Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Virus- Windows -XP

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 20.11.2012, 22:44   #1
Kenny337
 
Virus- Windows -XP - Standard

Virus- Windows -XP



Hallo,
hab mir einen Virus eingefangen.
Der Bildschirm bleibt weiß. Ich kann das Laptop nicht im abgesichtern Modus starten.
Besitze ein Laptop mit Windows XP-System.

Hab das Laptop mit der Reatogo-X-PE CD gebootet, hab Run Scan gedrückt. OTLPE hat eine OTL.txt Datei und eine Extra.txt erstellt.

Ich hänge die beiden Dateien mal in den Anhang und hoffe auf weitere Anweisungen.
Grüße.
Angehängte Dateien
Dateityp: txt Extras.Txt (24,3 KB, 178x aufgerufen)
Dateityp: txt OTL.Txt (71,1 KB, 188x aufgerufen)

Alt 21.11.2012, 11:19   #2
Psychotic
/// Malwareteam
 
Virus- Windows -XP - Standard

Virus- Windows -XP





Mein Name ist Marius und ich werde dir bei deinem Problem helfen.

Eines vorneweg:

Hinweis: Wir können hier nie dafür garantieren, dass wir sämtliche Reste von Schadsoftware gefunden haben. Eine Formatierung ist meist der schnellste und immer der sicherste Weg.

Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass dein Rechner clean ist.

Eine Bereinigung ist mitunter mit viel Arbeit für dich verbunden.
  1. Bitte arbeite alle Schritte der Reihe nach ab.
  2. Lese die Anleitungen sorgfältig. Solltest du irgendwo nicht weiterkommen, stoppe an diesem Punkt und beschreibe dein Problem hier!
  3. Nur Scans durchführen, zu denen du von einem Helfer aufgefordert wirst.
  4. Bitte kein Crossposting (posten in mehreren Foren) - wenn du die Anweisungen mehrere Helfer ausführst, kann das schwere Probleme nach sich ziehen!.
  5. Installiere oder Deinstalliere während der Bereinigung keine Software (ausser, du wurdest dazu aufgefordert).
  6. Wenn etwas unklar ist: Frage, bevor du etwas "blind" machst!

    ...und ganz wichtig:

  7. Poste die Logfiles mit code-tags (das #-Symbol oben im Antwortfenster) in deinen Thread! Nicht anhängen, außer, ich fordere dich dazu auf. (Erschwert mir nämlich das Auswerten).


Vista und Win7 User
Alle Tools mit Rechtsklick --> "als Administrator ausführen" starten.




Schritt 1: Fix mit OTLPE



  • An einem anderen PC, klicke auf Start-->ausführen.
  • Schreibe Notepad in die Textbox, klicke OK.
  • Kopiere nun den Inhalt der folgenden Codebox vollständig in das leere Textdokument:
    Code:
    ATTFilter
    :OTL
    IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
    [2012/03/10 17:23:23 | 000,002,310 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\babylon.xml
    [2011/02/27 09:48:04 | 000,002,046 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\fcmdSrchddr.xml
    [2012/06/07 12:42:13 | 000,002,517 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\Search_Results.xml
    O2 - BHO: (Wincore Mediabar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll ()
    O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Programme\BABYLONTOOLBAR\BABYLONTOOLBAR\1.5.3.17\BH\BABYLONTOOLBAR.DLL ()
    O2 - BHO: (TBSB01620 Class) - {58124A0B-DC32-4180-9BFF-E0E21AE34026} -  File not found
    O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} -  File not found
    O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Programme\DealPly\DealPlyIE.dll (DealPly Technologies Ltd)
    O2 - BHO: (DataMngr) - {BE7A24F5-69CB-4708-B77B-B1EDA6043B95} - C:\Programme\iMesh Applications\MediaBar\Datamngr\BrowserConnection.dll (iMesh, Inc)
    O3 - HKLM\..\Toolbar: (Wincore Mediabar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll ()
    O3 - HKLM\..\Toolbar: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} -  File not found
    O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} -  File not found
    O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} -  File not found
    O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O3 - HKU\WinXP_ON_C\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
    O3 - HKU\WinXP_ON_C\..\Toolbar\WebBrowser: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} -  File not found
    O4 - HKLM..\Run: [DATAMNGR] C:\Programme\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe (iMesh, Inc)
    O4 - HKLM..\Run: [facemoods]  File not found
    O20 - AppInit_DLLs: (C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll) - C:\Programme\iMesh Applications\MediaBar\Datamngr\datamngr.dll (iMesh, Inc)
    O20 - AppInit_DLLs: (C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll) - C:\Programme\iMesh Applications\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc)
    O20 - HKU\WinXP_ON_C Winlogon: Shell - (C:\Dokumente und Einstellungen\WinXP\Anwendungsdaten\msconfig.dat) - C:\Dokumente und Einstellungen\WinXP\Anwendungsdaten\msconfig.dat ()
    [2011/02/27 09:43:04 | 000,493,520 | ---- | C] (Facebook Inc.) -- C:\Programme\jDownloaderWebInstaller09581.exe
    [2012/03/10 17:23:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WinXP\Anwendungsdaten\Babylon
    [2012/03/10 17:28:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WinXP\Anwendungsdaten\BabylonToolbar
    [2011/02/27 09:47:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WinXP\Anwendungsdaten\facemoods.com
    [2012/06/07 12:45:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WinXP\Anwendungsdaten\mediabarim
    [2011/03/02 06:33:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WinXP\Anwendungsdaten\Teeworlds
    [2012/03/10 17:27:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WinXP\Anwendungsdaten\Toolbar4
    [2012/06/07 12:44:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WinXP\Anwendungsdaten\wincoreimband
    [2012/03/10 17:23:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Babylon
    :COMMANDS
    [emptytemp]
             
  • Speichere die Datei als fix.txt auf einem USB-Stick.
  • Am infizierten Rechner, schließe den USB-Stick an, boote OTLPEN.
  • Dein System sollte nach einigen Minuten den REATOGO-X-PE Desktop anzeigen.
  • Mache einen Doppelklick auf das OTLPE Icon.
  • Wenn Du gefragt wirst "Do you wish to load the remote registry", dann wähle Yes.
  • Wenn Du gefragt wirst "Do you wish to load remote user profile(s) for scanning", dann wähle Yes.
  • Vergewissere Dich, dass die Box "Automatically Load All Remaining Users" gewählt ist und drücke OK.
  • OTLpe sollte nun starten.
  • Klicke nun bitte auf den Fix Button.
  • Lade die fix.txt von deinem Stick.
  • Klicke den Fix-Button.
  • Starte Windows nun normal. Es sollte sich eine OTL.txt öffnen, poste deren Inhalt in deinem nächsten Thread.


Starte den Rechner im normalen Modus!




Schritt 2: aswMBR


Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung) Vista und Win7 User mit Rechtsklick "als Admininstartor starten"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. ( Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen ) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.




Schritt 3: Scan mit TDSS-Killer



Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen. Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und speichere das Logfile. TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern ( Meistens C:\ ) Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt
Poste den Inhalt bitte hier in deinen Thread.
__________________

__________________

Alt 24.11.2012, 15:57   #3
Kenny337
 
Virus- Windows -XP - Standard

Virus- Windows -XP



vielen,vielen Dank fuer deine Hilfe!!!






Im Anhang die Datei
__________________
Angehängte Dateien
Dateityp: txt aswMBR.txt (1,8 KB, 169x aufgerufen)

Alt 26.11.2012, 06:36   #4
Psychotic
/// Malwareteam
 
Virus- Windows -XP - Standard

Virus- Windows -XP



Fehlt noch das Log von TDSS-Killer
__________________
Kein Asylrecht für Trojaner!

Proud Member of UNITE

Hinweis: Ich bin nur werktags erreichbar!
Anfragen über PM werden ignoriert!

Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board!

Alt 26.11.2012, 09:41   #5
Kenny337
 
Virus- Windows -XP - Standard

Virus- Windows -XP



Kann ich leider nicht anhängen, da die Datei zu groß ist :-(


Alt 26.11.2012, 14:16   #6
Psychotic
/// Malwareteam
 
Virus- Windows -XP - Standard

Virus- Windows -XP



Poste es in code-tags, das ist das Rautensymbol oben im Antwortfenster.

[code]Hier das TDSS-Killer log[/code]



Resultat:



