher keine aktualisierung möglich.

Könnt ihr mir helfen? Hängt es evtl. doch mit Searchnu zusammen?
Wäre dankbar für Hilfe und Anleitungen

Alles Liebe

Alt 26.09.2012, 21:59   #2
markusg
/// Malware-holic
 
Stream,Downloads,Flash Player Hängt. - Standard

Stream,Downloads,Flash Player Hängt.



hi
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Alt 26.09.2012, 22:19   #3
une fille
 
Stream,Downloads,Flash Player Hängt. - Standard

Stream,Downloads,Flash Player Hängt.



OTL:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 26.09.2012 23:06:01 - Run 1
OTL by OldTimer - Version 3.2.68.0     Folder = C:\Dokumente und Einstellungen\Damaris\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,93 Gb Total Physical Memory | 1,42 Gb Available Physical Memory | 73,26% Memory free
3,78 Gb Paging File | 3,34 Gb Available in Paging File | 88,42% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 127,99 Gb Total Space | 77,06 Gb Free Space | 60,21% Space Free | Partition Type: NTFS
 
Computer Name: ACER | User Name: Damaris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\Damaris\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Programme\Bluetooth XP Suite\BluetoothSuit.exe (Atheros Communications)
PRC - C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Programme\Logitech\Logitech WebCam Software\LWS.exe ()
PRC - C:\Programme\Gemeinsame Dateien\LogiShrd\LQCVFX\COCIManager.exe ()
PRC - C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Styler\Styler.exe (ta2027)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU ()
MOD - C:\Programme\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Programme\Avira\AntiVir Desktop\sqlite3.dll ()
MOD - C:\Programme\Logitech\Logitech WebCam Software\LWS.exe ()
MOD - C:\Programme\Gemeinsame Dateien\LogiShrd\LQCVFX\COCIManager.exe ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\WINDOWS\system32\redmonnt.dll ()
MOD - C:\Programme\Styler\UNRAR\unrar.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (McComponentHostService) -- C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (LVPrcSrv) -- C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (WDICA) --  File not found
DRV - (PDRFRAME) --  File not found
DRV - (PDRELI) --  File not found
DRV - (PDFRAME) --  File not found
DRV - (PDCOMP) --  File not found
DRV - (PCIDump) --  File not found
DRV - (lbrtfdc) --  File not found
DRV - (i2omgmt) --  File not found
DRV - (Changer) --  File not found
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (RSUSBSTOR) -- C:\WINDOWS\system32\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (AR5416) -- C:\WINDOWS\system32\drivers\athw.sys (Atheros Communications, Inc.)
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (FilterService) -- C:\WINDOWS\system32\drivers\lvuvcflt.sys (Logitech Inc.)
DRV - (LVUVC) -- C:\WINDOWS\system32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVRS) -- C:\WINDOWS\system32\drivers\lvrs.sys (Logitech Inc.)
DRV - (LVPr2Mon) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys ()
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Schnell-Startseite - COMPUTER BILD
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Google [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Babylon Search
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&AF=110000&babsrc=SP_ss&mntrId=e0c73cd000000000000090004e1e1080
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "Search Results"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..keyword.URL: "hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=410&sr=0&q="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Dokumente und Einstellungen\Damaris\Lokale Einstellungen\Anwendungsdaten\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.09.11 18:35:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins
 
[2012.09.11 19:38:49 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Damaris\Anwendungsdaten\Mozilla\Extensions
[2012.09.26 17:38:01 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Damaris\Anwendungsdaten\Mozilla\Firefox\Profiles\xzlic5q2.default\extensions
[2012.07.23 16:00:21 | 000,002,515 | ---- | M] () -- C:\Dokumente und Einstellungen\Damaris\Anwendungsdaten\Mozilla\Firefox\Profiles\xzlic5q2.default\searchplugins\Search_Results.xml
[2012.09.11 19:43:06 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.07.17 16:29:53 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012.09.11 18:35:34 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.07.01 22:27:23 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.26 19:38:08 | 000,002,310 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\babylon.xml
[2012.08.30 12:01:35 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.07.01 22:27:23 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.01 22:27:23 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.23 16:00:21 | 000,002,515 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\Search_Results.xml
[2012.07.01 22:27:23 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.01 22:27:23 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2001.08.23 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (ICQ Sparberater) - {FE163F11-1919-4257-A280-FF5AF8DAEECB} - C:\Programme\icq\Internet Explorer\icq.dll (solute gmbh)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (StylerToolBar) - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Programme\Styler\TB\StylerTB.dll (StyleFantasist)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AtherosBtXpStack] C:\Programme\Bluetooth XP Suite\BluetoothSuit.exe (Atheros Communications)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AzMixerSel] C:\Programme\Realtek\Audio\Drivers\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Programme\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKCU..\Run: [Facebook Update] C:\Dokumente und Einstellungen\Damaris\Lokale Einstellungen\Anwendungsdaten\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Bluetooth.lnk = C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk = C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\Damaris\Startmenü\Programme\Autostart\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\Damaris\Startmenü\Programme\Autostart\Styler.lnk = C:\Dokumente und Einstellungen\Damaris\Anwendungsdaten\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Programme\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Programme\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains:   ([]msn in My Computer)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0A24C2F2-5E74-423C-A033-3B7C75087E3C}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Damaris\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Damaris\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.07.08 17:31:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C314CE45-3392-3B73-B4E1-139CD41CA933} - .NET Framework
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\INF\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{6F1A8016-065F-4C94-B87B-83776247315C} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
 
NetSvcs: 6to4 -  File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.23 22:59:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012.09.23 22:42:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2012.09.23 22:42:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de
[2012.09.23 22:42:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2012.09.23 22:36:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2012.09.11 18:35:24 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[2012.09.03 12:03:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2012.09.02 20:00:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\QuickTime
[2012.09.02 20:00:08 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime
[2012.08.30 11:45:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Damaris\AppData
[2012.08.30 11:45:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Damaris\Anwendungsdaten\searchquband
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.26 22:56:02 | 000,001,236 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1708537768-1177238915-682003330-1003UA.job
[2012.09.26 22:35:15 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.09.26 22:30:35 | 000,449,038 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.09.26 22:30:35 | 000,432,690 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.09.26 22:30:35 | 000,080,312 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.09.26 22:30:35 | 000,067,646 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.09.26 22:26:41 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.09.26 22:26:18 | 000,002,241 | ---- | M] () -- C:\Dokumente und Einstellungen\Damaris\Startmenü\Programme\Autostart\Styler.lnk
[2012.09.26 22:26:13 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\Express Files Updater.job
[2012.09.26 22:26:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.09.26 22:24:48 | 000,001,029 | ---- | M] () -- C:\Dokumente und Einstellungen\Damaris\bmarchive.bms
[2012.09.26 17:58:16 | 000,180,240 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.09.26 17:56:57 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.09.26 16:56:00 | 000,001,214 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1708537768-1177238915-682003330-1003Core.job
[2012.09.24 18:10:27 | 000,004,188 | ---- | M] () -- C:\Dokumente und Einstellungen\Damaris\.recently-used.xbel
[2012.09.24 17:32:03 | 000,735,232 | -H-- | M] () -- C:\Dokumente und Einstellungen\Damaris\Eigene Dateien\photothumb.db
[2012.09.23 23:40:53 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012.09.23 22:36:26 | 000,251,712 | ---- | M] () -- C:\ntldr
[2012.09.02 20:00:36 | 000,001,584 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\QuickTime Player.lnk
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.09.25 21:18:06 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.09.25 21:18:06 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012.09.24 18:10:27 | 000,004,188 | ---- | C] () -- C:\Dokumente und Einstellungen\Damaris\.recently-used.xbel
[2012.09.02 20:00:36 | 000,001,584 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\QuickTime Player.lnk
[2012.03.06 13:45:30 | 000,006,144 | ---- | C] () -- C:\Dokumente und Einstellungen\Damaris\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.02.26 19:38:25 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2011.11.10 17:07:09 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.11.02 15:40:21 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Missing.ini
[2011.11.02 15:40:10 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD-Start.INI
[2011.10.28 15:31:58 | 000,316,669 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Scannen0001.jpg
[2011.10.28 15:30:17 | 000,007,168 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\photothumb.db
[2011.09.11 15:11:50 | 000,034,576 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011.08.08 00:21:56 | 000,082,289 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2011.07.20 17:45:39 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\moveex.exe
[2011.07.15 20:26:09 | 000,001,029 | ---- | C] () -- C:\Dokumente und Einstellungen\Damaris\bmarchive.bms
[2011.07.15 20:20:23 | 000,247,560 | R--- | C] () -- C:\WINDOWS\System32\drivers\RTConvEQ.dat
[2011.07.15 20:20:23 | 000,037,468 | R--- | C] () -- C:\WINDOWS\System32\drivers\RtPCEE3.DAT
[2011.07.15 20:20:23 | 000,001,448 | R--- | C] () -- C:\WINDOWS\System32\drivers\RtHdatEx.dat
[2011.07.15 20:20:23 | 000,000,520 | R--- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX3.dat
[2011.07.15 20:20:23 | 000,000,520 | R--- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX2.dat
[2011.07.15 20:20:23 | 000,000,520 | R--- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX1.dat
[2011.07.15 20:20:23 | 000,000,520 | R--- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX0.dat
[2011.07.15 20:20:23 | 000,000,176 | R--- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ1.dat
[2011.07.15 20:20:23 | 000,000,024 | R--- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat
[2011.07.15 19:53:50 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v5002.dll
[2011.07.15 19:53:49 | 002,026,604 | R--- | C] () -- C:\WINDOWS\System32\igkrng500.bin
[2011.07.15 19:53:49 | 000,442,964 | R--- | C] () -- C:\WINDOWS\System32\igcompkrng500.bin
[2011.07.08 18:21:17 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.07.08 18:20:25 | 000,180,240 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.07.08 17:47:55 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2011.07.08 17:33:26 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.07.08 17:29:31 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
 
========== ZeroAccess Check ==========
 
[2011.07.15 19:33:50 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\System32\shdocvw.dll -- [2008.04.14 04:22:25 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\wbemess.dll -- [2008.04.14 04:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2012.02.26 19:38:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Babylon
[2012.07.24 14:58:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\boost_interprocess
[2011.11.07 23:57:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2011.07.15 22:31:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012.06.14 14:42:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Damaris\Anwendungsdaten\AnvSoft
[2012.02.26 19:38:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Damaris\Anwendungsdaten\Babylon
[2011.07.19 22:43:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Damaris\Anwendungsdaten\DVDVideoSoft
[2011.07.19 21:47:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Damaris\Anwendungsdaten\DVDVideoSoftIEHelpers
[2012.07.23 16:00:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Damaris\Anwendungsdaten\FreeAudioPack
[2012.08.02 15:02:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Damaris\Anwendungsdaten\gtk-2.0
[2011.12.20 18:33:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Damaris\Anwendungsdaten\ICQ
[2011.08.08 00:23:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Damaris\Anwendungsdaten\Leadertech
[2012.06.14 14:42:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Damaris\Anwendungsdaten\OpenCandy
[2012.04.16 11:43:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Damaris\Anwendungsdaten\OpenOffice.org
[2011.07.20 16:16:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Damaris\Anwendungsdaten\PhotoScape
[2012.08.30 11:45:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Damaris\Anwendungsdaten\searchquband
[2011.08.19 19:10:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Damaris\Anwendungsdaten\Simfy
[2011.07.21 13:22:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Damaris\Anwendungsdaten\Styler
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2011.07.08 17:46:24 | 000,000,000 | ---D | M] -- C:\a45c54cfa2f34c7baeb387d7d6
[2011.10.28 15:32:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen
[2011.07.15 19:30:47 | 000,000,000 | ---D | M] -- C:\Intel
[2011.07.20 20:58:36 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2012.09.24 15:55:57 | 000,000,000 | ---D | M] -- C:\output
[2012.09.26 22:26:02 | 000,000,000 | R--D | M] -- C:\Programme
[2011.07.15 19:47:29 | 000,000,000 | -HSD | M] -- C:\RECYCLER
[2012.03.18 22:25:58 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.09.26 17:58:54 | 000,000,000 | ---D | M] -- C:\WINDOWS
 