Code:
ATTFilter
Hier das TDSS-Killer log
         
__________________
--> Virus- Windows -XP

Alt 28.11.2012, 18:51   #7
Kenny337
 
Virus- Windows -XP - Standard

Virus- Windows -XP



Code:
ATTFilter
09:43:08.0187 2716  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
09:43:08.0625 2716  ============================================================
09:43:08.0625 2716  Current date / time: 2012/11/24 09:43:08.0625
09:43:08.0625 2716  SystemInfo:
09:43:08.0625 2716  
09:43:08.0625 2716  OS Version: 5.1.2600 ServicePack: 3.0
09:43:08.0625 2716  Product type: Workstation
09:43:08.0625 2716  ComputerName: WINXP-6005ED2CF
09:43:08.0656 2716  UserName: WinXP
09:43:08.0656 2716  Windows directory: C:\WINDOWS
09:43:08.0656 2716  System windows directory: C:\WINDOWS
09:43:08.0656 2716  Processor architecture: Intel x86
09:43:08.0656 2716  Number of processors: 2
09:43:08.0656 2716  Page size: 0x1000
09:43:08.0656 2716  Boot type: Normal boot
09:43:08.0656 2716  ============================================================
09:43:11.0796 2716  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
09:43:11.0796 2716  ============================================================
09:43:11.0796 2716  \Device\Harddisk0\DR0:
09:43:11.0796 2716  MBR partitions:
09:43:11.0796 2716  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF8F8C1
09:43:11.0796 2716  ============================================================
09:43:11.0875 2716  C: <-> \Device\Harddisk0\DR0\Partition1
09:43:11.0875 2716  ============================================================
09:43:11.0875 2716  Initialize success
09:43:11.0875 2716  ============================================================
09:43:15.0578 3352  ============================================================
09:43:15.0578 3352  Scan started
09:43:15.0578 3352  Mode: Manual; 
09:43:15.0578 3352  ============================================================
09:43:18.0343 3352  ================ Scan system memory ========================
09:43:18.0343 3352  System memory - ok
09:43:18.0343 3352  ================ Scan services =============================
09:43:20.0156 3352  Abiosdsk - ok
09:43:20.0171 3352  abp480n5 - ok
09:43:20.0234 3352  [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:43:20.0265 3352  ACPI - ok
09:43:20.0312 3352  [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC          C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
09:43:20.0343 3352  ACPIEC - ok
09:43:20.0343 3352  adpu160m - ok
09:43:20.0406 3352  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
09:43:20.0437 3352  aec - ok
09:43:20.0515 3352  [ 7E775010EF291DA96AD17CA4B17137D7 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
09:43:20.0546 3352  AFD - ok
09:43:20.0562 3352  Aha154x - ok
09:43:20.0562 3352  aic78u2 - ok
09:43:20.0578 3352  aic78xx - ok
09:43:20.0640 3352  [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
09:43:20.0640 3352  Alerter - ok
09:43:20.0687 3352  [ 190CD73D4984F94D823F9444980513E5 ] ALG             C:\WINDOWS\System32\alg.exe
09:43:20.0718 3352  ALG - ok
09:43:20.0718 3352  AliIde - ok
09:43:20.0734 3352  amsint - ok
09:43:20.0750 3352  AppMgmt - ok
09:43:20.0796 3352  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
09:43:20.0812 3352  Arp1394 - ok
09:43:20.0812 3352  asc - ok
09:43:20.0828 3352  asc3350p - ok
09:43:20.0828 3352  asc3550 - ok
09:43:20.0890 3352  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:43:20.0906 3352  AsyncMac - ok
09:43:20.0968 3352  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
09:43:20.0968 3352  atapi - ok
09:43:20.0984 3352  Atdisk - ok
09:43:21.0078 3352  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:43:21.0093 3352  Atmarpc - ok
09:43:21.0187 3352  [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
09:43:21.0203 3352  AudioSrv - ok
09:43:21.0312 3352  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
09:43:21.0359 3352  audstub - ok
09:43:24.0437 3352  [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent     C:\Programme\AVG\AVG2012\avgidsagent.exe
09:43:29.0968 3352  AVGIDSAgent - ok
09:43:30.0062 3352  [ 1074F787080068C71303B61FAE7E7CA4 ] AVGIDSDriver    C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
09:43:30.0078 3352  AVGIDSDriver - ok
09:43:30.0093 3352  [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] AVGIDSFilter    C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys
09:43:30.0109 3352  AVGIDSFilter - ok
09:43:30.0156 3352  [ D63D83659EEDF60B3A3E620281A888E5 ] AVGIDSHX        C:\WINDOWS\system32\DRIVERS\avgidshx.sys
09:43:30.0171 3352  AVGIDSHX - ok
09:43:30.0203 3352  [ BAF975B72062F53D327788E99D64197E ] AVGIDSShim      C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
09:43:30.0218 3352  AVGIDSShim - ok
09:43:30.0343 3352  [ DCB09125C8B4766A88C86914B65487C1 ] Avgldx86        C:\WINDOWS\system32\DRIVERS\avgldx86.sys
09:43:30.0390 3352  Avgldx86 - ok
09:43:30.0421 3352  [ CCDD61545AAEA265977E4B1EFDC74E8C ] Avgmfx86        C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
09:43:30.0421 3352  Avgmfx86 - ok
09:43:30.0437 3352  [ 1FD90B28D2C3100BF4500199C8AD6358 ] Avgrkx86        C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
09:43:30.0437 3352  Avgrkx86 - ok
09:43:30.0546 3352  [ C0BC3B2E3FD625E7F55E1FF863E94592 ] Avgtdix         C:\WINDOWS\system32\DRIVERS\avgtdix.sys
09:43:30.0625 3352  Avgtdix - ok
09:43:30.0687 3352  [ F809FCB3E7656E3B1CE0FF288689A853 ] avgtp           C:\WINDOWS\system32\drivers\avgtpx86.sys
09:43:30.0687 3352  Suspicious file (Forged): C:\WINDOWS\system32\drivers\avgtpx86.sys. Real md5: F809FCB3E7656E3B1CE0FF288689A853, Fake md5: 4A0F19D926392115FE29EDF9CBB48BDC
09:43:30.0687 3352  avgtp ( ForgedFile.Multi.Generic ) - warning
09:43:30.0687 3352  avgtp - detected ForgedFile.Multi.Generic (1)
09:43:30.0765 3352  [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd           C:\Programme\AVG\AVG2012\avgwdsvc.exe
09:43:31.0718 3352  avgwd - ok
09:43:31.0812 3352  [ F96038AA1EC4013A93D2420FC689D1E9 ] b57w2k          C:\WINDOWS\system32\DRIVERS\b57xp32.sys
09:43:31.0906 3352  b57w2k - ok
09:43:32.0687 3352  [ E9EA635B8432D68F0005B3F6CEBAB837 ] BCM43XX         C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
09:43:33.0578 3352  BCM43XX - ok
09:43:39.0828 3352  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
09:43:39.0859 3352  Beep - ok
09:43:41.0671 3352  [ D6F603772A789BB3228F310D650B8BD1 ] BITS            C:\WINDOWS\system32\qmgr.dll
09:43:42.0515 3352  BITS - ok
09:43:43.0828 3352  [ B42057F06BBB98B31876C0B3F2B54E33 ] Browser         C:\WINDOWS\System32\browser.dll
09:43:43.0906 3352  Browser - ok
09:43:44.0359 3352  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
09:43:44.0375 3352  cbidf2k - ok
09:43:46.0562 3352  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
09:43:46.0578 3352  CCDECODE - ok
09:43:46.0578 3352  cd20xrnt - ok
09:43:46.0687 3352  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
09:43:46.0718 3352  Cdaudio - ok
09:44:13.0062 3352  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
09:44:13.0140 3352  Cdfs - ok
09:44:19.0718 3352  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:44:19.0843 3352  Cdrom - ok
09:44:19.0843 3352  Changer - ok
09:44:20.0296 3352  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc           C:\WINDOWS\system32\cisvc.exe
09:44:20.0484 3352  CiSvc - ok
09:44:21.0078 3352  [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
09:44:21.0203 3352  ClipSrv - ok
09:44:26.0968 3352  [ 7FA87325900183197BC9710D1CE4C9FA ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:44:27.0156 3352  clr_optimization_v2.0.50727_32 - ok
09:44:27.0406 3352  [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
09:44:27.0421 3352  CmBatt - ok
09:44:27.0421 3352  CmdIde - ok
09:44:27.0687 3352  [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
09:44:27.0718 3352  Compbatt - ok
09:44:27.0718 3352  COMSysApp - ok
09:44:27.0734 3352  Cpqarray - ok
09:44:27.0875 3352  [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
09:44:27.0906 3352  CryptSvc - ok
09:44:27.0906 3352  dac2w2k - ok
09:44:27.0921 3352  dac960nt - ok
09:44:28.0359 3352  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
09:44:28.0687 3352  DcomLaunch - ok
09:44:28.0906 3352  [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
09:44:28.0921 3352  Dhcp - ok
09:44:29.0031 3352  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
09:44:29.0078 3352  Disk - ok
09:44:29.0187 3352  [ 060DB81DFB79C8244EB65D10B6C7873F ] DKbFltr         C:\WINDOWS\system32\DRIVERS\DKbFltr.sys
09:44:29.0218 3352  DKbFltr - ok
09:44:29.0218 3352  dmadmin - ok
09:44:29.0750 3352  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
09:44:30.0406 3352  dmboot - ok
09:44:30.0484 3352  [ 53720AB12B48719D00E327DA470A619A ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
09:44:30.0515 3352  dmio - ok
09:44:30.0531 3352  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
09:44:30.0546 3352  dmload - ok
09:44:30.0593 3352  [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver        C:\WINDOWS\System32\dmserver.dll
09:44:30.0609 3352  dmserver - ok
09:44:30.0671 3352  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
09:44:30.0671 3352  DMusic - ok
09:44:30.0734 3352  [ 8C9ED3B2834AAE63081AB2DA831C6FE9 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
09:44:30.0750 3352  Dnscache - ok
09:44:30.0875 3352  [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
09:44:30.0890 3352  Dot3svc - ok
09:44:30.0906 3352  dpti2o - ok
09:44:30.0968 3352  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
09:44:31.0000 3352  drmkaud - ok
09:44:31.0046 3352  [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost         C:\WINDOWS\System32\eapsvc.dll
09:44:31.0078 3352  EapHost - ok
09:44:31.0156 3352  [ 877C18558D70587AA7823A1A308AC96B ] ERSvc           C:\WINDOWS\System32\ersvc.dll
09:44:31.0171 3352  ERSvc - ok
09:44:31.0468 3352  [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog        C:\WINDOWS\system32\services.exe
09:44:31.0484 3352  Eventlog - ok
09:44:31.0562 3352  [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem     C:\WINDOWS\system32\es.dll
09:44:31.0625 3352  EventSystem - ok
09:44:31.0718 3352  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
09:44:31.0750 3352  Fastfat - ok
09:44:31.0875 3352  [ 40602EBFBE06AA075C8E4560743F6883 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
09:44:32.0000 3352  FastUserSwitchingCompatibility - ok
09:44:32.0046 3352  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
09:44:32.0078 3352  Fdc - ok
09:44:32.0109 3352  [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
09:44:32.0140 3352  Fips - ok
09:44:32.0171 3352  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
09:44:32.0171 3352  Flpydisk - ok
09:44:32.0296 3352  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
09:44:32.0328 3352  FltMgr - ok
09:44:32.0703 3352  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
09:44:32.0765 3352  FontCache3.0.0.0 - ok
09:44:32.0937 3352  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:44:32.0953 3352  Fs_Rec - ok
09:44:33.0093 3352  [ 8F1955CE42E1484714B542F341647778 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:44:33.0109 3352  Ftdisk - ok
09:44:33.0218 3352  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:44:33.0234 3352  Gpc - ok
09:44:33.0312 3352  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
09:44:33.0359 3352  HDAudBus - ok
09:44:33.0500 3352  [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
09:44:33.0531 3352  helpsvc - ok
09:44:33.0531 3352  HidServ - ok