< %PROGRAMFILES%\*.exe >
Invalid Environment Variable: LOCALAPPDATA
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2008.04.14 04:23:08 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\h323.tsp
[2008.04.14 04:23:08 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2008.04.14 04:23:08 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ipconf.tsp
[2008.04.14 04:23:08 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2008.04.14 04:23:08 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2008.04.14 04:23:08 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2008.04.14 04:23:08 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
[2011.07.08 17:30:01 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2011.07.08 17:31:49 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2011.07.15 22:29:40 | 000,000,276 | ---- | C] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2011.09.06 04:46:18 | 000,001,214 | ---- | C] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1708537768-1177238915-682003330-1003Core.job
[2011.09.06 04:46:19 | 000,001,236 | ---- | C] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1708537768-1177238915-682003330-1003UA.job
[2012.03.12 08:43:49 | 000,000,282 | ---- | C] () -- C:\WINDOWS\Tasks\Express Files Updater.job
[2012.04.18 21:34:48 | 000,000,884 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
 
< MD5 for: AGP440.SYS  >
[2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\a45c54cfa2f34c7baeb387d7d6\i386\sp2.cab:AGP440.sys
[2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2012.09.23 22:31:03 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2012.09.23 22:31:03 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2012.09.23 22:31:03 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\a45c54cfa2f34c7baeb387d7d6\i386\sp2.cab:atapi.sys
[2002.08.29 03:52:58 | 010,180,476 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2012.09.23 22:31:03 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2002.08.29 03:52:58 | 010,180,476 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp1.cab:atapi.sys
[2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2012.09.23 22:31:03 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2012.09.23 22:31:03 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\eventlog.dll
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
[2004.08.04 00:57:20 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
 
< MD5 for: EXPLORER.EXE  >
[2004.08.04 00:57:54 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=22FE1BE02EADDE1632E478E4125639E0 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\explorer.exe
 
< MD5 for: NETLOGON.DLL  >
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\netlogon.dll
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
[2004.08.04 00:57:32 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
 
< MD5 for: SCECLI.DLL  >
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\scecli.dll
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
[2004.08.04 00:57:34 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
 
< MD5 for: USER32.DLL  >
[2004.08.04 00:57:38 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\user32.dll
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\userinit.exe
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2004.08.04 00:58:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2004.08.04 00:58:20 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2001.08.23 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2001.08.23 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2011.07.08 19:20:00 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2011.07.08 19:20:00 | 000,634,880 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2011.07.08 19:20:00 | 000,409,600 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
 
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
 
< %USERPROFILE%\*.* >
[2012.09.24 18:10:27 | 000,004,188 | ---- | M] () -- C:\Dokumente und Einstellungen\Damaris\.recently-used.xbel
[2012.09.26 22:24:48 | 000,001,029 | ---- | M] () -- C:\Dokumente und Einstellungen\Damaris\bmarchive.bms
[2012.09.26 22:25:08 | 003,670,016 | -H-- | M] () -- C:\Dokumente und Einstellungen\Damaris\NTUSER.DAT
[2012.09.26 23:13:24 | 000,001,024 | -H-- | M] () -- C:\Dokumente und Einstellungen\Damaris\ntuser.dat.LOG
[2012.09.26 22:25:08 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Damaris\ntuser.ini
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Kmode: %SystemRoot%\system32\win32k.sys [2012.07.03 20:25:08 | 001,866,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

< End of report >
         
--- --- ---

Extra:OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 26.09.2012 23:06:01 - Run 1
OTL by OldTimer - Version 3.2.68.0     Folder = C:\Dokumente und Einstellungen\Damaris\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,93 Gb Total Physical Memory | 1,42 Gb Available Physical Memory | 73,26% Memory free
3,78 Gb Paging File | 3,34 Gb Available in Paging File | 88,42% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 127,99 Gb Total Space | 77,06 Gb Free Space | 60,21% Space Free | Partition Type: NTFS
 
Computer Name: ACER | User Name: Damaris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\ICQ7.6\ICQ.exe" = C:\Programme\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6 -- (ICQ, LLC.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Microsoft Office\Office12\ONENOTE.EXE" = C:\Programme\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Programme\Internet Explorer\iexplore.exe" = C:\Programme\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer -- (Microsoft Corporation)
"C:\Programme\ICQ7.6\ICQ.exe" = C:\Programme\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6 -- (ICQ, LLC.)
"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Programme\ExpressFiles\ExpressFiles.exe" = C:\Programme\ExpressFiles\ExpressFiles.exe:*:Enabled:ExpressFiles
"C:\Programme\ExpressFiles\ExpressDL.exe" = C:\Programme\ExpressFiles\ExpressDL.exe:*:Enabled:ExpressFilesDL
"C:\Dokumente und Einstellungen\Damaris\Lokale Einstellungen\Anwendungsdaten\Facebook\Video\Skype\FacebookVideoCalling.exe" = C:\Dokumente und Einstellungen\Damaris\Lokale Einstellungen\Anwendungsdaten\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin -- (Skype Limited)
"C:\Programme\Logitech\Vid HD\Vid.exe" = C:\Programme\Logitech\Vid HD\Vid.exe:*:Enabled:Logitech Vid HD -- (Logitech Inc.)
"C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Programme\Bonjour\mDNSResponder.exe" = C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Dienst "Bonjour" -- (Apple Inc.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros WLAN Driver
"{28B0F39B-C0C6-4CC5-902B-9BF20111804C}" = Bluetooth XP Suite
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = Die Sims 2
"{7644E42D-B096-457F-8B5B-901238FC81AE}" = ICQ7.6
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software
"{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (German) 12
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9D210D79-AEC5-453B-960C-4DD2C73931E1}" = Bonjour-Druckdienste
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}" = Styler
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F9871263-FFAF-DA04-0DE0-1A2E01D2DA4C}" = ATI Catalyst Install Manager
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FE163F11-1919-4257-A280-FF5AF8DAEECB}" = ICQ Sparberater
"102558127EAC4B4E5B5B830D8F99297E9A62FCBB" = Windows-Treiberpaket - Intel (NETw5x32) net  (05/31/2010 13.2.1.5)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ICQToolbar" = ICQ Toolbar
"ie8" = Windows Internet Explorer 8
"Logitech Vid" = Logitech Vid HD
"lvdrivers_12.10" = Logitech Webcam Software-Treiberpaket
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PhotoScape" = PhotoScape
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FoxTab PDF Creator" = FoxTab PDF Creator
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 26.09.2012 15:29:35 | Computer Name = ACER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4016
 
Error - 26.09.2012 15:43:55 | Computer Name = ACER | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung firefox.exe, Version 15.0.1.4631, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 26.09.2012 15:45:17 | Computer Name = ACER | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung firefox.exe, Version 15.0.1.4631, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 26.09.2012 15:47:57 | Computer Name = ACER | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung firefox.exe, Version 15.0.1.4631, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 26.09.2012 15:48:21 | Computer Name = ACER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 26.09.2012 15:48:21 | Computer Name = ACER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2281
 
Error - 26.09.2012 15:48:21 | Computer Name = ACER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2281
 
Error - 26.09.2012 16:01:34 | Computer Name = ACER | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung firefox.exe, Version 15.0.1.4631, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 26.09.2012 16:24:55 | Computer Name = ACER | Source = Bonjour Service | ID = 100
Description = 236: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
 vom Remotehost geschlossen.)
 
Error - 26.09.2012 17:04:44 | Computer Name = ACER | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung OTL.exe, Version 3.2.68.0, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
[ System Events ]
Error - 16.04.2012 16:08:02 | Computer Name = ACER | Source = DCOM | ID = 10010
Description = Der Server "{C2BFE331-6739-4270-86C9-493D9A04CD38}" konnte innerhalb
 des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
 
Error - 22.05.2012 08:53:10 | Computer Name = ACER | Source = DCOM | ID = 10010
Description = Der Server "{2692A9D5-61DF-46D5-A5A1-A6CCA921D578}" konnte innerhalb
 des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
 
Error - 01.07.2012 16:27:11 | Computer Name = ACER | Source = ipnathlp | ID = 32003
Description = Der Übersetzer für Netzwerkadressen (NAT) konnte  keine Anfrage des
 Übersetzungsmoduls des Kernelmodus stellen.  Möglicherweise liegen eine falsche Konfiguration,
 unzureichende Ressourcen oder  ein interner Fehler vor.  Die Daten enthalten den Fehlercode.
 
Error - 03.07.2012 05:43:18 | Computer Name = ACER | Source = Windows Update Agent | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x8007f0f4 fehlgeschlagen: Windows XP Service Pack 3 (KB936929)
 
Error - 20.08.2012 10:53:43 | Computer Name = ACER | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort1 hat innerhalb der Fehlerwartezeit nicht
 geantwortet.
 
Error - 26.09.2012 09:35:31 | Computer Name = ACER | Source = DCOM | ID = 10010
Description = Der Server "{063D34A4-BF84-4B8D-B699-E8CA06504DDE}" konnte innerhalb
 des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
 
Error - 26.09.2012 09:58:03 | Computer Name = ACER | Source = DCOM | ID = 10010
Description = Der Server "{2692A9D5-61DF-46D5-A5A1-A6CCA921D578}" konnte innerhalb
 des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
 
 
< End of report >
         
--- --- ---
__________________

Alt 26.09.2012, 22:25   #4
markusg
/// Malware-holic
 
Stream,Downloads,Flash Player Hängt. - Standard

Stream,Downloads,Flash Player Hängt.



Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.
Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 26.09.2012, 22:41   #5
une fille
 
Stream,Downloads,Flash Player Hängt. - Standard

Stream,Downloads,Flash Player Hängt.



Jetzt kommt eine Meldung

''Dieser PC verfügt nicht über die 'Microsoft-Wiederherstellungskonsole.''

Trotzdem Ja klicken?


Alt 26.09.2012, 22:42   #6
markusg
/// Malware-holic
 
Stream,Downloads,Flash Player Hängt. - Standard

Stream,Downloads,Flash Player Hängt.



ja konsole instalieren
__________________
--> Stream,Downloads,Flash Player Hängt.

Alt 26.09.2012, 23:00   #7
une fille
 
Stream,Downloads,Flash Player Hängt. - Standard

Stream,Downloads,Flash Player Hängt.