09:44:33.0578 3352  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:44:33.0609 3352  HidUsb - ok
09:44:33.0656 3352  [ ED29F14101523A6E0E808107405D452C ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
09:44:33.0671 3352  hkmsvc - ok
09:44:33.0671 3352  hpn - ok
09:44:33.0812 3352  [ 6A5C4732D6803F84E2987EDD8E4359CE ] HSFHWAZL        C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
09:44:33.0859 3352  HSFHWAZL - ok
09:44:34.0343 3352  [ 21C31273C6CC4826E74BE8AE3B09D4A8 ] HSF_DPV         C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
09:44:35.0109 3352  HSF_DPV - ok
09:44:35.0296 3352  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
09:44:35.0375 3352  HTTP - ok
09:44:35.0421 3352  [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
09:44:35.0437 3352  HTTPFilter - ok
09:44:35.0453 3352  i2omgmt - ok
09:44:35.0453 3352  i2omp - ok
09:44:35.0531 3352  [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:44:35.0562 3352  i8042prt - ok
09:44:38.0812 3352  [ 28423512370705AEDA6A652FEDB25468 ] ialm            C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
09:44:43.0562 3352  ialm - ok
09:44:43.0593 3352  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
09:44:43.0625 3352  Imapi - ok
09:44:43.0703 3352  [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService    C:\WINDOWS\system32\imapi.exe
09:44:43.0781 3352  ImapiService - ok
09:44:43.0796 3352  ini910u - ok
09:44:46.0125 3352  [ B45A576AD280DD4F605F58B24CDAAFE1 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
09:44:49.0062 3352  IntcAzAudAddService - ok
09:44:49.0078 3352  IntelIde - ok
09:44:49.0125 3352  [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
09:44:49.0140 3352  intelppm - ok
09:44:49.0203 3352  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
09:44:49.0218 3352  Ip6Fw - ok
09:44:49.0250 3352  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:44:49.0265 3352  IpFilterDriver - ok
09:44:49.0296 3352  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:44:49.0296 3352  IpInIp - ok
09:44:49.0343 3352  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:44:49.0343 3352  IpNat - ok
09:44:49.0453 3352  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:44:49.0468 3352  IPSec - ok
09:44:49.0531 3352  [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda            C:\WINDOWS\system32\DRIVERS\irda.sys
09:44:49.0546 3352  irda - ok
09:44:49.0609 3352  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
09:44:49.0625 3352  IRENUM - ok
09:44:49.0796 3352  [ 2EFE1DB1EC58A26B0C14BFDA122E246F ] Irmon           C:\WINDOWS\System32\irmon.dll
09:44:49.0812 3352  Irmon - ok
09:44:50.0031 3352  [ 6DFB88F64135C525433E87648BDA30DE ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:44:50.0062 3352  isapnp - ok
09:44:51.0859 3352  [ 9AE07549A0D691A103FAF8946554BDB7 ] JavaQuickStarterService C:\Programme\Java\jre6\bin\jqs.exe
09:44:52.0781 3352  JavaQuickStarterService - ok
09:44:52.0921 3352  [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:44:52.0953 3352  Kbdclass - ok
09:44:52.0984 3352  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
09:44:53.0031 3352  kmixer - ok
09:44:53.0125 3352  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
09:44:53.0171 3352  KSecDD - ok
09:44:53.0265 3352  [ 2BBDCB79900990F0716DFCB714E72DE7 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
09:44:53.0328 3352  LanmanServer - ok
09:44:53.0421 3352  [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
09:44:53.0515 3352  lanmanworkstation - ok
09:44:53.0531 3352  lbrtfdc - ok
09:44:53.0578 3352  [ 636714B7D43C8D0C80449123FD266920 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
09:44:53.0609 3352  LmHosts - ok
09:44:53.0765 3352  [ 22A7776C5D8EB5930EDF9C8DD0884259 ] McComponentHostService C:\Programme\McAfee Security Scan\3.0.207\McCHSvc.exe
09:44:55.0593 3352  McComponentHostService - ok
09:45:00.0640 3352  [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
09:45:00.0687 3352  mdmxsdk - ok
09:45:01.0359 3352  [ B7550A7107281D170CE85524B1488C98 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
09:45:01.0375 3352  Messenger - ok
09:45:03.0750 3352  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
09:45:03.0859 3352  mnmdd - ok
09:45:04.0062 3352  [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
09:45:04.0078 3352  mnmsrvc - ok
09:45:04.0109 3352  [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
09:45:04.0109 3352  Modem - ok
09:45:04.0156 3352  [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:45:04.0156 3352  Mouclass - ok
09:45:04.0203 3352  [ 66A6F73C74E1791464160A7065CE711A ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
09:45:04.0234 3352  mouhid - ok
09:45:04.0265 3352  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
09:45:04.0281 3352  MountMgr - ok
09:45:04.0281 3352  mraid35x - ok
09:45:04.0468 3352  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:45:04.0546 3352  MRxDAV - ok
09:45:04.0781 3352  [ F3AEFB11ABC521122B67095044169E98 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:45:05.0250 3352  MRxSmb - ok
09:45:05.0343 3352  [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
09:45:05.0359 3352  MSDTC - ok
09:45:05.0421 3352  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
09:45:05.0421 3352  Msfs - ok
09:45:05.0437 3352  MSIServer - ok
09:45:05.0484 3352  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:45:05.0500 3352  MSKSSRV - ok
09:45:05.0578 3352  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:45:05.0578 3352  MSPCLOCK - ok
09:45:05.0968 3352  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
09:45:06.0000 3352  MSPQM - ok
09:45:06.0500 3352  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:45:06.0515 3352  mssmbios - ok
09:45:06.0531 3352  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
09:45:06.0546 3352  MSTEE - ok
09:45:06.0562 3352  [ 2F625D11385B1A94360BFC70AAEFDEE1 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
09:45:06.0609 3352  Mup - ok
09:45:06.0625 3352  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
09:45:06.0640 3352  NABTSFEC - ok
09:45:06.0671 3352  [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent        C:\WINDOWS\System32\qagentrt.dll
09:45:06.0703 3352  napagent - ok
09:45:07.0281 3352  [ 0D01287D85B3715FA8270E8EC919B7F7 ] NBService       C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe
09:45:09.0171 3352  NBService - ok
09:45:09.0218 3352  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
09:45:09.0218 3352  NDIS - ok
09:45:09.0265 3352  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
09:45:09.0281 3352  NdisIP - ok
09:45:09.0312 3352  [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:45:09.0328 3352  NdisTapi - ok
09:45:09.0375 3352  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:45:09.0390 3352  Ndisuio - ok
09:45:09.0406 3352  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:45:09.0453 3352  NdisWan - ok
09:45:10.0171 3352  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
09:45:10.0203 3352  NDProxy - ok
09:45:10.0265 3352  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
09:45:10.0281 3352  NetBIOS - ok
09:45:10.0312 3352  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
09:45:10.0359 3352  NetBT - ok
09:45:10.0390 3352  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE          C:\WINDOWS\system32\netdde.exe
09:45:10.0421 3352  NetDDE - ok
09:45:10.0437 3352  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
09:45:10.0437 3352  NetDDEdsdm - ok
09:45:10.0531 3352  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon        C:\WINDOWS\system32\lsass.exe
09:45:10.0531 3352  Netlogon - ok
09:45:10.0546 3352  [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman          C:\WINDOWS\System32\netman.dll
09:45:10.0562 3352  Netman - ok
09:45:10.0578 3352  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
09:45:10.0578 3352  NIC1394 - ok
09:45:10.0625 3352  [ ACD8BD448A74F344D46FCAF21BAB92AF ] Nla             C:\WINDOWS\System32\mswsock.dll
09:45:10.0734 3352  Nla - ok
09:45:11.0312 3352  [ C4EBBBD7165BE535F0BFD06B80601D91 ] NMIndexingService C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe
09:45:13.0843 3352  NMIndexingService - ok
09:45:14.0375 3352  [ C82F4CC10AD315B6D6BCB14D0A7CAD66 ] nmwcd           C:\WINDOWS\system32\drivers\ccdcmb.sys
09:45:14.0390 3352  nmwcd - ok
09:45:14.0437 3352  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
09:45:14.0437 3352  Npfs - ok
09:45:14.0500 3352  [ 2ADC0CA9945C65284B3D19BC18765974 ] NSCIRDA         C:\WINDOWS\system32\DRIVERS\nscirda.sys
09:45:14.0515 3352  NSCIRDA - ok
09:45:14.0656 3352  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
09:45:15.0046 3352  Ntfs - ok
09:45:15.0093 3352  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
09:45:15.0109 3352  NtLmSsp - ok
09:45:15.0234 3352  [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
09:45:15.0484 3352  NtmsSvc - ok
09:45:15.0515 3352  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
09:45:15.0546 3352  Null - ok
09:45:15.0609 3352  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:45:15.0640 3352  NwlnkFlt - ok
09:45:15.0687 3352  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:45:15.0703 3352  NwlnkFwd - ok
09:45:15.0734 3352  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
09:45:15.0765 3352  ohci1394 - ok
09:45:15.0875 3352  [ 3F24EAEB165328E00D687BF3B60A448A ] PAC207          C:\WINDOWS\system32\DRIVERS\pfc027.sys
09:45:16.0031 3352  PAC207 - ok
09:45:16.0078 3352  [ F84785660305B9B903FB3BCA8BA29837 ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
09:45:16.0109 3352  Parport - ok
09:45:16.0140 3352  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
09:45:16.0156 3352  PartMgr - ok
09:45:16.0218 3352  [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
09:45:16.0234 3352  ParVdm - ok
09:45:16.0375 3352  [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
09:45:16.0390 3352  PCI - ok
09:45:16.0406 3352  PCIDump - ok
09:45:16.0453 3352  [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
09:45:16.0468 3352  PCIIde - ok
09:45:16.0750 3352  [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia          C:\WINDOWS\system32\DRIVERS\pcmcia.sys
09:45:16.0796 3352  Pcmcia - ok
09:45:16.0796 3352  PDCOMP - ok
09:45:16.0812 3352  PDFRAME - ok
09:45:16.0812 3352  PDRELI - ok
09:45:16.0828 3352  PDRFRAME - ok
09:45:16.0843 3352  perc2 - ok
09:45:16.0859 3352  perc2hib - ok
09:45:16.0906 3352  [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay        C:\WINDOWS\system32\services.exe
09:45:16.0906 3352  PlugPlay - ok
09:45:16.0937 3352  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
09:45:16.0953 3352  PolicyAgent - ok
09:45:16.0984 3352  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:45:17.0000 3352  PptpMiniport - ok
09:45:17.0015 3352  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
09:45:17.0015 3352  ProtectedStorage - ok
09:45:17.0125 3352  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
09:45:17.0140 3352  PSched - ok
09:45:17.0171 3352  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:45:17.0187 3352  Ptilink - ok
09:45:17.0296 3352  [ 1962166E0CEB740704F30FA55AD3D509 ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
09:45:17.0328 3352  PxHelp20 - ok
09:45:17.0328 3352  ql1080 - ok
09:45:17.0343 3352  Ql10wnt - ok
09:45:17.0343 3352  ql12160 - ok
09:45:17.0359 3352  ql1240 - ok
09:45:17.0375 3352  ql1280 - ok
09:45:17.0421 3352  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:45:17.0437 3352  RasAcd - ok
09:45:17.0484 3352  [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
09:45:17.0500 3352  RasAuto - ok
09:45:17.0531 3352  [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda         C:\WINDOWS\system32\DRIVERS\rasirda.sys
09:45:17.0562 3352  Rasirda - ok
09:45:17.0609 3352  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:45:17.0625 3352  Rasl2tp - ok
09:45:17.0703 3352  [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan          C:\WINDOWS\System32\rasmans.dll
09:45:17.0750 3352  RasMan - ok
09:45:17.0796 3352  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:45:17.0828 3352  RasPppoe - ok
09:45:17.0875 3352  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
09:45:17.0906 3352  Raspti - ok
09:45:18.0375 3352  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:45:18.0437 3352  Rdbss - ok
09:45:18.0875 3352  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:45:18.0890 3352  RDPCDD - ok
09:45:19.0781 3352  [ 6728E45B66F93C08F11DE2E316FC70DD ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
09:45:19.0828 3352  RDPWD - ok
09:45:19.0906 3352  [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
09:45:19.0906 3352  RDSessMgr - ok
09:45:19.0968 3352  [ ED761D453856F795A7FE056E42C36365 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
09:45:19.0968 3352  redbook - ok
09:45:20.0046 3352  [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
09:45:20.0062 3352  RemoteAccess - ok
09:45:20.0312 3352  [ BD517C7FB119997EFFBE39D5E4B37B05 ] RichVideo       C:\Programme\CyberLink\Shared Files\RichVideo.exe
09:45:27.0328 3352  RichVideo - ok
09:45:28.0296 3352  [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator      C:\WINDOWS\system32\locator.exe
09:45:28.0406 3352  RpcLocator - ok
09:45:29.0453 3352  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs           C:\WINDOWS\system32\rpcss.dll
09:45:29.0453 3352  RpcSs - ok
09:45:29.0890 3352  [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP            C:\WINDOWS\system32\rsvp.exe
09:45:29.0937 3352  RSVP - ok
09:45:30.0000 3352  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs           C:\WINDOWS\system32\lsass.exe
09:45:30.0000 3352  SamSs - ok
09:45:30.0593 3352  [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
09:45:30.0640 3352  SCardSvr - ok
09:45:31.0390 3352  [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule        C:\WINDOWS\system32\schedsvc.dll
09:45:31.0546 3352  Schedule - ok
09:45:40.0734 3352  [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus           C:\WINDOWS\system32\DRIVERS\sdbus.sys
09:45:40.0781 3352  sdbus - ok
09:45:41.0921 3352  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:45:41.0937 3352  Secdrv - ok
09:45:43.0546 3352  [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon        C:\WINDOWS\System32\seclogon.dll
09:45:43.0578 3352  seclogon - ok
09:45:44.0296 3352  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS            C:\WINDOWS\system32\sens.dll
09:45:44.0312 3352  SENS - ok
09:45:44.0765 3352  [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
09:45:44.0781 3352  Serial - ok
09:45:46.0125 3352  [ 0FA803C64DF0914B41F807EA276BF2A6 ] sffdisk         C:\WINDOWS\system32\DRIVERS\sffdisk.sys
09:45:46.0156 3352  sffdisk - ok
09:45:46.0218 3352  [ C17C331E435ED8737525C86A7557B3AC ] sffp_sd         C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
09:45:46.0265 3352  sffp_sd - ok
09:45:46.0593 3352  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
09:45:46.0625 3352  Sfloppy - ok
09:45:46.0734 3352  [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
09:45:46.0937 3352  SharedAccess - ok
09:45:47.0046 3352  [ 40602EBFBE06AA075C8E4560743F6883 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
09:45:47.0046 3352  ShellHWDetection - ok
09:45:47.0046 3352  Simbad - ok
09:45:47.0562 3352  [ 68EA68D03BF58389FE6AD2B38FAD798C ] SkypeUpdate     C:\Programme\Skype\Updater\Updater.exe
09:45:48.0078 3352  SkypeUpdate - ok
09:45:48.0296 3352  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
09:45:48.0343 3352  SLIP - ok
09:45:48.0343 3352  Sparrow - ok
09:45:48.0546 3352  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
09:45:48.0562 3352  splitter - ok
09:45:48.0671 3352  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
09:45:48.0734 3352  Spooler - ok
09:45:48.0859 3352  [ 50FA898F8C032796D3B1B9951BB5A90F ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
09:45:48.0921 3352  sr - ok
09:45:49.0171 3352  [ FE77A85495065F3AD59C5C65B6C54182 ] srservice       C:\WINDOWS\system32\srsvc.dll
09:45:49.0250 3352  srservice - ok
09:45:51.0218 3352  [ 0F6AEFAD3641A657E18081F52D0C15AF ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
09:45:51.0281 3352  Srv - ok
09:45:51.0765 3352  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
09:45:51.0812 3352  SSDPSRV - ok
09:45:52.0375 3352  [ ED78DFAD8EFCDFBC89500492C4D14645 ] STI Simulator   C:\WINDOWS\System32\PAStiSvc.exe
09:45:52.0375 3352  STI Simulator - ok
09:45:52.0578 3352  [ BC2C5985611C5356B24AEB370953DED9 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
09:45:52.0671 3352  stisvc - ok
09:45:52.0703 3352  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
09:45:52.0718 3352  streamip - ok
09:45:52.0750 3352  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
09:45:52.0765 3352  swenum - ok
09:45:52.0796 3352  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
09:45:52.0828 3352  swmidi - ok
09:45:52.0828 3352  SwPrv - ok
09:45:52.0843 3352  symc810 - ok
09:45:52.0843 3352  symc8xx - ok
09:45:52.0859 3352  sym_hi - ok
09:45:52.0859 3352  sym_u3 - ok
09:45:53.0812 3352  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
09:45:53.0828 3352  sysaudio - ok
09:45:54.0000 3352  [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
09:45:54.0031 3352  SysmonLog - ok
09:45:54.0140 3352  [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
09:45:54.0375 3352  TapiSrv - ok
09:45:55.0609 3352  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:45:55.0875 3352  Tcpip - ok
09:45:55.0921 3352  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
09:45:56.0000 3352  TDPIPE - ok
09:45:56.0031 3352  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
09:45:56.0046 3352  TDTCP - ok
09:45:56.0421 3352  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
09:45:56.0437 3352  TermDD - ok
09:45:56.0875 3352  [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService     C:\WINDOWS\System32\termsrv.dll
09:45:57.0015 3352  TermService - ok
09:45:57.0265 3352  [ 40602EBFBE06AA075C8E4560743F6883 ] Themes          C:\WINDOWS\System32\shsvcs.dll
09:45:57.0281 3352  Themes - ok
09:45:57.0390 3352  [ E4C85C291DDB3DC5E4A2F227CA465BA6 ] tifm21          C:\WINDOWS\system32\drivers\tifm21.sys
09:45:57.0640 3352  tifm21 - ok
09:45:57.0640 3352  TosIde - ok
09:45:57.0828 3352  [ 626504572B175867F30F3215C04B3E2F ] TrkWks          C:\WINDOWS\system32\trkwks.dll
09:45:57.0890 3352  TrkWks - ok
09:45:58.0078 3352  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
09:45:58.0171 3352  Udfs - ok
09:45:58.0203 3352  UIUSys - ok
09:45:58.0218 3352  ultra - ok
09:45:58.0453 3352  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
09:45:58.0671 3352  Update - ok
09:45:58.0718 3352  [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost        C:\WINDOWS\System32\upnphost.dll
09:45:58.0734 3352  upnphost - ok
09:45:58.0765 3352  [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS             C:\WINDOWS\System32\ups.exe
09:45:58.0796 3352  UPS - ok
09:45:58.0859 3352  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:45:58.0875 3352  usbehci - ok
09:45:58.0921 3352  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:45:58.0953 3352  usbhub - ok
09:45:58.0984 3352  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
09:45:59.0031 3352  usbscan - ok
09:45:59.0093 3352  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:45:59.0109 3352  USBSTOR - ok
09:45:59.0156 3352  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
09:45:59.0187 3352  usbuhci - ok
09:45:59.0218 3352  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
09:45:59.0250 3352  VgaSave - ok
09:45:59.0250 3352  ViaIde - ok
09:45:59.0328 3352  [ A5A712F4E880874A477AF790B5186E1D ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
09:45:59.0359 3352  VolSnap - ok
09:45:59.0546 3352  [ 68F106273BE29E7B7EF8266977268E78 ] VSS             C:\WINDOWS\System32\vssvc.exe
09:45:59.0703 3352  VSS - ok
09:46:00.0625 3352  [ 7D110D645030C05A06C3CD08D1E47D0A ] vToolbarUpdater13.2.0 C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
09:46:07.0390 3352  vToolbarUpdater13.2.0 - ok
09:46:09.0484 3352  [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time         C:\WINDOWS\system32\w32time.dll
09:46:09.0671 3352  W32Time - ok
09:46:09.0734 3352  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:46:09.0781 3352  Wanarp - ok
09:46:10.0125 3352  [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000        C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
09:46:10.0500 3352  Wdf01000 - ok
09:46:10.0515 3352  WDICA - ok
09:46:10.0750 3352  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
09:46:10.0750 3352  wdmaud - ok
09:46:10.0781 3352  [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient       C:\WINDOWS\System32\webclnt.dll
09:46:10.0781 3352  WebClient - ok
09:46:11.0187 3352  [ 307D248F97835B6879BDD361086924FE ] winachsf        C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
09:46:11.0546 3352  winachsf - ok
09:46:11.0875 3352  [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
09:46:14.0500 3352  winmgmt - ok
09:46:21.0843 3352  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
09:46:21.0875 3352  WmdmPmSN - ok
09:46:22.0593 3352  [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi         C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
09:46:22.0609 3352  WmiAcpi - ok
09:46:22.0671 3352  [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
09:46:25.0390 3352  WmiApSrv - ok
09:46:29.0140 3352  [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc   C:\Programme\Windows Media Player\WMPNetwk.exe
09:46:31.0703 3352  WMPNetworkSvc - ok
09:46:31.0750 3352  [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb          C:\WINDOWS\system32\Drivers\wpdusb.sys
09:46:31.0750 3352  WpdUsb - ok
09:46:31.0796 3352  [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
09:46:31.0828 3352  wscsvc - ok
09:46:31.0875 3352  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
09:46:31.0875 3352  WSTCODEC - ok
09:46:31.0953 3352  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
09:46:31.0968 3352  wuauserv - ok
09:46:32.0046 3352  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
09:46:32.0062 3352  WudfPf - ok
09:46:32.0156 3352  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
09:46:32.0187 3352  WudfRd - ok
09:46:32.0203 3352  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
09:46:32.0218 3352  WudfSvc - ok
09:46:32.0796 3352  [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
09:46:33.0218 3352  WZCSVC - ok
09:46:33.0453 3352  [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
09:46:33.0546 3352  xmlprov - ok
09:46:33.0562 3352  ================ Scan global ===============================
09:46:33.0703 3352  [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
09:46:33.0812 3352  [ E9B93B97B1A2965144361F4FD8BD2BEF ] C:\WINDOWS\system32\winsrv.dll
09:46:35.0218 3352  [ E9B93B97B1A2965144361F4FD8BD2BEF ] C:\WINDOWS\system32\winsrv.dll
09:46:36.0312 3352  [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
09:46:36.0312 3352  [Global] - ok