C:\Combofix.txtCombofix Logfile:
Code:
ATTFilter
ComboFix 12-09-26.04 - Damaris 26.09.2012  23:46:58.1.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.43.1031.18.1978.1155 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Damaris\Eigene Dateien\Downloads\ComboFix.exe
AV: AntiVir Desktop *Disabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\dllcache\dlimport.exe
c:\windows\TEMP\logishrd\LVPrcInj01.dll
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-08-26 bis 2012-09-26  ))))))))))))))))))))))))))))))
.
.
2012-09-26 14:52 . 2012-08-28 15:05	521728	-c----w-	c:\windows\system32\dllcache\jsdbgui.dll
2012-09-26 14:43 . 2010-09-18 06:52	953856	-c----w-	c:\windows\system32\dllcache\mfc40u.dll
2012-09-26 14:31 . 2010-08-23 16:11	617472	-c----w-	c:\windows\system32\dllcache\comctl32.dll
2012-09-26 14:03 . 2010-11-02 15:17	40960	-c----w-	c:\windows\system32\dllcache\ndproxy.sys
2012-09-26 13:43 . 2011-04-21 13:37	105472	-c----w-	c:\windows\system32\dllcache\mup.sys
2012-09-26 13:43 . 2012-07-04 14:05	139784	-c----w-	c:\windows\system32\dllcache\rdpwd.sys
2012-09-25 19:29 . 2012-05-28 18:16	536576	-c----w-	c:\windows\system32\dllcache\msado15.dll
2012-09-25 19:18 . 2011-07-08 14:02	10496	-c----w-	c:\windows\system32\dllcache\ndistapi.sys
2012-09-25 19:18 . 2012-01-11 19:06	3072	-c----w-	c:\windows\system32\dllcache\iacenc.dll
2012-09-25 19:18 . 2012-01-11 19:06	3072	------w-	c:\windows\system32\iacenc.dll
2012-09-25 19:15 . 2010-10-11 14:59	45568	-c----w-	c:\windows\system32\dllcache\wab.exe
2012-09-23 21:41 . 2012-09-23 21:41	--------	d-sh--w-	c:\dokumente und einstellungen\NetworkService\IETldCache
2012-09-23 21:00 . 2008-04-14 02:22	221184	----a-w-	c:\windows\system32\wmpns.dll
2012-09-23 20:42 . 2012-09-23 20:42	--------	d-----w-	c:\windows\l2schemas
2012-09-23 20:42 . 2012-09-23 20:42	--------	d-----w-	c:\windows\system32\de
2012-09-23 20:42 . 2012-09-23 20:42	--------	d-----w-	c:\windows\system32\bits
2012-09-03 10:03 . 2012-09-03 10:03	--------	d-----w-	c:\windows\Sun
2012-09-02 18:00 . 2012-09-02 18:00	159744	----a-w-	c:\programme\Internet Explorer\PLUGINS\npqtplugin7.dll
2012-09-02 18:00 . 2012-09-02 18:00	159744	----a-w-	c:\programme\Internet Explorer\PLUGINS\npqtplugin6.dll
2012-09-02 18:00 . 2012-09-02 18:00	159744	----a-w-	c:\programme\Internet Explorer\PLUGINS\npqtplugin5.dll
2012-09-02 18:00 . 2012-09-02 18:00	159744	----a-w-	c:\programme\Internet Explorer\PLUGINS\npqtplugin4.dll
2012-09-02 18:00 . 2012-09-02 18:00	159744	----a-w-	c:\programme\Internet Explorer\PLUGINS\npqtplugin3.dll
2012-09-02 18:00 . 2012-09-02 18:00	159744	----a-w-	c:\programme\Internet Explorer\PLUGINS\npqtplugin2.dll
2012-09-02 18:00 . 2012-09-02 18:00	159744	----a-w-	c:\programme\Internet Explorer\PLUGINS\npqtplugin.dll
2012-09-02 18:00 . 2012-09-02 18:00	--------	d-----w-	c:\programme\QuickTime
2012-08-30 09:45 . 2012-08-30 09:45	--------	d-----w-	c:\dokumente und einstellungen\Damaris\AppData
2012-08-30 09:45 . 2012-08-30 09:45	--------	d-----w-	c:\dokumente und einstellungen\Damaris\Anwendungsdaten\searchquband
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-26 16:59 . 2012-04-18 19:34	696240	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-09-26 16:59 . 2011-07-15 20:11	73136	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-02 17:29 . 2012-08-26 20:05	821736	----a-w-	c:\windows\system32\npDeployJava1.dll
2012-09-02 17:29 . 2012-04-16 09:40	746984	----a-w-	c:\windows\system32\deployJava1.dll
2012-08-28 15:05 . 2011-07-08 15:39	916992	----a-w-	c:\windows\system32\wininet.dll
2012-08-28 15:05 . 2011-07-08 15:47	43520	----a-w-	c:\windows\system32\licmgr10.dll
2012-08-28 15:05 . 2011-07-08 15:47	1469440	------w-	c:\windows\system32\inetcpl.cpl
2012-08-28 12:07 . 2011-07-08 16:16	385024	----a-w-	c:\windows\system32\html.iec
2012-07-06 13:59 . 2011-07-08 15:47	78336	----a-w-	c:\windows\system32\browser.dll
2012-07-04 14:05 . 2011-07-08 15:47	139784	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-07-03 18:25 . 2011-07-08 15:39	1866240	----a-w-	c:\windows\system32\win32k.sys
2012-09-11 16:35 . 2012-09-11 16:35	266720	----a-w-	c:\programme\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FE163F11-1919-4257-A280-FF5AF8DAEECB}]
2011-08-25 07:15	50240	----a-w-	c:\programme\icq\Internet Explorer\icq.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="c:\dokumente und einstellungen\Damaris\Lokale Einstellungen\Anwendungsdaten\Facebook\Update\FacebookUpdate.exe" [2012-07-15 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2011-04-21 281768]
"SynTPEnh"="c:\programme\Synaptics\SynTP\SynTPEnh.exe" [2009-12-10 1594664]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-10-27 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-10-27 178712]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-10-27 150040]
"AtherosBtXpStack"="c:\programme\Bluetooth XP Suite\BluetoothSuit.exe" [2010-03-25 2167136]
"RTHDCPL"="RTHDCPL.EXE" [2010-07-06 19556968]
"AzMixerSel"="c:\programme\Realtek\Audio\Drivers\AzMixerSel.exe" [2009-12-11 59936]
"LogitechQuickCamRibbon"="c:\programme\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"APSDaemon"="c:\programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"iTunesHelper"="c:\programme\iTunes\iTunesHelper.exe" [2012-06-07 421776]
"QuickTime Task"="c:\programme\QuickTime\QTTask.exe" [2012-04-18 421888]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
c:\dokumente und einstellungen\Damaris\Startmenü\Programme\Autostart\
OpenOffice.org 3.3.lnk - c:\programme\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
Styler.lnk - c:\dokumente und einstellungen\Damaris\Anwendungsdaten\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe [2011-7-20 15086]
.
c:\dokumente und einstellungen\Damaris\Startmenü\Programme\Autostart\
OpenOffice.org 3.3.lnk - c:\programme\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
Styler.lnk - c:\dokumente und einstellungen\Damaris\Anwendungsdaten\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe [2011-7-20 15086]
.
c:\dokumente und einstellungen\Damaris\Startmenü\Programme\Autostart\
OpenOffice.org 3.3.lnk - c:\programme\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
Styler.lnk - c:\dokumente und einstellungen\Damaris\Anwendungsdaten\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe [2011-7-20 15086]
.
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\
Bluetooth.lnk - c:\programme\WIDCOMM\Bluetooth Software\BTTray.exe [2010-3-13 607584]
McAfee Security Scan Plus.lnk - c:\programme\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
c:\dokumente und einstellungen\Damaris\Startmenü\Programme\Autostart\
OpenOffice.org 3.3.lnk - c:\programme\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
Styler.lnk - c:\dokumente und einstellungen\Damaris\Anwendungsdaten\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe [2011-7-20 15086]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Programme\\ICQ7.6\\ICQ.exe"=
"c:\\Programme\\Skype\\Phone\\Skype.exe"=
"c:\\Dokumente und Einstellungen\\Damaris\\Lokale Einstellungen\\Anwendungsdaten\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"c:\\Programme\\Logitech\\Vid HD\\Vid.exe"=
"c:\\Programme\\Gemeinsame Dateien\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Programme\\iTunes\\iTunes.exe"=
"c:\\Programme\\Bonjour\\mDNSResponder.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [15.07.2011 18:25 136360]
R2 ICQ Service;ICQ Service;c:\programme\ICQ6Toolbar\ICQ Service.exe [07.11.2011 23:57 247872]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [18.04.2012 21:34 250288]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [15.07.2011 20:19 1691480]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\programme\McAfee Security Scan\2.0.181\McCHSvc.exe [15.01.2010 14:49 227232]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\programme\Mozilla Maintenance Service\maintenanceservice.exe [08.05.2012 13:16 114144]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [15.07.2011 19:28 193056]
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2012-09-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-18 16:59]
.
2012-08-06 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programme\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]
.
2012-09-26 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1708537768-1177238915-682003330-1003Core.job
- c:\dokumente und einstellungen\Damaris\Lokale Einstellungen\Anwendungsdaten\Facebook\Update\FacebookUpdate.exe [2011-09-06 14:51]
.
2012-09-26 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1708537768-1177238915-682003330-1003UA.job
- c:\dokumente und einstellungen\Damaris\Lokale Einstellungen\Anwendungsdaten\Facebook\Update\FacebookUpdate.exe [2011-09-06 14:51]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.babylon.com/?AF=110000&babsrc=HP_ss&mntrId=e0c73cd000000000000090004e1e1080
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\programme\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\dokumente und einstellungen\Damaris\Anwendungsdaten\Mozilla\Firefox\Profiles\xzlic5q2.default\
FF - prefs.js: browser.search.selectedEngine - Search Results
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=410&sr=0&q=
FF - prefs.js: network.proxy.type - 0
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=110000
FF - user.js: extensions.BabylonToolbar_i.babExt - 
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - e0c73cd000000000000090004e1e1080
FF - user.js: extensions.BabylonToolbar_i.hardId - e0c73cd000000000000090004e1e1080
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15396
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1718:38
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-10 - (no file)
AddRemove-FoxTab PDF Creator - c:\programme\FoxTabPDFConverter\Uninstall\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2012-09-26 23:52
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'explorer.exe'(3284)
c:\programme\Styler\StylerHelper.dll
c:\windows\system32\webcheck.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\programme\Avira\AntiVir Desktop\avguard.exe
c:\programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\programme\Bonjour\mDNSResponder.exe
c:\programme\Avira\AntiVir Desktop\avshadow.exe
c:\programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\igfxsrvc.exe
c:\programme\OpenOffice.org 3\program\soffice.exe
c:\programme\OpenOffice.org 3\program\soffice.bin
c:\programme\Styler\Styler.exe
c:\programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\programme\Gemeinsame Dateien\Logishrd\LQCVFX\COCIManager.exe
c:\programme\iPod\bin\iPodService.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-09-26  23:58:01 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-09-26 21:57
.
Vor Suchlauf: 7 Verzeichnis(se), 86.927.491.072 Bytes frei
Nach Suchlauf: 9 Verzeichnis(se), 95.429.591.040 Bytes frei
.
WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
.
- - End Of File - - D0C1422284C2E5D89E789C16D47A7F9A
         
--- --- ---

Alt 26.09.2012, 23:07   #8
markusg
/// Malware-holic
 
Stream,Downloads,Flash Player Hängt. - Standard

Stream,Downloads,Flash Player Hängt.



hi
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 26.09.2012, 23:17   #9
une fille
 
Stream,Downloads,Flash Player Hängt. - Standard

Stream,Downloads,Flash Player Hängt.



War kein Fund aber ich finde nur den Report keinen Log(unterschied?) den kann ich aber nicht kopieren :')

00:11:53.0625 3708 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
00:11:53.0953 3708 ============================================================
00:11:53.0953 3708 Current date / time: 2012/09/27 00:11:53.0953
00:11:53.0953 3708 SystemInfo:
00:11:53.0953 3708
00:11:53.0953 3708 OS Version: 5.1.2600 ServicePack: 3.0
00:11:53.0953 3708 Product type: Workstation
00:11:53.0953 3708 ComputerName: ACER
00:11:53.0953 3708 UserName: Damaris
00:11:53.0953 3708 Windows directory: C:\WINDOWS
00:11:53.0953 3708 System windows directory: C:\WINDOWS
00:11:53.0953 3708 Processor architecture: Intel x86
00:11:53.0953 3708 Number of processors: 2
00:11:53.0953 3708 Page size: 0x1000
00:11:53.0953 3708 Boot type: Normal boot
00:11:53.0953 3708 ============================================================
00:11:55.0625 3708 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
00:11:55.0625 3708 ============================================================
00:11:55.0625 3708 \Device\Harddisk0\DR0:
00:11:55.0625 3708 MBR partitions:
00:11:55.0625 3708 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xFFFAC05
00:11:55.0625 3708 ============================================================
00:11:55.0656 3708 C: <-> \Device\Harddisk0\DR0\Partition1
00:11:55.0656 3708 ============================================================
00:11:55.0656 3708 Initialize success
00:11:55.0656 3708 ============================================================
00:12:13.0359 3152 ============================================================
00:12:13.0359 3152 Scan started
00:12:13.0359 3152 Mode: Manual; SigCheck; TDLFS;
00:12:13.0359 3152 ============================================================
00:12:13.0500 3152 ================ Scan system memory ========================
00:12:13.0515 3152 System memory - ok
00:12:13.0515 3152 ================ Scan services =============================
00:12:13.0781 3152 Abiosdsk - ok
00:12:13.0781 3152 abp480n5 - ok
00:12:13.0843 3152 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
00:12:14.0437 3152 ACPI - ok
00:12:14.0484 3152 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
00:12:14.0578 3152 ACPIEC - ok
00:12:14.0656 3152 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
00:12:14.0687 3152 AdobeFlashPlayerUpdateSvc - ok
00:12:14.0687 3152 adpu160m - ok
00:12:14.0734 3152 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
00:12:14.0859 3152 aec - ok
00:12:14.0890 3152 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
00:12:14.0953 3152 AFD - ok
00:12:14.0968 3152 Aha154x - ok
00:12:14.0968 3152 aic78u2 - ok
00:12:14.0968 3152 aic78xx - ok
00:12:15.0015 3152 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
00:12:15.0140 3152 Alerter - ok
00:12:15.0156 3152 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
00:12:15.0281 3152 ALG - ok
00:12:15.0281 3152 AliIde - ok
00:12:15.0359 3152 [ 267FC636801EDC5AB28E14036349E3BE ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
00:12:15.0468 3152 Ambfilt - ok
00:12:15.0468 3152 amsint - ok
00:12:15.0562 3152 [ C27D46B06D340293670450FCE9DFB166 ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
00:12:15.0593 3152 AntiVirSchedulerService - ok
00:12:15.0640 3152 [ 72D90E56563165984224493069C69ED4 ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
00:12:15.0656 3152 AntiVirService - ok
00:12:15.0703 3152 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:12:15.0718 3152 Apple Mobile Device - ok
00:12:15.0765 3152 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
00:12:15.0890 3152 AppMgmt - ok
00:12:15.0968 3152 [ E6D433868E1C0B1DEAD8D5F64BB2AF9F ] AR5416 C:\WINDOWS\system32\DRIVERS\athw.sys
00:12:16.0015 3152 AR5416 - ok
00:12:16.0015 3152 asc - ok
00:12:16.0015 3152 asc3350p - ok
00:12:16.0031 3152 asc3550 - ok
00:12:16.0109 3152 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
00:12:16.0125 3152 aspnet_state - ok
00:12:16.0156 3152 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
00:12:16.0281 3152 AsyncMac - ok
00:12:16.0296 3152 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
00:12:16.0406 3152 atapi - ok
00:12:16.0406 3152 Atdisk - ok
00:12:16.0437 3152 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
00:12:16.0562 3152 Atmarpc - ok
00:12:16.0625 3152 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
00:12:16.0734 3152 AudioSrv - ok
00:12:16.0781 3152 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
00:12:16.0890 3152 audstub - ok
00:12:16.0921 3152 [ 0B497C79824F8E1BF22FA6AACD3DE3A0 ] avgio C:\Programme\Avira\AntiVir Desktop\avgio.sys
00:12:16.0937 3152 avgio - ok
00:12:16.0953 3152 [ 1E4114685DE1FFA9675E09C6A1FB3F4B ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
00:12:16.0968 3152 avgntflt - ok
00:12:16.0984 3152 [ 0F78D3DAE6DEDD99AE54C9491C62ADF2 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
00:12:17.0000 3152 avipbb - ok
00:12:17.0046 3152 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
00:12:17.0171 3152 Beep - ok
00:12:17.0203 3152 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
00:12:17.0312 3152 BITS - ok
00:12:17.0359 3152 [ 5AB58C337AC65837FE404462AD6265AB ] Bonjour Service C:\Programme\Bonjour\mDNSResponder.exe
00:12:17.0375 3152 Bonjour Service - ok
00:12:17.0421 3152 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
00:12:17.0468 3152 Browser - ok
00:12:17.0531 3152 [ A44A2873323E7BB5AD3EB2625EA635B2 ] btwdins C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
00:12:17.0562 3152 btwdins - ok
00:12:17.0656 3152 catchme - ok
00:12:17.0671 3152 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
00:12:17.0796 3152 cbidf2k - ok
00:12:17.0828 3152 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
00:12:17.0937 3152 CCDECODE - ok
00:12:17.0937 3152 cd20xrnt - ok
00:12:17.0968 3152 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
00:12:18.0093 3152 Cdaudio - ok
00:12:18.0109 3152 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
00:12:18.0218 3152 Cdfs - ok
00:12:18.0218 3152 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
00:12:18.0312 3152 Cdrom - ok
00:12:18.0328 3152 Changer - ok
00:12:18.0359 3152 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] cisvc C:\WINDOWS\system32\cisvc.exe
00:12:18.0468 3152 cisvc - ok
00:12:18.0468 3152 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
00:12:18.0578 3152 ClipSrv - ok
00:12:18.0593 3152 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:12:18.0609 3152 clr_optimization_v2.0.50727_32 - ok
00:12:18.0640 3152 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
00:12:18.0718 3152 CmBatt - ok
00:12:18.0734 3152 CmdIde - ok
00:12:18.0734 3152 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
00:12:18.0843 3152 Compbatt - ok
00:12:18.0859 3152 COMSysApp - ok
00:12:18.0859 3152 Cpqarray - ok
00:12:18.0875 3152 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
00:12:19.0015 3152 CryptSvc - ok
00:12:19.0015 3152 dac2w2k - ok
00:12:19.0031 3152 dac960nt - ok
00:12:19.0078 3152 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
00:12:19.0156 3152 DcomLaunch - ok
00:12:19.0203 3152 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
00:12:19.0312 3152 Dhcp - ok
00:12:19.0359 3152 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
00:12:19.0468 3152 Disk - ok
00:12:19.0468 3152 dmadmin - ok
00:12:19.0515 3152 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
00:12:19.0640 3152 dmboot - ok
00:12:19.0671 3152 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
00:12:19.0796 3152 dmio - ok
00:12:19.0812 3152 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
00:12:19.0937 3152 dmload - ok
00:12:19.0968 3152 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
00:12:20.0062 3152 dmserver - ok
00:12:20.0093 3152 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
00:12:20.0203 3152 DMusic - ok
00:12:20.0234 3152 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
00:12:20.0296 3152 Dnscache - ok
00:12:20.0343 3152 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
00:12:20.0437 3152 Dot3svc - ok
00:12:20.0437 3152 dpti2o - ok
00:12:20.0453 3152 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
00:12:20.0578 3152 drmkaud - ok
00:12:20.0593 3152 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
00:12:20.0703 3152 EapHost - ok
00:12:20.0750 3152 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
00:12:20.0859 3152 ERSvc - ok
00:12:20.0890 3152 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
00:12:20.0984 3152 Eventlog - ok
00:12:21.0000 3152 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\System32\es.dll
00:12:21.0046 3152 EventSystem - ok
00:12:21.0078 3152 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
00:12:21.0203 3152 Fastfat - ok
00:12:21.0234 3152 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
00:12:21.0281 3152 FastUserSwitchingCompatibility - ok
00:12:21.0296 3152 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
00:12:21.0390 3152 Fdc - ok
00:12:21.0437 3152 [ B73EC688C29F81F9DA0FCF63682B3ECB ] FilterService C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
00:12:21.0453 3152 FilterService - ok
00:12:21.0468 3152 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
00:12:21.0578 3152 Fips - ok
00:12:21.0593 3152 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
00:12:21.0703 3152 Flpydisk - ok
00:12:21.0718 3152 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
00:12:21.0812 3152 FltMgr - ok
00:12:21.0890 3152 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
00:12:21.0906 3152 FontCache3.0.0.0 - ok
00:12:21.0921 3152 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
00:12:22.0031 3152 Fs_Rec - ok
00:12:22.0031 3152 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
00:12:22.0171 3152 Ftdisk - ok
00:12:22.0203 3152 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
00:12:22.0218 3152 GEARAspiWDM - ok
00:12:22.0250 3152 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
00:12:22.0343 3152 Gpc - ok
00:12:22.0359 3152 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
00:12:22.0468 3152 HDAudBus - ok
00:12:22.0546 3152 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
00:12:22.0640 3152 helpsvc - ok
00:12:22.0640 3152 HidServ - ok
00:12:22.0687 3152 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
00:12:22.0781 3152 hkmsvc - ok
00:12:22.0781 3152 hpn - ok
00:12:22.0796 3152 hpt3xx - ok
00:12:22.0828 3152 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
00:12:22.0890 3152 HTTP - ok
00:12:22.0921 3152 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
00:12:23.0031 3152 HTTPFilter - ok
00:12:23.0031 3152 i2omgmt - ok
00:12:23.0046 3152 i2omp - ok
00:12:23.0062 3152 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
00:12:23.0171 3152 i8042prt - ok
00:12:23.0343 3152 [ 1312E0141A7BD409AFADD52FA565927E ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
00:12:23.0828 3152 ialm - ok
00:12:23.0875 3152 [ 58BD7551B0445F3673D96CA380F21822 ] ICQ Service C:\Programme\ICQ6Toolbar\ICQ Service.exe
00:12:23.0921 3152 ICQ Service - ok
00:12:24.0031 3152 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:12:24.0109 3152 idsvc - ok
00:12:24.0156 3152 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\drivers\Imapi.sys
00:12:24.0328 3152 Imapi - ok
00:12:24.0390 3152 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
00:12:24.0562 3152 ImapiService - ok
00:12:24.0578 3152 ini910u - ok
00:12:24.0781 3152 [ 988A112C4061F309CE9C1ABFC971D001 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
00:12:25.0156 3152 IntcAzAudAddService - ok
00:12:25.0171 3152 IntelIde - ok
00:12:25.0203 3152 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
00:12:25.0390 3152 intelppm - ok
00:12:25.0484 3152 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
00:12:25.0656 3152 ip6fw - ok
00:12:25.0687 3152 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
00:12:25.0781 3152 IpFilterDriver - ok
00:12:25.0812 3152 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
00:12:25.0921 3152 IpInIp - ok
00:12:25.0937 3152 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
00:12:26.0046 3152 IpNat - ok
00:12:26.0093 3152 [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service C:\Programme\iPod\bin\iPodService.exe
00:12:26.0140 3152 iPod Service - ok
00:12:26.0171 3152 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
00:12:26.0281 3152 IPSec - ok
00:12:26.0328 3152 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
00:12:26.0437 3152 IRENUM - ok
00:12:26.0453 3152 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
00:12:26.0546 3152 isapnp - ok
00:12:26.0562 3152 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
00:12:26.0671 3152 Kbdclass - ok
00:12:26.0687 3152 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
00:12:26.0812 3152 kmixer - ok
00:12:26.0828 3152 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
00:12:26.0906 3152 KSecDD - ok
00:12:26.0953 3152 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
00:12:27.0015 3152 lanmanserver - ok
00:12:27.0062 3152 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
00:12:27.0140 3152 lanmanworkstation - ok
00:12:27.0140 3152 lbrtfdc - ok
00:12:27.0187 3152 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
00:12:27.0296 3152 LmHosts - ok
00:12:27.0328 3152 [ 1A7DB7A00A4B0D8DA24CD691A4547291 ] LVPr2Mon C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
00:12:27.0343 3152 LVPr2Mon - ok
00:12:27.0437 3152 [ 0DDFDCAA92C7F553328DB06BA599BEA9 ] LVPrcSrv C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe
00:12:27.0468 3152 LVPrcSrv - ok
00:12:27.0515 3152 [ 37072EC9299E825F4335CC554B6FAC6A ] LVRS C:\WINDOWS\system32\DRIVERS\lvrs.sys
00:12:27.0546 3152 LVRS - ok
00:12:27.0765 3152 [ A240E42A7402E927A71B6E8AA4629B13 ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys
00:12:28.0250 3152 LVUVC - ok
00:12:28.0328 3152 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe
00:12:28.0375 3152 McComponentHostService - ok
00:12:28.0421 3152 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
00:12:28.0609 3152 Messenger - ok
00:12:28.0640 3152 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
00:12:28.0750 3152 mnmdd - ok
00:12:28.0765 3152 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
00:12:28.0890 3152 mnmsrvc - ok
00:12:28.0906 3152 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
00:12:29.0031 3152 Modem - ok
00:12:29.0093 3152 [ C7D9F9717916B34C1B00DD4834AF485C ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
00:12:29.0140 3152 Monfilt - ok
00:12:29.0187 3152 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
00:12:29.0281 3152 Mouclass - ok
00:12:29.0296 3152 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
00:12:29.0406 3152 MountMgr - ok
00:12:29.0453 3152 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
00:12:29.0484 3152 MozillaMaintenance - ok
00:12:29.0484 3152 mraid35x - ok
00:12:29.0500 3152 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
00:12:29.0593 3152 MRxDAV - ok
00:12:29.0640 3152 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
00:12:29.0703 3152 MRxSmb - ok