09:46:36.0312 3352  ================ Scan MBR ==================================
09:46:36.0359 3352  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
09:46:49.0671 3352  \Device\Harddisk0\DR0 - ok
09:46:49.0671 3352  ================ Scan VBR ==================================
09:46:49.0703 3352  [ F98956A5DE3C95D4C26C756CA1365B25 ] \Device\Harddisk0\DR0\Partition1
09:46:49.0765 3352  \Device\Harddisk0\DR0\Partition1 - ok
09:46:49.0765 3352  ============================================================
09:46:49.0765 3352  Scan finished
09:46:49.0765 3352  ============================================================
09:46:49.0781 1844  Detected object count: 1
09:46:49.0781 1844  Actual detected object count: 1
09:47:26.0218 1844  avgtp ( ForgedFile.Multi.Generic ) - skipped by user
09:47:26.0218 1844  avgtp ( ForgedFile.Multi.Generic ) - User select action: Skip 
09:47:31.0281 1928  ============================================================
09:47:31.0281 1928  Scan started
09:47:31.0281 1928  Mode: Manual; 
09:47:31.0281 1928  ============================================================
09:47:41.0328 1928  ================ Scan system memory ========================
09:47:41.0328 1928  System memory - ok
09:47:41.0328 1928  ================ Scan services =============================
09:48:07.0328 1928  Abiosdsk - ok
09:48:07.0328 1928  abp480n5 - ok
09:48:08.0671 1928  [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:48:08.0875 1928  ACPI - ok
09:48:19.0203 1928  [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC          C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
09:48:19.0281 1928  ACPIEC - ok
09:48:19.0281 1928  adpu160m - ok
09:48:21.0125 1928  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
09:48:21.0296 1928  aec - ok
09:48:21.0734 1928  [ 7E775010EF291DA96AD17CA4B17137D7 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
09:48:21.0875 1928  AFD - ok
09:48:21.0890 1928  Aha154x - ok
09:48:21.0890 1928  aic78u2 - ok
09:48:21.0890 1928  aic78xx - ok
09:48:21.0953 1928  [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
09:48:21.0984 1928  Alerter - ok
09:48:22.0234 1928  [ 190CD73D4984F94D823F9444980513E5 ] ALG             C:\WINDOWS\System32\alg.exe
09:48:22.0265 1928  ALG - ok
09:48:22.0281 1928  AliIde - ok
09:48:22.0281 1928  amsint - ok
09:48:22.0296 1928  AppMgmt - ok
09:48:22.0500 1928  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
09:48:22.0531 1928  Arp1394 - ok
09:48:22.0546 1928  asc - ok
09:48:22.0546 1928  asc3350p - ok
09:48:22.0562 1928  asc3550 - ok
09:48:22.0765 1928  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:48:22.0781 1928  AsyncMac - ok
09:48:22.0859 1928  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
09:48:22.0890 1928  atapi - ok
09:48:22.0906 1928  Atdisk - ok
09:48:22.0968 1928  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:48:22.0968 1928  Atmarpc - ok
09:48:22.0984 1928  [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
09:48:23.0031 1928  AudioSrv - ok
09:48:23.0281 1928  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
09:48:23.0296 1928  audstub - ok
09:48:39.0734 1928  [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent     C:\Programme\AVG\AVG2012\avgidsagent.exe
09:48:39.0781 1928  AVGIDSAgent - ok
09:48:39.0828 1928  [ 1074F787080068C71303B61FAE7E7CA4 ] AVGIDSDriver    C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
09:48:39.0875 1928  AVGIDSDriver - ok
09:48:40.0015 1928  [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] AVGIDSFilter    C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys
09:48:40.0046 1928  AVGIDSFilter - ok
09:48:40.0156 1928  [ D63D83659EEDF60B3A3E620281A888E5 ] AVGIDSHX        C:\WINDOWS\system32\DRIVERS\avgidshx.sys
09:48:40.0187 1928  AVGIDSHX - ok
09:48:40.0265 1928  [ BAF975B72062F53D327788E99D64197E ] AVGIDSShim      C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
09:48:40.0281 1928  AVGIDSShim - ok
09:48:40.0437 1928  [ DCB09125C8B4766A88C86914B65487C1 ] Avgldx86        C:\WINDOWS\system32\DRIVERS\avgldx86.sys
09:48:40.0562 1928  Avgldx86 - ok
09:48:40.0750 1928  [ CCDD61545AAEA265977E4B1EFDC74E8C ] Avgmfx86        C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
09:48:40.0765 1928  Avgmfx86 - ok
09:48:40.0828 1928  [ 1FD90B28D2C3100BF4500199C8AD6358 ] Avgrkx86        C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
09:48:40.0859 1928  Avgrkx86 - ok
09:48:41.0156 1928  [ C0BC3B2E3FD625E7F55E1FF863E94592 ] Avgtdix         C:\WINDOWS\system32\DRIVERS\avgtdix.sys
09:48:41.0187 1928  Avgtdix - ok
09:48:41.0250 1928  [ F809FCB3E7656E3B1CE0FF288689A853 ] avgtp           C:\WINDOWS\system32\drivers\avgtpx86.sys
09:48:41.0250 1928  Suspicious file (Forged): C:\WINDOWS\system32\drivers\avgtpx86.sys. Real md5: F809FCB3E7656E3B1CE0FF288689A853, Fake md5: 4A0F19D926392115FE29EDF9CBB48BDC
09:48:41.0250 1928  avgtp ( ForgedFile.Multi.Generic ) - warning
09:48:41.0250 1928  avgtp - detected ForgedFile.Multi.Generic (1)
09:48:41.0328 1928  [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd           C:\Programme\AVG\AVG2012\avgwdsvc.exe
09:48:41.0343 1928  avgwd - ok
09:48:41.0406 1928  [ F96038AA1EC4013A93D2420FC689D1E9 ] b57w2k          C:\WINDOWS\system32\DRIVERS\b57xp32.sys
09:48:41.0437 1928  b57w2k - ok
09:48:41.0968 1928  [ E9EA635B8432D68F0005B3F6CEBAB837 ] BCM43XX         C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
09:48:42.0609 1928  BCM43XX - ok
09:48:43.0390 1928  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
09:48:43.0390 1928  Beep - ok
09:48:43.0656 1928  [ D6F603772A789BB3228F310D650B8BD1 ] BITS            C:\WINDOWS\system32\qmgr.dll
09:48:43.0812 1928  BITS - ok
09:48:44.0593 1928  [ B42057F06BBB98B31876C0B3F2B54E33 ] Browser         C:\WINDOWS\System32\browser.dll
09:48:44.0609 1928  Browser - ok
09:48:46.0656 1928  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
09:48:46.0687 1928  cbidf2k - ok
09:48:48.0656 1928  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
09:48:48.0687 1928  CCDECODE - ok
09:48:48.0687 1928  cd20xrnt - ok
09:48:48.0765 1928  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
09:48:48.0781 1928  Cdaudio - ok
09:48:48.0890 1928  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
09:48:48.0906 1928  Cdfs - ok
09:48:49.0046 1928  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:48:49.0062 1928  Cdrom - ok
09:48:49.0078 1928  Changer - ok
09:48:50.0078 1928  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc           C:\WINDOWS\system32\cisvc.exe
09:48:50.0109 1928  CiSvc - ok
09:48:50.0343 1928  [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
09:48:50.0359 1928  ClipSrv - ok
09:48:59.0562 1928  [ 7FA87325900183197BC9710D1CE4C9FA ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:48:59.0625 1928  clr_optimization_v2.0.50727_32 - ok
09:48:59.0718 1928  [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
09:48:59.0734 1928  CmBatt - ok
09:48:59.0750 1928  CmdIde - ok
09:48:59.0781 1928  [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
09:48:59.0781 1928  Compbatt - ok
09:48:59.0781 1928  COMSysApp - ok
09:48:59.0796 1928  Cpqarray - ok
09:48:59.0859 1928  [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
09:48:59.0875 1928  CryptSvc - ok
09:48:59.0875 1928  dac2w2k - ok
09:48:59.0875 1928  dac960nt - ok
09:49:00.0359 1928  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
09:49:00.0687 1928  DcomLaunch - ok
09:49:00.0843 1928  [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
09:49:00.0890 1928  Dhcp - ok
09:49:01.0062 1928  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
09:49:01.0093 1928  Disk - ok
09:49:01.0140 1928  [ 060DB81DFB79C8244EB65D10B6C7873F ] DKbFltr         C:\WINDOWS\system32\DRIVERS\DKbFltr.sys
09:49:01.0171 1928  DKbFltr - ok
09:49:01.0187 1928  dmadmin - ok
09:49:01.0609 1928  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
09:49:02.0250 1928  dmboot - ok
09:49:02.0562 1928  [ 53720AB12B48719D00E327DA470A619A ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
09:49:02.0718 1928  dmio - ok
09:49:02.0906 1928  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
09:49:02.0921 1928  dmload - ok
09:49:03.0015 1928  [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver        C:\WINDOWS\System32\dmserver.dll
09:49:03.0031 1928  dmserver - ok
09:49:03.0578 1928  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
09:49:03.0609 1928  DMusic - ok
09:49:03.0703 1928  [ 8C9ED3B2834AAE63081AB2DA831C6FE9 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
09:49:03.0750 1928  Dnscache - ok
09:49:03.0921 1928  [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
09:49:03.0937 1928  Dot3svc - ok
09:49:03.0937 1928  dpti2o - ok
09:49:04.0031 1928  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
09:49:04.0046 1928  drmkaud - ok
09:49:04.0140 1928  [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost         C:\WINDOWS\System32\eapsvc.dll
09:49:04.0156 1928  EapHost - ok
09:49:04.0218 1928  [ 877C18558D70587AA7823A1A308AC96B ] ERSvc           C:\WINDOWS\System32\ersvc.dll
09:49:04.0218 1928  ERSvc - ok
09:49:04.0312 1928  [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog        C:\WINDOWS\system32\services.exe
09:49:04.0343 1928  Eventlog - ok
09:49:04.0406 1928  [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem     C:\WINDOWS\system32\es.dll
09:49:04.0421 1928  EventSystem - ok
09:49:04.0531 1928  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
09:49:04.0656 1928  Fastfat - ok
09:49:04.0781 1928  [ 40602EBFBE06AA075C8E4560743F6883 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
09:49:04.0796 1928  FastUserSwitchingCompatibility - ok
09:49:04.0828 1928  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
09:49:04.0828 1928  Fdc - ok
09:49:04.0843 1928  [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
09:49:04.0843 1928  Fips - ok
09:49:04.0875 1928  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
09:49:04.0875 1928  Flpydisk - ok
09:49:04.0921 1928  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
09:49:04.0921 1928  FltMgr - ok
09:49:05.0031 1928  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
09:49:05.0062 1928  FontCache3.0.0.0 - ok
09:49:05.0062 1928  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:49:05.0062 1928  Fs_Rec - ok
09:49:05.0109 1928  [ 8F1955CE42E1484714B542F341647778 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:49:05.0109 1928  Ftdisk - ok
09:49:05.0171 1928  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:49:05.0171 1928  Gpc - ok
09:49:05.0218 1928  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
09:49:05.0250 1928  HDAudBus - ok
09:49:05.0296 1928  [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
09:49:05.0296 1928  helpsvc - ok
09:49:05.0312 1928  HidServ - ok
09:49:05.0375 1928  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:49:05.0375 1928  HidUsb - ok
09:49:05.0406 1928  [ ED29F14101523A6E0E808107405D452C ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
09:49:05.0406 1928  hkmsvc - ok
09:49:05.0421 1928  hpn - ok
09:49:05.0531 1928  [ 6A5C4732D6803F84E2987EDD8E4359CE ] HSFHWAZL        C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
09:49:05.0562 1928  HSFHWAZL - ok
09:49:05.0640 1928  [ 21C31273C6CC4826E74BE8AE3B09D4A8 ] HSF_DPV         C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
09:49:06.0359 1928  HSF_DPV - ok
09:49:06.0421 1928  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
09:49:06.0453 1928  HTTP - ok
09:49:06.0484 1928  [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
09:49:06.0500 1928  HTTPFilter - ok
09:49:06.0500 1928  i2omgmt - ok