00:12:29.0750 3152 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\System32\msdtc.exe
00:12:29.0843 3152 MSDTC - ok
00:12:29.0859 3152 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
00:12:29.0953 3152 Msfs - ok
00:12:29.0968 3152 MSIServer - ok
00:12:29.0984 3152 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
00:12:30.0093 3152 MSKSSRV - ok
00:12:30.0125 3152 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
00:12:30.0218 3152 MSPCLOCK - ok
00:12:30.0218 3152 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
00:12:30.0343 3152 MSPQM - ok
00:12:30.0343 3152 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
00:12:30.0437 3152 mssmbios - ok
00:12:30.0453 3152 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
00:12:30.0562 3152 MSTEE - ok
00:12:30.0609 3152 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
00:12:30.0671 3152 Mup - ok
00:12:30.0703 3152 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
00:12:30.0796 3152 NABTSFEC - ok
00:12:30.0828 3152 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
00:12:30.0937 3152 napagent - ok
00:12:30.0968 3152 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
00:12:31.0062 3152 NDIS - ok
00:12:31.0093 3152 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
00:12:31.0171 3152 NdisIP - ok
00:12:31.0203 3152 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
00:12:31.0250 3152 NdisTapi - ok
00:12:31.0281 3152 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
00:12:31.0390 3152 Ndisuio - ok
00:12:31.0406 3152 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
00:12:31.0515 3152 NdisWan - ok
00:12:31.0546 3152 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
00:12:31.0609 3152 NDProxy - ok
00:12:31.0640 3152 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
00:12:31.0734 3152 NetBIOS - ok
00:12:31.0781 3152 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
00:12:31.0875 3152 NetBT - ok
00:12:31.0921 3152 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
00:12:32.0046 3152 NetDDE - ok
00:12:32.0062 3152 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
00:12:32.0140 3152 NetDDEdsdm - ok
00:12:32.0156 3152 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
00:12:32.0265 3152 Netlogon - ok
00:12:32.0281 3152 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
00:12:32.0390 3152 Netman - ok
00:12:32.0421 3152 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:12:32.0437 3152 NetTcpPortSharing - ok
00:12:32.0468 3152 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
00:12:32.0515 3152 Nla - ok
00:12:32.0531 3152 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
00:12:32.0625 3152 Npfs - ok
00:12:32.0671 3152 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
00:12:32.0765 3152 Ntfs - ok
00:12:32.0796 3152 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
00:12:32.0906 3152 NtLmSsp - ok
00:12:32.0968 3152 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
00:12:33.0093 3152 NtmsSvc - ok
00:12:33.0109 3152 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
00:12:33.0203 3152 Null - ok
00:12:33.0234 3152 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
00:12:33.0343 3152 NwlnkFlt - ok
00:12:33.0359 3152 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
00:12:33.0468 3152 NwlnkFwd - ok
00:12:33.0562 3152 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
00:12:33.0593 3152 odserv - ok
00:12:33.0625 3152 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
00:12:33.0656 3152 ose - ok
00:12:33.0687 3152 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\drivers\Parport.sys
00:12:33.0781 3152 Parport - ok
00:12:33.0828 3152 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
00:12:33.0921 3152 PartMgr - ok
00:12:33.0937 3152 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
00:12:34.0078 3152 ParVdm - ok
00:12:34.0078 3152 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
00:12:34.0218 3152 PCI - ok
00:12:34.0218 3152 PCIDump - ok
00:12:34.0250 3152 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
00:12:34.0406 3152 PCIIde - ok
00:12:34.0484 3152 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
00:12:34.0593 3152 Pcmcia - ok
00:12:34.0609 3152 PDCOMP - ok
00:12:34.0609 3152 PDFRAME - ok
00:12:34.0625 3152 PDRELI - ok
00:12:34.0625 3152 PDRFRAME - ok
00:12:34.0625 3152 perc2 - ok
00:12:34.0640 3152 perc2hib - ok
00:12:34.0671 3152 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
00:12:34.0718 3152 PlugPlay - ok
00:12:34.0734 3152 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
00:12:34.0859 3152 PolicyAgent - ok
00:12:34.0906 3152 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
00:12:35.0046 3152 PptpMiniport - ok
00:12:35.0078 3152 [ 2CB55427C58679F49AD600FCCBA76360 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
00:12:35.0203 3152 Processor - ok
00:12:35.0203 3152 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
00:12:35.0296 3152 ProtectedStorage - ok
00:12:35.0296 3152 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
00:12:35.0390 3152 PSched - ok
00:12:35.0421 3152 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
00:12:35.0546 3152 Ptilink - ok
00:12:35.0562 3152 ql1080 - ok
00:12:35.0562 3152 Ql10wnt - ok
00:12:35.0578 3152 ql12160 - ok
00:12:35.0578 3152 ql1240 - ok
00:12:35.0578 3152 ql1280 - ok
00:12:35.0609 3152 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
00:12:35.0718 3152 RasAcd - ok
00:12:35.0750 3152 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
00:12:35.0859 3152 RasAuto - ok
00:12:35.0875 3152 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
00:12:35.0968 3152 Rasl2tp - ok
00:12:36.0015 3152 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
00:12:36.0109 3152 RasMan - ok
00:12:36.0125 3152 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
00:12:36.0218 3152 RasPppoe - ok
00:12:36.0218 3152 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
00:12:36.0343 3152 Raspti - ok
00:12:36.0359 3152 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
00:12:36.0468 3152 Rdbss - ok
00:12:36.0484 3152 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
00:12:36.0609 3152 RDPCDD - ok
00:12:36.0625 3152 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
00:12:36.0734 3152 rdpdr - ok
00:12:36.0765 3152 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
00:12:36.0812 3152 RDPWD - ok
00:12:36.0843 3152 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
00:12:36.0953 3152 RDSessMgr - ok
00:12:36.0968 3152 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
00:12:37.0078 3152 redbook - ok
00:12:37.0093 3152 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
00:12:37.0203 3152 RemoteAccess - ok
00:12:37.0234 3152 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
00:12:37.0328 3152 RemoteRegistry - ok
00:12:37.0375 3152 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\System32\locator.exe
00:12:37.0484 3152 RpcLocator - ok
00:12:37.0515 3152 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\System32\rpcss.dll
00:12:37.0546 3152 RpcSs - ok
00:12:37.0625 3152 [ 0340A381B920A6E68178B832889F33F8 ] RSUSBSTOR C:\WINDOWS\system32\Drivers\RtsUStor.sys
00:12:37.0640 3152 RSUSBSTOR - ok
00:12:37.0656 3152 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\System32\rsvp.exe
00:12:37.0796 3152 RSVP - ok
00:12:37.0812 3152 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
00:12:37.0921 3152 SamSs - ok
00:12:37.0968 3152 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
00:12:38.0078 3152 SCardSvr - ok
00:12:38.0125 3152 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
00:12:38.0218 3152 Schedule - ok
00:12:38.0250 3152 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
00:12:38.0343 3152 Secdrv - ok
00:12:38.0359 3152 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
00:12:38.0453 3152 seclogon - ok
00:12:38.0453 3152 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
00:12:38.0562 3152 SENS - ok
00:12:38.0593 3152 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\drivers\Serial.sys
00:12:38.0703 3152 Serial - ok
00:12:38.0734 3152 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
00:12:38.0843 3152 Sfloppy - ok
00:12:38.0890 3152 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
00:12:39.0000 3152 SharedAccess - ok
00:12:39.0015 3152 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
00:12:39.0031 3152 ShellHWDetection - ok
00:12:39.0046 3152 Simbad - ok
00:12:39.0062 3152 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
00:12:39.0156 3152 SLIP - ok
00:12:39.0156 3152 Sparrow - ok
00:12:39.0171 3152 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
00:12:39.0265 3152 splitter - ok
00:12:39.0296 3152 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
00:12:39.0328 3152 Spooler - ok
00:12:39.0390 3152 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
00:12:39.0484 3152 sr - ok
00:12:39.0531 3152 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
00:12:39.0625 3152 srservice - ok
00:12:39.0671 3152 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
00:12:39.0750 3152 Srv - ok
00:12:39.0781 3152 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
00:12:39.0890 3152 SSDPSRV - ok
00:12:39.0937 3152 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
00:12:39.0953 3152 ssmdrv - ok
00:12:40.0000 3152 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
00:12:40.0140 3152 stisvc - ok
00:12:40.0171 3152 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
00:12:40.0281 3152 streamip - ok
00:12:40.0390 3152 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
00:12:40.0531 3152 swenum - ok
00:12:40.0562 3152 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
00:12:40.0703 3152 swmidi - ok
00:12:40.0718 3152 SwPrv - ok
00:12:40.0718 3152 symc810 - ok
00:12:40.0734 3152 symc8xx - ok
00:12:40.0734 3152 sym_hi - ok
00:12:40.0750 3152 sym_u3 - ok
00:12:40.0781 3152 [ D776EB85A20696D9D43129CCF6E703E2 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
00:12:40.0812 3152 SynTP - ok
00:12:40.0828 3152 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
00:12:40.0968 3152 sysaudio - ok
00:12:41.0015 3152 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
00:12:41.0140 3152 SysmonLog - ok
00:12:41.0156 3152 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
00:12:41.0281 3152 TapiSrv - ok
00:12:41.0328 3152 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
00:12:41.0406 3152 Tcpip - ok
00:12:41.0437 3152 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
00:12:41.0515 3152 TDPIPE - ok
00:12:41.0531 3152 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
00:12:41.0640 3152 TDTCP - ok
00:12:41.0671 3152 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
00:12:41.0765 3152 TermDD - ok
00:12:41.0812 3152 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
00:12:41.0921 3152 TermService - ok
00:12:41.0937 3152 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
00:12:41.0953 3152 Themes - ok
00:12:42.0000 3152 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\System32\tlntsvr.exe
00:12:42.0109 3152 TlntSvr - ok
00:12:42.0109 3152 TosIde - ok
00:12:42.0140 3152 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
00:12:42.0234 3152 TrkWks - ok
00:12:42.0250 3152 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
00:12:42.0359 3152 Udfs - ok
00:12:42.0375 3152 ultra - ok
00:12:42.0421 3152 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
00:12:42.0562 3152 Update - ok
00:12:42.0593 3152 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
00:12:42.0687 3152 upnphost - ok
00:12:42.0718 3152 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
00:12:42.0796 3152 UPS - ok
00:12:42.0843 3152 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
00:12:42.0890 3152 USBAAPL - ok
00:12:42.0937 3152 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
00:12:43.0062 3152 usbaudio - ok
00:12:43.0078 3152 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
00:12:43.0187 3152 usbccgp - ok
00:12:43.0234 3152 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
00:12:43.0343 3152 usbehci - ok
00:12:43.0359 3152 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
00:12:43.0437 3152 usbhub - ok
00:12:43.0468 3152 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
00:12:43.0562 3152 usbprint - ok
00:12:43.0578 3152 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
00:12:43.0687 3152 usbscan - ok
00:12:43.0703 3152 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
00:12:43.0812 3152 USBSTOR - ok
00:12:43.0828 3152 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
00:12:43.0921 3152 usbuhci - ok
00:12:43.0953 3152 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
00:12:44.0062 3152 usbvideo - ok
00:12:44.0078 3152 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
00:12:44.0171 3152 VgaSave - ok
00:12:44.0171 3152 ViaIde - ok
00:12:44.0187 3152 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
00:12:44.0296 3152 VolSnap - ok
00:12:44.0328 3152 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
00:12:44.0437 3152 VSS - ok
00:12:44.0453 3152 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
00:12:44.0562 3152 W32Time - ok
00:12:44.0609 3152 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
00:12:44.0718 3152 Wanarp - ok
00:12:44.0765 3152 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
00:12:44.0796 3152 Wdf01000 - ok
00:12:44.0796 3152 WDICA - ok
00:12:44.0843 3152 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
00:12:44.0937 3152 wdmaud - ok
00:12:44.0968 3152 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
00:12:45.0078 3152 WebClient - ok
00:12:45.0156 3152 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
00:12:45.0250 3152 winmgmt - ok
00:12:45.0296 3152 [ 6E18978B749F0696A774DE3F2CB142DD ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
00:12:45.0390 3152 WmdmPmSN - ok
00:12:45.0421 3152 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll
00:12:45.0484 3152 Wmi - ok
00:12:45.0500 3152 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
00:12:45.0609 3152 WmiAcpi - ok
00:12:45.0640 3152 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
00:12:45.0750 3152 WmiApSrv - ok
00:12:45.0796 3152 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
00:12:45.0921 3152 WS2IFSL - ok
00:12:45.0953 3152 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
00:12:46.0046 3152 wscsvc - ok
00:12:46.0078 3152 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
00:12:46.0156 3152 WSTCODEC - ok
00:12:46.0187 3152 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
00:12:46.0281 3152 wuauserv - ok
00:12:46.0343 3152 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
00:12:46.0453 3152 WZCSVC - ok
00:12:46.0468 3152 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
00:12:46.0562 3152 xmlprov - ok
00:12:46.0578 3152 ================ Scan global ===============================
00:12:46.0609 3152 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
00:12:46.0671 3152 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
00:12:46.0687 3152 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
00:12:46.0718 3152 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
00:12:46.0718 3152 [Global] - ok
00:12:46.0718 3152 ================ Scan MBR ==================================
00:12:46.0734 3152 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
00:12:47.0015 3152 \Device\Harddisk0\DR0 - ok
00:12:47.0015 3152 ================ Scan VBR ==================================
00:12:47.0015 3152 [ C07ED685A652822BC18CA7561A8AB628 ] \Device\Harddisk0\DR0\Partition1
00:12:47.0031 3152 \Device\Harddisk0\DR0\Partition1 - ok
00:12:47.0031 3152 ============================================================
00:12:47.0031 3152 Scan finished
00:12:47.0031 3152 ============================================================
00:12:47.0140 3588 Detected object count: 0
00:12:47.0140 3588 Actual detected object count: 0
00:14:45.0109 3004 ============================================================
00:14:45.0109 3004 Scan started
00:14:45.0109 3004 Mode: Manual; SigCheck; TDLFS;
00:14:45.0109 3004 ============================================================
00:14:45.0375 3004 ================ Scan system memory ========================
00:14:45.0390 3004 System memory - ok
00:14:45.0390 3004 ================ Scan services =============================
00:14:45.0640 3004 Abiosdsk - ok
00:14:45.0656 3004 abp480n5 - ok
00:14:45.0703 3004 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
00:14:46.0125 3004 ACPI - ok
00:14:46.0203 3004 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
00:14:46.0328 3004 ACPIEC - ok
00:14:46.0375 3004 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
00:14:46.0390 3004 AdobeFlashPlayerUpdateSvc - ok
00:14:46.0390 3004 adpu160m - ok
00:14:46.0437 3004 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
00:14:46.0531 3004 aec - ok
00:14:46.0562 3004 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
00:14:46.0593 3004 AFD - ok
00:14:46.0609 3004 Aha154x - ok
00:14:46.0609 3004 aic78u2 - ok
00:14:46.0609 3004 aic78xx - ok
00:14:46.0656 3004 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
00:14:46.0750 3004 Alerter - ok
00:14:46.0765 3004 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
00:14:46.0875 3004 ALG - ok
00:14:46.0875 3004 AliIde - ok
00:14:46.0953 3004 [ 267FC636801EDC5AB28E14036349E3BE ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
00:14:47.0000 3004 Ambfilt - ok
00:14:47.0015 3004 amsint - ok
00:14:47.0125 3004 [ C27D46B06D340293670450FCE9DFB166 ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
00:14:47.0140 3004 AntiVirSchedulerService - ok
00:14:47.0187 3004 [ 72D90E56563165984224493069C69ED4 ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
00:14:47.0203 3004 AntiVirService - ok
00:14:47.0265 3004 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:14:47.0265 3004 Apple Mobile Device - ok
00:14:47.0312 3004 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
00:14:47.0421 3004 AppMgmt - ok
00:14:47.0500 3004 [ E6D433868E1C0B1DEAD8D5F64BB2AF9F ] AR5416 C:\WINDOWS\system32\DRIVERS\athw.sys
00:14:47.0546 3004 AR5416 - ok
00:14:47.0562 3004 asc - ok
00:14:47.0562 3004 asc3350p - ok
00:14:47.0562 3004 asc3550 - ok
00:14:47.0640 3004 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
00:14:47.0656 3004 aspnet_state - ok
00:14:47.0703 3004 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
00:14:47.0843 3004 AsyncMac - ok
00:14:47.0859 3004 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
00:14:47.0984 3004 atapi - ok
00:14:47.0984 3004 Atdisk - ok
00:14:48.0093 3004 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
00:14:48.0265 3004 Atmarpc - ok
00:14:48.0296 3004 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
00:14:48.0390 3004 AudioSrv - ok
00:14:48.0421 3004 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
00:14:48.0531 3004 audstub - ok
00:14:48.0562 3004 [ 0B497C79824F8E1BF22FA6AACD3DE3A0 ] avgio C:\Programme\Avira\AntiVir Desktop\avgio.sys
00:14:48.0578 3004 avgio - ok
00:14:48.0593 3004 [ 1E4114685DE1FFA9675E09C6A1FB3F4B ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
00:14:48.0593 3004 avgntflt - ok
00:14:48.0609 3004 [ 0F78D3DAE6DEDD99AE54C9491C62ADF2 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
00:14:48.0625 3004 avipbb - ok
00:14:48.0671 3004 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
00:14:48.0781 3004 Beep - ok
00:14:48.0828 3004 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
00:14:48.0921 3004 BITS - ok
00:14:48.0968 3004 [ 5AB58C337AC65837FE404462AD6265AB ] Bonjour Service C:\Programme\Bonjour\mDNSResponder.exe
00:14:48.0984 3004 Bonjour Service - ok
00:14:49.0031 3004 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
00:14:49.0078 3004 Browser - ok
00:14:49.0140 3004 [ A44A2873323E7BB5AD3EB2625EA635B2 ] btwdins C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
00:14:49.0156 3004 btwdins - ok
00:14:49.0250 3004 catchme - ok
00:14:49.0265 3004 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
00:14:49.0375 3004 cbidf2k - ok
00:14:49.0421 3004 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
00:14:49.0546 3004 CCDECODE - ok
00:14:49.0562 3004 cd20xrnt - ok
00:14:49.0593 3004 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
00:14:49.0781 3004 Cdaudio - ok
00:14:49.0875 3004 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
00:14:50.0093 3004 Cdfs - ok
00:14:50.0125 3004 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
00:14:50.0218 3004 Cdrom - ok
00:14:50.0218 3004 Changer - ok
00:14:50.0250 3004 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] cisvc C:\WINDOWS\system32\cisvc.exe
00:14:50.0406 3004 cisvc - ok
00:14:50.0421 3004 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
00:14:50.0531 3004 ClipSrv - ok
00:14:50.0609 3004 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:14:50.0609 3004 clr_optimization_v2.0.50727_32 - ok
00:14:50.0640 3004 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
00:14:50.0750 3004 CmBatt - ok
00:14:50.0750 3004 CmdIde - ok
00:14:50.0765 3004 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
00:14:50.0890 3004 Compbatt - ok
00:14:50.0906 3004 COMSysApp - ok
00:14:50.0906 3004 Cpqarray - ok
00:14:50.0953 3004 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
00:14:51.0062 3004 CryptSvc - ok
00:14:51.0062 3004 dac2w2k - ok
00:14:51.0062 3004 dac960nt - ok
00:14:51.0109 3004 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
00:14:51.0187 3004 DcomLaunch - ok
00:14:51.0234 3004 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
00:14:51.0328 3004 Dhcp - ok
00:14:51.0343 3004 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
00:14:51.0437 3004 Disk - ok
00:14:51.0437 3004 dmadmin - ok
00:14:51.0468 3004 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
00:14:51.0593 3004 dmboot - ok
00:14:51.0609 3004 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
00:14:51.0718 3004 dmio - ok
00:14:51.0750 3004 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
00:14:51.0859 3004 dmload - ok
00:14:51.0906 3004 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
00:14:51.0984 3004 dmserver - ok
00:14:52.0000 3004 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
00:14:52.0109 3004 DMusic - ok
00:14:52.0140 3004 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
00:14:52.0187 3004 Dnscache - ok
00:14:52.0234 3004 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
00:14:52.0328 3004 Dot3svc - ok
00:14:52.0328 3004 dpti2o - ok
00:14:52.0359 3004 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
00:14:52.0453 3004 drmkaud - ok
00:14:52.0484 3004 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
00:14:52.0593 3004 EapHost - ok
00:14:52.0625 3004 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
00:14:52.0718 3004 ERSvc - ok
00:14:52.0750 3004 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
00:14:52.0812 3004 Eventlog - ok
00:14:52.0843 3004 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\System32\es.dll
00:14:52.0875 3004 EventSystem - ok
00:14:52.0906 3004 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
00:14:53.0000 3004 Fastfat - ok
00:14:53.0046 3004 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
00:14:53.0078 3004 FastUserSwitchingCompatibility - ok
00:14:53.0093 3004 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
00:14:53.0171 3004 Fdc - ok
00:14:53.0218 3004 [ B73EC688C29F81F9DA0FCF63682B3ECB ] FilterService C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
00:14:53.0234 3004 FilterService - ok
00:14:53.0250 3004 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
00:14:53.0343 3004 Fips - ok
00:14:53.0359 3004 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
00:14:53.0468 3004 Flpydisk - ok
00:14:53.0484 3004 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
00:14:53.0578 3004 FltMgr - ok
00:14:53.0656 3004 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
00:14:53.0671 3004 FontCache3.0.0.0 - ok
00:14:53.0687 3004 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
00:14:53.0781 3004 Fs_Rec - ok
00:14:53.0781 3004 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
00:14:53.0906 3004 Ftdisk - ok
00:14:53.0953 3004 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
00:14:53.0953 3004 GEARAspiWDM - ok
00:14:53.0984 3004 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
00:14:54.0078 3004 Gpc - ok
00:14:54.0093 3004 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
00:14:54.0187 3004 HDAudBus - ok
00:14:54.0265 3004 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
00:14:54.0359 3004 helpsvc - ok
00:14:54.0359 3004 HidServ - ok
00:14:54.0406 3004 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
00:14:54.0484 3004 hkmsvc - ok
00:14:54.0484 3004 hpn - ok
00:14:54.0500 3004 hpt3xx - ok
00:14:54.0546 3004 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
00:14:54.0578 3004 HTTP - ok
00:14:54.0609 3004 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
00:14:54.0718 3004 HTTPFilter - ok
00:14:54.0718 3004 i2omgmt - ok
00:14:54.0734 3004 i2omp - ok
00:14:54.0750 3004 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
00:14:54.0828 3004 i8042prt - ok
00:14:55.0015 3004 [ 1312E0141A7BD409AFADD52FA565927E ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
00:14:55.0187 3004 ialm - ok
00:14:55.0250 3004 [ 58BD7551B0445F3673D96CA380F21822 ] ICQ Service C:\Programme\ICQ6Toolbar\ICQ Service.exe
00:14:55.0250 3004 ICQ Service - ok
00:14:55.0375 3004 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:14:55.0421 3004 idsvc - ok
00:14:55.0453 3004 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\drivers\Imapi.sys
00:14:55.0625 3004 Imapi - ok
00:14:55.0656 3004 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
00:14:55.0812 3004 ImapiService - ok
00:14:55.0828 3004 ini910u - ok
00:14:56.0031 3004 [ 988A112C4061F309CE9C1ABFC971D001 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
00:14:56.0187 3004 IntcAzAudAddService - ok
00:14:56.0203 3004 IntelIde - ok
00:14:56.0234 3004 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
00:14:56.0343 3004 intelppm - ok
00:14:56.0359 3004 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
00:14:56.0500 3004 ip6fw - ok
00:14:56.0609 3004 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
00:14:56.0734 3004 IpFilterDriver - ok
00:14:56.0765 3004 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
00:14:56.0906 3004 IpInIp - ok
00:14:56.0921 3004 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
00:14:57.0031 3004 IpNat - ok
00:14:57.0093 3004 [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service C:\Programme\iPod\bin\iPodService.exe
00:14:57.0125 3004 iPod Service - ok
00:14:57.0171 3004 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
00:14:57.0296 3004 IPSec - ok
00:14:57.0328 3004 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
00:14:57.0453 3004 IRENUM - ok
00:14:57.0484 3004 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
00:14:57.0593 3004 isapnp - ok
00:14:57.0625 3004 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
00:14:57.0750 3004 Kbdclass - ok
00:14:57.0765 3004 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
00:14:57.0906 3004 kmixer - ok
00:14:57.0937 3004 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
00:14:57.0968 3004 KSecDD - ok
00:14:58.0000 3004 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
00:14:58.0031 3004 lanmanserver - ok
00:14:58.0078 3004 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
00:14:58.0109 3004 lanmanworkstation - ok
00:14:58.0109 3004 lbrtfdc - ok
00:14:58.0171 3004 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
00:14:58.0296 3004 LmHosts - ok
00:14:58.0390 3004 [ 1A7DB7A00A4B0D8DA24CD691A4547291 ] LVPr2Mon C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
00:14:58.0406 3004 LVPr2Mon - ok
00:14:58.0484 3004 [ 0DDFDCAA92C7F553328DB06BA599BEA9 ] LVPrcSrv C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe
00:14:58.0515 3004 LVPrcSrv - ok
00:14:58.0562 3004 [ 37072EC9299E825F4335CC554B6FAC6A ] LVRS C:\WINDOWS\system32\DRIVERS\lvrs.sys
00:14:58.0578 3004 LVRS - ok
00:14:58.0796 3004 [ A240E42A7402E927A71B6E8AA4629B13 ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys
00:14:59.0062 3004 LVUVC - ok
00:14:59.0140 3004 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe
00:14:59.0171 3004 McComponentHostService - ok
00:14:59.0203 3004 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
00:14:59.0375 3004 Messenger - ok
00:14:59.0421 3004 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
00:14:59.0593 3004 mnmdd - ok
00:14:59.0609 3004 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
00:14:59.0718 3004 mnmsrvc - ok
00:14:59.0750 3004 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
00:14:59.0859 3004 Modem - ok
00:14:59.0921 3004 [ C7D9F9717916B34C1B00DD4834AF485C ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
00:14:59.0953 3004 Monfilt - ok
00:15:00.0000 3004 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
00:15:00.0093 3004 Mouclass - ok
00:15:00.0125 3004 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
00:15:00.0218 3004 MountMgr - ok
00:15:00.0265 3004 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
00:15:00.0281 3004 MozillaMaintenance - ok
00:15:00.0281 3004 mraid35x - ok
00:15:00.0296 3004 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
00:15:00.0390 3004 MRxDAV - ok
00:15:00.0437 3004 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
00:15:00.0468 3004 MRxSmb - ok
00:15:00.0515 3004 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\System32\msdtc.exe
00:15:00.0609 3004 MSDTC - ok
00:15:00.0640 3004 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
00:15:00.0718 3004 Msfs - ok
00:15:00.0734 3004 MSIServer - ok
00:15:00.0750 3004 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
00:15:00.0859 3004 MSKSSRV - ok
00:15:00.0890 3004 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
00:15:00.0968 3004 MSPCLOCK - ok
00:15:00.0984 3004 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
00:15:01.0078 3004 MSPQM - ok
00:15:01.0093 3004 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
00:15:01.0187 3004 mssmbios - ok
00:15:01.0203 3004 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
00:15:01.0312 3004 MSTEE - ok