09:49:06.0515 1928  i2omp - ok
09:49:06.0578 1928  [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:49:06.0593 1928  i8042prt - ok
09:49:07.0375 1928  [ 28423512370705AEDA6A652FEDB25468 ] ialm            C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
09:49:08.0109 1928  ialm - ok
09:49:08.0156 1928  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
09:49:08.0156 1928  Imapi - ok
09:49:08.0250 1928  [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService    C:\WINDOWS\system32\imapi.exe
09:49:08.0390 1928  ImapiService - ok
09:49:08.0406 1928  ini910u - ok
09:49:08.0812 1928  [ B45A576AD280DD4F605F58B24CDAAFE1 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
09:49:10.0484 1928  IntcAzAudAddService - ok
09:49:10.0484 1928  IntelIde - ok
09:49:10.0546 1928  [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
09:49:10.0562 1928  intelppm - ok
09:49:10.0593 1928  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
09:49:10.0593 1928  Ip6Fw - ok
09:49:10.0671 1928  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:49:10.0671 1928  IpFilterDriver - ok
09:49:10.0671 1928  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:49:10.0687 1928  IpInIp - ok
09:49:10.0718 1928  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:49:10.0718 1928  IpNat - ok
09:49:10.0765 1928  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:49:10.0765 1928  IPSec - ok
09:49:10.0812 1928  [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda            C:\WINDOWS\system32\DRIVERS\irda.sys
09:49:10.0812 1928  irda - ok
09:49:10.0968 1928  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
09:49:10.0984 1928  IRENUM - ok
09:49:11.0000 1928  [ 2EFE1DB1EC58A26B0C14BFDA122E246F ] Irmon           C:\WINDOWS\System32\irmon.dll
09:49:11.0015 1928  Irmon - ok
09:49:11.0078 1928  [ 6DFB88F64135C525433E87648BDA30DE ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:49:11.0093 1928  isapnp - ok
09:49:11.0375 1928  [ 9AE07549A0D691A103FAF8946554BDB7 ] JavaQuickStarterService C:\Programme\Java\jre6\bin\jqs.exe
09:49:11.0375 1928  JavaQuickStarterService - ok
09:49:11.0453 1928  [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:49:11.0484 1928  Kbdclass - ok
09:49:11.0625 1928  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
09:49:11.0750 1928  kmixer - ok
09:49:11.0828 1928  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
09:49:11.0859 1928  KSecDD - ok
09:49:11.0906 1928  [ 2BBDCB79900990F0716DFCB714E72DE7 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
09:49:11.0921 1928  LanmanServer - ok
09:49:12.0000 1928  [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
09:49:12.0125 1928  lanmanworkstation - ok
09:49:12.0125 1928  lbrtfdc - ok
09:49:12.0171 1928  [ 636714B7D43C8D0C80449123FD266920 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
09:49:12.0187 1928  LmHosts - ok
09:49:12.0265 1928  [ 22A7776C5D8EB5930EDF9C8DD0884259 ] McComponentHostService C:\Programme\McAfee Security Scan\3.0.207\McCHSvc.exe
09:49:12.0281 1928  McComponentHostService - ok
09:49:12.0343 1928  [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
09:49:12.0390 1928  mdmxsdk - ok
09:49:12.0468 1928  [ B7550A7107281D170CE85524B1488C98 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
09:49:12.0500 1928  Messenger - ok
09:49:12.0546 1928  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
09:49:12.0546 1928  mnmdd - ok
09:49:13.0140 1928  [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
09:49:13.0156 1928  mnmsrvc - ok
09:49:13.0171 1928  [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
09:49:13.0171 1928  Modem - ok
09:49:13.0187 1928  [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:49:13.0187 1928  Mouclass - ok
09:49:13.0234 1928  [ 66A6F73C74E1791464160A7065CE711A ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
09:49:13.0234 1928  mouhid - ok
09:49:13.0265 1928  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
09:49:13.0265 1928  MountMgr - ok
09:49:13.0265 1928  mraid35x - ok
09:49:13.0281 1928  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:49:13.0281 1928  MRxDAV - ok
09:49:13.0359 1928  [ F3AEFB11ABC521122B67095044169E98 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:49:13.0375 1928  MRxSmb - ok
09:49:13.0437 1928  [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
09:49:13.0437 1928  MSDTC - ok
09:49:13.0468 1928  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
09:49:13.0468 1928  Msfs - ok
09:49:13.0468 1928  MSIServer - ok
09:49:13.0515 1928  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:49:13.0531 1928  MSKSSRV - ok
09:49:13.0578 1928  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:49:13.0593 1928  MSPCLOCK - ok
09:49:13.0593 1928  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
09:49:13.0609 1928  MSPQM - ok
09:49:13.0640 1928  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:49:13.0640 1928  mssmbios - ok
09:49:13.0718 1928  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
09:49:13.0718 1928  MSTEE - ok
09:49:13.0734 1928  [ 2F625D11385B1A94360BFC70AAEFDEE1 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
09:49:13.0734 1928  Mup - ok
09:49:13.0765 1928  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
09:49:13.0765 1928  NABTSFEC - ok
09:49:13.0812 1928  [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent        C:\WINDOWS\System32\qagentrt.dll
09:49:13.0828 1928  napagent - ok
09:49:14.0406 1928  [ 0D01287D85B3715FA8270E8EC919B7F7 ] NBService       C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe
09:49:14.0421 1928  NBService - ok
09:49:14.0453 1928  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
09:49:14.0453 1928  NDIS - ok
09:49:14.0468 1928  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
09:49:14.0468 1928  NdisIP - ok
09:49:14.0531 1928  [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:49:14.0546 1928  NdisTapi - ok
09:49:14.0593 1928  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:49:14.0609 1928  Ndisuio - ok
09:49:14.0656 1928  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:49:14.0703 1928  NdisWan - ok
09:49:19.0296 1928  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
09:49:19.0312 1928  NDProxy - ok
09:49:19.0328 1928  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
09:49:19.0343 1928  NetBIOS - ok
09:49:19.0359 1928  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
09:49:19.0375 1928  NetBT - ok
09:49:19.0453 1928  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE          C:\WINDOWS\system32\netdde.exe
09:49:19.0468 1928  NetDDE - ok
09:49:19.0468 1928  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
09:49:19.0468 1928  NetDDEdsdm - ok
09:49:19.0484 1928  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon        C:\WINDOWS\system32\lsass.exe
09:49:19.0484 1928  Netlogon - ok
09:49:19.0515 1928  [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman          C:\WINDOWS\System32\netman.dll
09:49:19.0609 1928  Netman - ok
09:49:19.0671 1928  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
09:49:19.0671 1928  NIC1394 - ok
09:49:19.0765 1928  [ ACD8BD448A74F344D46FCAF21BAB92AF ] Nla             C:\WINDOWS\System32\mswsock.dll
09:49:19.0937 1928  Nla - ok
09:49:21.0375 1928  [ C4EBBBD7165BE535F0BFD06B80601D91 ] NMIndexingService C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe
09:49:21.0406 1928  NMIndexingService - ok
09:49:22.0953 1928  [ C82F4CC10AD315B6D6BCB14D0A7CAD66 ] nmwcd           C:\WINDOWS\system32\drivers\ccdcmb.sys
09:49:22.0968 1928  nmwcd - ok
09:49:23.0015 1928  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
09:49:23.0015 1928  Npfs - ok
09:49:23.0062 1928  [ 2ADC0CA9945C65284B3D19BC18765974 ] NSCIRDA         C:\WINDOWS\system32\DRIVERS\nscirda.sys
09:49:23.0062 1928  NSCIRDA - ok
09:49:24.0484 1928  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
09:49:24.0750 1928  Ntfs - ok
09:49:24.0765 1928  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
09:49:24.0765 1928  NtLmSsp - ok
09:49:25.0125 1928  [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
09:49:25.0484 1928  NtmsSvc - ok
09:49:25.0687 1928  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
09:49:25.0703 1928  Null - ok
09:49:25.0750 1928  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:49:25.0781 1928  NwlnkFlt - ok
09:49:25.0796 1928  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:49:25.0796 1928  NwlnkFwd - ok
09:49:25.0828 1928  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
09:49:25.0843 1928  ohci1394 - ok
09:49:26.0015 1928  [ 3F24EAEB165328E00D687BF3B60A448A ] PAC207          C:\WINDOWS\system32\DRIVERS\pfc027.sys
09:49:26.0031 1928  PAC207 - ok
09:49:26.0062 1928  [ F84785660305B9B903FB3BCA8BA29837 ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
09:49:26.0078 1928  Parport - ok
09:49:26.0109 1928  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
09:49:26.0109 1928  PartMgr - ok
09:49:26.0171 1928  [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
09:49:26.0187 1928  ParVdm - ok
09:49:26.0281 1928  [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
09:49:26.0296 1928  PCI - ok
09:49:26.0296 1928  PCIDump - ok
09:49:26.0328 1928  [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
09:49:26.0328 1928  PCIIde - ok
09:49:26.0421 1928  [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia          C:\WINDOWS\system32\DRIVERS\pcmcia.sys
09:49:26.0578 1928  Pcmcia - ok
09:49:26.0578 1928  PDCOMP - ok
09:49:26.0578 1928  PDFRAME - ok
09:49:26.0593 1928  PDRELI - ok
09:49:26.0609 1928  PDRFRAME - ok
09:49:26.0609 1928  perc2 - ok
09:49:26.0625 1928  perc2hib - ok
09:49:26.0796 1928  [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay        C:\WINDOWS\system32\services.exe
09:49:26.0796 1928  PlugPlay - ok
09:49:26.0843 1928  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
09:49:26.0859 1928  PolicyAgent - ok
09:49:27.0046 1928  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:49:27.0046 1928  PptpMiniport - ok
09:49:27.0093 1928  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
09:49:27.0093 1928  ProtectedStorage - ok
09:49:27.0156 1928  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
09:49:27.0171 1928  PSched - ok
09:49:27.0187 1928  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:49:27.0187 1928  Ptilink - ok
09:49:27.0265 1928  [ 1962166E0CEB740704F30FA55AD3D509 ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
09:49:27.0281 1928  PxHelp20 - ok
09:49:27.0281 1928  ql1080 - ok
09:49:27.0281 1928  Ql10wnt - ok
09:49:27.0296 1928  ql12160 - ok
09:49:27.0296 1928  ql1240 - ok
09:49:27.0312 1928  ql1280 - ok
09:49:27.0390 1928  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:49:27.0390 1928  RasAcd - ok
09:49:27.0421 1928  [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
09:49:27.0437 1928  RasAuto - ok
09:49:27.0468 1928  [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda         C:\WINDOWS\system32\DRIVERS\rasirda.sys
09:49:27.0468 1928  Rasirda - ok
09:49:27.0484 1928  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:49:27.0484 1928  Rasl2tp - ok
09:49:27.0500 1928  [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan          C:\WINDOWS\System32\rasmans.dll
09:49:27.0515 1928  RasMan - ok
09:49:27.0531 1928  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:49:27.0531 1928  RasPppoe - ok
09:49:27.0531 1928  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
09:49:27.0531 1928  Raspti - ok
09:49:27.0640 1928  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:49:27.0656 1928  Rdbss - ok
09:49:27.0671 1928  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:49:27.0671 1928  RDPCDD - ok