00:15:01.0359 3004 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
00:15:01.0390 3004 Mup - ok
00:15:01.0421 3004 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
00:15:01.0500 3004 NABTSFEC - ok
00:15:01.0546 3004 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
00:15:01.0640 3004 napagent - ok
00:15:01.0671 3004 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
00:15:01.0765 3004 NDIS - ok
00:15:01.0781 3004 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
00:15:01.0875 3004 NdisIP - ok
00:15:01.0906 3004 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
00:15:01.0921 3004 NdisTapi - ok
00:15:01.0953 3004 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
00:15:02.0046 3004 Ndisuio - ok
00:15:02.0062 3004 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
00:15:02.0156 3004 NdisWan - ok
00:15:02.0187 3004 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
00:15:02.0218 3004 NDProxy - ok
00:15:02.0234 3004 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
00:15:02.0343 3004 NetBIOS - ok
00:15:02.0343 3004 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
00:15:02.0453 3004 NetBT - ok
00:15:02.0500 3004 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
00:15:02.0609 3004 NetDDE - ok
00:15:02.0609 3004 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
00:15:02.0687 3004 NetDDEdsdm - ok
00:15:02.0718 3004 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
00:15:02.0812 3004 Netlogon - ok
00:15:02.0828 3004 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
00:15:02.0921 3004 Netman - ok
00:15:02.0937 3004 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:15:02.0953 3004 NetTcpPortSharing - ok
00:15:02.0984 3004 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
00:15:03.0015 3004 Nla - ok
00:15:03.0046 3004 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
00:15:03.0125 3004 Npfs - ok
00:15:03.0171 3004 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
00:15:03.0281 3004 Ntfs - ok
00:15:03.0296 3004 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
00:15:03.0375 3004 NtLmSsp - ok
00:15:03.0421 3004 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
00:15:03.0531 3004 NtmsSvc - ok
00:15:03.0546 3004 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
00:15:03.0640 3004 Null - ok
00:15:03.0671 3004 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
00:15:03.0781 3004 NwlnkFlt - ok
00:15:03.0781 3004 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
00:15:03.0875 3004 NwlnkFwd - ok
00:15:03.0984 3004 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
00:15:04.0000 3004 odserv - ok
00:15:04.0031 3004 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
00:15:04.0046 3004 ose - ok
00:15:04.0078 3004 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\drivers\Parport.sys
00:15:04.0187 3004 Parport - ok
00:15:04.0234 3004 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
00:15:04.0328 3004 PartMgr - ok
00:15:04.0343 3004 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
00:15:04.0453 3004 ParVdm - ok
00:15:04.0468 3004 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
00:15:04.0546 3004 PCI - ok
00:15:04.0546 3004 PCIDump - ok
00:15:04.0578 3004 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
00:15:04.0687 3004 PCIIde - ok
00:15:04.0718 3004 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
00:15:04.0812 3004 Pcmcia - ok
00:15:04.0812 3004 PDCOMP - ok
00:15:04.0812 3004 PDFRAME - ok
00:15:04.0828 3004 PDRELI - ok
00:15:04.0828 3004 PDRFRAME - ok
00:15:04.0828 3004 perc2 - ok
00:15:04.0843 3004 perc2hib - ok
00:15:04.0875 3004 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
00:15:04.0921 3004 PlugPlay - ok
00:15:04.0921 3004 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
00:15:05.0000 3004 PolicyAgent - ok
00:15:05.0046 3004 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
00:15:05.0140 3004 PptpMiniport - ok
00:15:05.0171 3004 [ 2CB55427C58679F49AD600FCCBA76360 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
00:15:05.0265 3004 Processor - ok
00:15:05.0265 3004 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
00:15:05.0343 3004 ProtectedStorage - ok
00:15:05.0359 3004 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
00:15:05.0453 3004 PSched - ok
00:15:05.0468 3004 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
00:15:05.0562 3004 Ptilink - ok
00:15:05.0578 3004 ql1080 - ok
00:15:05.0578 3004 Ql10wnt - ok
00:15:05.0578 3004 ql12160 - ok
00:15:05.0593 3004 ql1240 - ok
00:15:05.0593 3004 ql1280 - ok
00:15:05.0640 3004 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
00:15:05.0734 3004 RasAcd - ok
00:15:05.0765 3004 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
00:15:05.0875 3004 RasAuto - ok
00:15:05.0890 3004 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
00:15:05.0984 3004 Rasl2tp - ok
00:15:06.0031 3004 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
00:15:06.0125 3004 RasMan - ok
00:15:06.0140 3004 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
00:15:06.0218 3004 RasPppoe - ok
00:15:06.0234 3004 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
00:15:06.0328 3004 Raspti - ok
00:15:06.0343 3004 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
00:15:06.0437 3004 Rdbss - ok
00:15:06.0453 3004 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
00:15:06.0546 3004 RDPCDD - ok
00:15:06.0593 3004 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
00:15:06.0687 3004 rdpdr - ok
00:15:06.0718 3004 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
00:15:06.0734 3004 RDPWD - ok
00:15:06.0765 3004 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
00:15:06.0859 3004 RDSessMgr - ok
00:15:06.0875 3004 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
00:15:06.0968 3004 redbook - ok
00:15:07.0000 3004 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
00:15:07.0109 3004 RemoteAccess - ok
00:15:07.0140 3004 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
00:15:07.0218 3004 RemoteRegistry - ok
00:15:07.0234 3004 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\System32\locator.exe
00:15:07.0328 3004 RpcLocator - ok
00:15:07.0359 3004 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\System32\rpcss.dll
00:15:07.0390 3004 RpcSs - ok
00:15:07.0421 3004 [ 0340A381B920A6E68178B832889F33F8 ] RSUSBSTOR C:\WINDOWS\system32\Drivers\RtsUStor.sys
00:15:07.0437 3004 RSUSBSTOR - ok
00:15:07.0484 3004 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\System32\rsvp.exe
00:15:07.0578 3004 RSVP - ok
00:15:07.0609 3004 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
00:15:07.0687 3004 SamSs - ok
00:15:07.0718 3004 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
00:15:07.0812 3004 SCardSvr - ok
00:15:07.0859 3004 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
00:15:07.0953 3004 Schedule - ok
00:15:07.0968 3004 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
00:15:08.0062 3004 Secdrv - ok
00:15:08.0078 3004 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
00:15:08.0171 3004 seclogon - ok
00:15:08.0171 3004 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
00:15:08.0281 3004 SENS - ok
00:15:08.0281 3004 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\drivers\Serial.sys
00:15:08.0390 3004 Serial - ok
00:15:08.0421 3004 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
00:15:08.0515 3004 Sfloppy - ok
00:15:08.0578 3004 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
00:15:08.0687 3004 SharedAccess - ok
00:15:08.0703 3004 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
00:15:08.0718 3004 ShellHWDetection - ok
00:15:08.0718 3004 Simbad - ok
00:15:08.0734 3004 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
00:15:08.0812 3004 SLIP - ok
00:15:08.0828 3004 Sparrow - ok
00:15:08.0843 3004 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
00:15:08.0937 3004 splitter - ok
00:15:08.0953 3004 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
00:15:08.0984 3004 Spooler - ok
00:15:09.0031 3004 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
00:15:09.0125 3004 sr - ok
00:15:09.0171 3004 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
00:15:09.0281 3004 srservice - ok
00:15:09.0312 3004 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
00:15:09.0375 3004 Srv - ok
00:15:09.0390 3004 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
00:15:09.0500 3004 SSDPSRV - ok
00:15:09.0546 3004 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
00:15:09.0546 3004 ssmdrv - ok
00:15:09.0609 3004 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
00:15:09.0734 3004 stisvc - ok
00:15:09.0765 3004 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
00:15:09.0859 3004 streamip - ok
00:15:09.0890 3004 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
00:15:10.0000 3004 swenum - ok
00:15:10.0031 3004 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
00:15:10.0156 3004 swmidi - ok
00:15:10.0171 3004 SwPrv - ok
00:15:10.0171 3004 symc810 - ok
00:15:10.0187 3004 symc8xx - ok
00:15:10.0187 3004 sym_hi - ok
00:15:10.0187 3004 sym_u3 - ok
00:15:10.0312 3004 [ D776EB85A20696D9D43129CCF6E703E2 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
00:15:10.0328 3004 SynTP - ok
00:15:10.0359 3004 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
00:15:10.0468 3004 sysaudio - ok
00:15:10.0500 3004 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
00:15:10.0625 3004 SysmonLog - ok
00:15:10.0671 3004 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
00:15:10.0781 3004 TapiSrv - ok
00:15:10.0828 3004 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
00:15:10.0890 3004 Tcpip - ok
00:15:10.0921 3004 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
00:15:11.0015 3004 TDPIPE - ok
00:15:11.0015 3004 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
00:15:11.0125 3004 TDTCP - ok
00:15:11.0140 3004 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
00:15:11.0218 3004 TermDD - ok
00:15:11.0265 3004 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
00:15:11.0375 3004 TermService - ok
00:15:11.0390 3004 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
00:15:11.0406 3004 Themes - ok
00:15:11.0453 3004 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\System32\tlntsvr.exe
00:15:11.0546 3004 TlntSvr - ok
00:15:11.0546 3004 TosIde - ok
00:15:11.0578 3004 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
00:15:11.0671 3004 TrkWks - ok
00:15:11.0703 3004 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
00:15:11.0812 3004 Udfs - ok
00:15:11.0812 3004 ultra - ok
00:15:11.0859 3004 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
00:15:11.0984 3004 Update - ok
00:15:12.0015 3004 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
00:15:12.0109 3004 upnphost - ok
00:15:12.0125 3004 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
00:15:12.0203 3004 UPS - ok
00:15:12.0250 3004 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
00:15:12.0281 3004 USBAAPL - ok
00:15:12.0312 3004 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
00:15:12.0406 3004 usbaudio - ok
00:15:12.0437 3004 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
00:15:12.0531 3004 usbccgp - ok
00:15:12.0593 3004 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
00:15:12.0687 3004 usbehci - ok
00:15:12.0703 3004 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
00:15:12.0781 3004 usbhub - ok
00:15:12.0812 3004 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
00:15:12.0890 3004 usbprint - ok
00:15:12.0921 3004 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
00:15:13.0015 3004 usbscan - ok
00:15:13.0046 3004 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
00:15:13.0140 3004 USBSTOR - ok
00:15:13.0156 3004 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
00:15:13.0265 3004 usbuhci - ok
00:15:13.0281 3004 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
00:15:13.0390 3004 usbvideo - ok
00:15:13.0406 3004 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
00:15:13.0500 3004 VgaSave - ok
00:15:13.0500 3004 ViaIde - ok
00:15:13.0531 3004 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
00:15:13.0656 3004 VolSnap - ok
00:15:13.0718 3004 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
00:15:13.0828 3004 VSS - ok
00:15:13.0859 3004 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
00:15:13.0953 3004 W32Time - ok
00:15:14.0000 3004 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
00:15:14.0093 3004 Wanarp - ok
00:15:14.0156 3004 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
00:15:14.0171 3004 Wdf01000 - ok
00:15:14.0171 3004 WDICA - ok
00:15:14.0203 3004 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
00:15:14.0296 3004 wdmaud - ok
00:15:14.0328 3004 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
00:15:14.0421 3004 WebClient - ok
00:15:14.0500 3004 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
00:15:14.0609 3004 winmgmt - ok
00:15:14.0656 3004 [ 6E18978B749F0696A774DE3F2CB142DD ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
00:15:14.0734 3004 WmdmPmSN - ok
00:15:14.0781 3004 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll
00:15:14.0828 3004 Wmi - ok
00:15:14.0859 3004 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
00:15:14.0937 3004 WmiAcpi - ok
00:15:14.0984 3004 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
00:15:15.0078 3004 WmiApSrv - ok
00:15:15.0109 3004 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
00:15:15.0218 3004 WS2IFSL - ok
00:15:15.0265 3004 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
00:15:15.0359 3004 wscsvc - ok
00:15:15.0375 3004 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
00:15:15.0468 3004 WSTCODEC - ok
00:15:15.0500 3004 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
00:15:15.0593 3004 wuauserv - ok
00:15:15.0640 3004 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
00:15:15.0750 3004 WZCSVC - ok
00:15:15.0765 3004 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
00:15:15.0875 3004 xmlprov - ok
00:15:15.0875 3004 ================ Scan global ===============================
00:15:15.0921 3004 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
00:15:15.0968 3004 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
00:15:15.0984 3004 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
00:15:16.0000 3004 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
00:15:16.0000 3004 [Global] - ok
00:15:16.0000 3004 ================ Scan MBR ==================================
00:15:16.0031 3004 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
00:15:16.0234 3004 \Device\Harddisk0\DR0 - ok
00:15:16.0234 3004 ================ Scan VBR ==================================
00:15:16.0250 3004 [ C07ED685A652822BC18CA7561A8AB628 ] \Device\Harddisk0\DR0\Partition1
00:15:16.0250 3004 \Device\Harddisk0\DR0\Partition1 - ok
00:15:16.0250 3004 ============================================================
00:15:16.0250 3004 Scan finished
00:15:16.0250 3004 ============================================================
00:15:16.0265 0284 Detected object count: 0
00:15:16.0265 0284 Actual detected object count: 0
00:15:19.0062 3528 Deinitialize success