09:49:27.0781 1928  [ 6728E45B66F93C08F11DE2E316FC70DD ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
09:49:27.0812 1928  RDPWD - ok
09:49:27.0875 1928  [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
09:49:27.0906 1928  RDSessMgr - ok
09:49:27.0937 1928  [ ED761D453856F795A7FE056E42C36365 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
09:49:27.0937 1928  redbook - ok
09:49:27.0984 1928  [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
09:49:27.0984 1928  RemoteAccess - ok
09:49:28.0234 1928  [ BD517C7FB119997EFFBE39D5E4B37B05 ] RichVideo       C:\Programme\CyberLink\Shared Files\RichVideo.exe
09:49:28.0234 1928  RichVideo - ok
09:49:28.0312 1928  [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator      C:\WINDOWS\system32\locator.exe
09:49:28.0328 1928  RpcLocator - ok
09:49:28.0375 1928  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs           C:\WINDOWS\system32\rpcss.dll
09:49:28.0375 1928  RpcSs - ok
09:49:28.0468 1928  [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP            C:\WINDOWS\system32\rsvp.exe
09:49:28.0500 1928  RSVP - ok
09:49:28.0515 1928  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs           C:\WINDOWS\system32\lsass.exe
09:49:28.0515 1928  SamSs - ok
09:49:28.0578 1928  [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
09:49:28.0593 1928  SCardSvr - ok
09:49:28.0734 1928  [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule        C:\WINDOWS\system32\schedsvc.dll
09:49:28.0812 1928  Schedule - ok
09:49:28.0843 1928  [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus           C:\WINDOWS\system32\DRIVERS\sdbus.sys
09:49:28.0843 1928  sdbus - ok
09:49:28.0984 1928  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:49:29.0000 1928  Secdrv - ok
09:49:29.0046 1928  [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon        C:\WINDOWS\System32\seclogon.dll
09:49:29.0046 1928  seclogon - ok
09:49:29.0062 1928  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS            C:\WINDOWS\system32\sens.dll
09:49:29.0078 1928  SENS - ok
09:49:29.0109 1928  [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
09:49:29.0109 1928  Serial - ok
09:49:29.0140 1928  [ 0FA803C64DF0914B41F807EA276BF2A6 ] sffdisk         C:\WINDOWS\system32\DRIVERS\sffdisk.sys
09:49:29.0140 1928  sffdisk - ok
09:49:29.0218 1928  [ C17C331E435ED8737525C86A7557B3AC ] sffp_sd         C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
09:49:29.0234 1928  sffp_sd - ok
09:49:29.0328 1928  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
09:49:29.0359 1928  Sfloppy - ok
09:49:30.0796 1928  [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
09:49:31.0015 1928  SharedAccess - ok
09:49:33.0390 1928  [ 40602EBFBE06AA075C8E4560743F6883 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
09:49:33.0390 1928  ShellHWDetection - ok
09:49:33.0406 1928  Simbad - ok
09:49:33.0734 1928  [ 68EA68D03BF58389FE6AD2B38FAD798C ] SkypeUpdate     C:\Programme\Skype\Updater\Updater.exe
09:49:33.0859 1928  SkypeUpdate - ok
09:49:34.0796 1928  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
09:49:34.0812 1928  SLIP - ok
09:49:34.0828 1928  Sparrow - ok
09:49:34.0875 1928  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
09:49:34.0906 1928  splitter - ok
09:49:35.0093 1928  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
09:49:35.0109 1928  Spooler - ok
09:49:35.0218 1928  [ 50FA898F8C032796D3B1B9951BB5A90F ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
09:49:35.0265 1928  sr - ok
09:49:35.0312 1928  [ FE77A85495065F3AD59C5C65B6C54182 ] srservice       C:\WINDOWS\system32\srsvc.dll
09:49:35.0312 1928  srservice - ok
09:49:35.0375 1928  [ 0F6AEFAD3641A657E18081F52D0C15AF ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
09:49:35.0390 1928  Srv - ok
09:49:35.0453 1928  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
09:49:35.0453 1928  SSDPSRV - ok
09:49:35.0500 1928  [ ED78DFAD8EFCDFBC89500492C4D14645 ] STI Simulator   C:\WINDOWS\System32\PAStiSvc.exe
09:49:35.0500 1928  STI Simulator - ok
09:49:35.0562 1928  [ BC2C5985611C5356B24AEB370953DED9 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
09:49:35.0578 1928  stisvc - ok
09:49:35.0593 1928  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
09:49:35.0593 1928  streamip - ok
09:49:35.0625 1928  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
09:49:35.0625 1928  swenum - ok
09:49:35.0640 1928  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
09:49:35.0640 1928  swmidi - ok
09:49:35.0640 1928  SwPrv - ok
09:49:35.0656 1928  symc810 - ok
09:49:35.0656 1928  symc8xx - ok
09:49:35.0671 1928  sym_hi - ok
09:49:35.0671 1928  sym_u3 - ok
09:49:35.0718 1928  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
09:49:35.0718 1928  sysaudio - ok
09:49:35.0734 1928  [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
09:49:35.0765 1928  SysmonLog - ok
09:49:35.0812 1928  [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
09:49:35.0828 1928  TapiSrv - ok
09:49:35.0890 1928  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:49:35.0906 1928  Tcpip - ok
09:49:35.0953 1928  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
09:49:35.0953 1928  TDPIPE - ok
09:49:35.0953 1928  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
09:49:35.0968 1928  TDTCP - ok
09:49:36.0015 1928  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
09:49:36.0015 1928  TermDD - ok
09:49:36.0078 1928  [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService     C:\WINDOWS\System32\termsrv.dll
09:49:36.0093 1928  TermService - ok
09:49:36.0140 1928  [ 40602EBFBE06AA075C8E4560743F6883 ] Themes          C:\WINDOWS\System32\shsvcs.dll
09:49:36.0140 1928  Themes - ok
09:49:36.0250 1928  [ E4C85C291DDB3DC5E4A2F227CA465BA6 ] tifm21          C:\WINDOWS\system32\drivers\tifm21.sys
09:49:36.0265 1928  tifm21 - ok
09:49:36.0265 1928  TosIde - ok
09:49:36.0328 1928  [ 626504572B175867F30F3215C04B3E2F ] TrkWks          C:\WINDOWS\system32\trkwks.dll
09:49:36.0343 1928  TrkWks - ok
09:49:36.0390 1928  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
09:49:36.0390 1928  Udfs - ok
09:49:36.0390 1928  UIUSys - ok
09:49:36.0406 1928  ultra - ok
09:49:36.0578 1928  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
09:49:36.0843 1928  Update - ok
09:49:36.0875 1928  [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost        C:\WINDOWS\System32\upnphost.dll
09:49:36.0890 1928  upnphost - ok
09:49:36.0921 1928  [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS             C:\WINDOWS\System32\ups.exe
09:49:36.0921 1928  UPS - ok
09:49:36.0968 1928  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:49:36.0968 1928  usbehci - ok
09:49:36.0984 1928  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:49:37.0000 1928  usbhub - ok
09:49:37.0046 1928  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
09:49:37.0046 1928  usbscan - ok
09:49:37.0093 1928  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:49:37.0093 1928  USBSTOR - ok
09:49:37.0125 1928  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
09:49:37.0125 1928  usbuhci - ok
09:49:37.0140 1928  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
09:49:37.0140 1928  VgaSave - ok
09:49:37.0140 1928  ViaIde - ok
09:49:37.0187 1928  [ A5A712F4E880874A477AF790B5186E1D ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
09:49:37.0187 1928  VolSnap - ok
09:49:37.0265 1928  [ 68F106273BE29E7B7EF8266977268E78 ] VSS             C:\WINDOWS\System32\vssvc.exe
09:49:37.0265 1928  VSS - ok
09:49:37.0406 1928  [ 7D110D645030C05A06C3CD08D1E47D0A ] vToolbarUpdater13.2.0 C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
09:49:37.0421 1928  vToolbarUpdater13.2.0 - ok
09:49:37.0500 1928  [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time         C:\WINDOWS\system32\w32time.dll
09:49:37.0500 1928  W32Time - ok
09:49:37.0546 1928  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:49:37.0578 1928  Wanarp - ok
09:49:37.0625 1928  [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000        C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
09:49:37.0640 1928  Wdf01000 - ok
09:49:37.0640 1928  WDICA - ok
09:49:37.0687 1928  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
09:49:37.0687 1928  wdmaud - ok
09:49:37.0734 1928  [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient       C:\WINDOWS\System32\webclnt.dll
09:49:37.0734 1928  WebClient - ok
09:49:37.0781 1928  [ 307D248F97835B6879BDD361086924FE ] winachsf        C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
09:49:37.0812 1928  winachsf - ok
09:49:37.0921 1928  [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
09:49:37.0921 1928  winmgmt - ok
09:49:37.0968 1928  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
09:49:37.0968 1928  WmdmPmSN - ok
09:49:38.0000 1928  [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi         C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
09:49:38.0031 1928  WmiAcpi - ok
09:49:38.0062 1928  [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
09:49:38.0078 1928  WmiApSrv - ok
09:49:38.0375 1928  [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc   C:\Programme\Windows Media Player\WMPNetwk.exe
09:49:38.0406 1928  WMPNetworkSvc - ok
09:49:38.0437 1928  [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb          C:\WINDOWS\system32\Drivers\wpdusb.sys
09:49:38.0453 1928  WpdUsb - ok
09:49:38.0515 1928  [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
09:49:38.0515 1928  wscsvc - ok
09:49:38.0546 1928  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
09:49:38.0546 1928  WSTCODEC - ok
09:49:38.0593 1928  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
09:49:38.0609 1928  wuauserv - ok
09:49:38.0640 1928  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
09:49:38.0640 1928  WudfPf - ok
09:49:38.0656 1928  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
09:49:38.0656 1928  WudfRd - ok
09:49:38.0687 1928  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
09:49:38.0687 1928  WudfSvc - ok
09:49:38.0734 1928  [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
09:49:38.0750 1928  WZCSVC - ok
09:49:38.0828 1928  [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
09:49:38.0828 1928  xmlprov - ok
09:49:38.0843 1928  ================ Scan global ===============================
09:49:38.0890 1928  [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
09:49:38.0953 1928  [ E9B93B97B1A2965144361F4FD8BD2BEF ] C:\WINDOWS\system32\winsrv.dll
09:49:38.0984 1928  [ E9B93B97B1A2965144361F4FD8BD2BEF ] C:\WINDOWS\system32\winsrv.dll
09:49:39.0000 1928  [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
09:49:39.0000 1928  [Global] - ok
09:49:39.0000 1928  ================ Scan MBR ==================================
09:49:39.0031 1928  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
09:49:39.0234 1928  \Device\Harddisk0\DR0 - ok
09:49:39.0234 1928  ================ Scan VBR ==================================
09:49:39.0250 1928  [ F98956A5DE3C95D4C26C756CA1365B25 ] \Device\Harddisk0\DR0\Partition1
09:49:39.0250 1928  \Device\Harddisk0\DR0\Partition1 - ok
09:49:39.0250 1928  ============================================================
09:49:39.0250 1928  Scan finished
09:49:39.0250 1928  ============================================================
09:49:39.0265 2312  Detected object count: 1
09:49:39.0265 2312  Actual detected object count: 1
09:50:07.0640 2312  avgtp ( ForgedFile.Multi.Generic ) - skipped by user
09:50:07.0640 2312  avgtp ( ForgedFile.Multi.Generic ) - User select action: Skip
         