Alt 26.09.2012, 23:46   #10
markusg
/// Malware-holic
 
Stream,Downloads,Flash Player Hängt. - Standard

Stream,Downloads,Flash Player Hängt.



hi

malwarebytes:
Downloade Dir bitte Malwarebytes
  • Installiere
    das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche
    nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet
    ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste
    das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 27.09.2012, 13:44   #11
une fille
 
Stream,Downloads,Flash Player Hängt. - Standard

Stream,Downloads,Flash Player Hängt.



Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Datenbank Version: v2012.09.27.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Damaris :: ACER [Administrator]

27.09.2012 13:32:43
mbam-log-2012-09-27 (13-32-43).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 278280
Laufzeit: 1 Stunde(n), 9 Minute(n), 1 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)


Zwischendurch hat sich aber Antivir gemeldet:

In der Datei 'C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\TEMP\AVSCAN-20120926-235828-59B17ECC\ARK5.tmp'
wurde ein Virus oder unerwünschtes Programm 'TR/Trash.Gen' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern

Alt 27.09.2012, 18:02   #12
markusg
/// Malware-holic
 
Stream,Downloads,Flash Player Hängt. - Standard

Stream,Downloads,Flash Player Hängt.



lade den CCleaner standard:
CCleaner Download - CCleaner 3.23.1823
falls der CCleaner
bereits instaliert, überspringen.
instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 28.09.2012, 14:37   #13
une fille
 
Stream,Downloads,Flash Player Hängt. - Standard

Stream,Downloads,Flash Player Hängt.



Es kam die Meldung das das Setup nicht runtergeladen werden konnte Da die Quelldatei nicht erkannt wurde...

Da kamm dann die Grafik(im Anhang) und dieser Punkt springt hin und her ?

Grüße
Miniaturansicht angehängter Grafiken
-troja.jpg  

Alt 28.09.2012, 14:38   #14
une fille
 
Stream,Downloads,Flash Player Hängt. - Standard

Stream,Downloads,Flash Player Hängt.



Hat sich erledigt, habe es nochmal runtergeladen

Alt 28.09.2012, 15:01   #15
markusg
/// Malware-holic
 
Stream,Downloads,Flash Player Hängt. - Standard

Stream,Downloads,Flash Player Hängt.



hier sollte es funktionieren, grad getestet:
CCleaner Download - CCleaner 3.23.1823
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu Stream,Downloads,Flash Player Hängt.
aktualisieren, antivir, flash player, folge, free, gelöscht, hallo zusammen, hängt, itunes, java, lädt, löschung, meldung, mozilla, neue, neuen, player, problem, runter, search, setup, stottert, stream, tab, youtube



Ähnliche Themen: Stream,Downloads,Flash Player Hängt.


  1. Adobe Flash Player
    Log-Analyse und Auswertung - 21.11.2015 (28)
  2. Probleme mit Flash Player
    Alles rund um Windows - 27.04.2015 (8)
  3. Win7_Rechner hängt/Internet langsam/ständig Meldung: Plug-in (Shockwave Flash / oder Flash Player) hängt oder reagiert nicht
    Plagegeister aller Art und deren Bekämpfung - 15.11.2014 (19)
  4. Pop ups von Flash Player Updates etc. + Flash Player funktioniert nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 24.07.2014 (8)
  5. in PPopup vom flash Player: Seite kann nicht angezeigt werden! Aktualisieren sie Player auf die neueste Version!
    Plagegeister aller Art und deren Bekämpfung - 26.06.2014 (21)
  6. Flash Video Player Popup?
    Plagegeister aller Art und deren Bekämpfung - 12.06.2014 (5)
  7. Werbung auf allen browsern, adope flash player hängt sich immer auf
    Plagegeister aller Art und deren Bekämpfung - 30.03.2014 (19)
  8. Vista 32bit: Adobe Flash Player funktioniert nicht mehrHallo, während eines Downloads und gleichzeitigem Spielens ist mein PC mit Bluescree
    Log-Analyse und Auswertung - 05.11.2013 (5)
  9. Downloads wie Flash, Java oder Firefox Updates laden sehr langsam. Unbekannte Downloads laden jedoch schnell.
    Plagegeister aller Art und deren Bekämpfung - 19.01.2013 (7)
  10. Sicherheitswarnung von Adobe Flash Player
    Plagegeister aller Art und deren Bekämpfung - 18.10.2012 (24)
  11. Stream Sound stottert und hängt bei Mausbewegungen
    Log-Analyse und Auswertung - 20.07.2012 (10)
  12. Flash Player defekt
    Alles rund um Windows - 11.10.2011 (17)
  13. Flash Player 10.2 ist fertig
    Nachrichten - 09.02.2011 (0)
  14. Flash player update
    Netzwerk und Hardware - 27.12.2010 (19)
  15. Flash-Player als Spionagesystem
    Nachrichten - 06.09.2010 (0)
  16. Flash Player für Offline?
    Alles rund um Windows - 09.03.2004 (11)
  17. Standalone Stream-MP3-Player auf Linux Basis
    Alles rund um Mac OSX & Linux - 22.02.2003 (4)

Zum Thema Stream,Downloads,Flash Player Hängt. - Hallo zusammen, ich hatte vor ein paar Tagen das Problem mit searchnu, das sich bei jedem neuen Tab selbst geöffnet hat. Dieses wurde aber durch die löschung des Videoconverters der - Stream,Downloads,Flash Player Hängt....
Archiv
Du betrachtest: Stream,Downloads,Flash Player Hängt. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.