Das TDSSKiller habe ich eingefügt.

Alt 29.11.2012, 06:06   #8
Psychotic
/// Malwareteam
 
Virus- Windows -XP - Standard

Virus- Windows -XP



Schritt 1: adwCleaner



Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Search.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.




Schritt 2: OTL



Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden)
  • Doppelklick auf die OTL.exe
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________
Kein Asylrecht für Trojaner!

Proud Member of UNITE

Hinweis: Ich bin nur werktags erreichbar!
Anfragen über PM werden ignoriert!

Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board!

Alt 29.11.2012, 17:46   #9
Kenny337
 
Virus- Windows -XP - Standard

Virus- Windows -XP



Code:
ATTFilter
# AdwCleaner v2.009 - Datei am 29/11/2012 um 18:41:13 erstellt
# Aktualisiert am 24/11/2012 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : WinXP - WINXP-6005ED2CF
# Bootmodus : Normal
# Ausgeführt unter : C:\Dokumente und Einstellungen\WinXP\Lokale Einstellungen\Temporary Internet Files\Content.IE5\8Z6URRE7\adwcleaner[2].exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gefunden : C:\Programme\Mozilla Firefox\.autoreg
Datei Gefunden : C:\Programme\Mozilla Firefox\searchplugins\avg-secure-search.xml
Datei Gefunden : C:\user.js
Ordner Gefunden : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG Secure Search
Ordner Gefunden : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\boost_interprocess
Ordner Gefunden : C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\DealPly
Ordner Gefunden : C:\Dokumente und Einstellungen\WinXP\Anwendungsdaten\AVG Secure Search
Ordner Gefunden : C:\Programme\AVG Secure Search
Ordner Gefunden : C:\Programme\BabylonToolbar
Ordner Gefunden : C:\Programme\DealPly
Ordner Gefunden : C:\Programme\Gemeinsame Dateien\AVG Secure Search

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\APN PIP
Schlüssel Gefunden : HKCU\Software\AVG Secure Search
Schlüssel Gefunden : HKCU\Software\BabylonToolbar
Schlüssel Gefunden : HKCU\Software\Cr_Installer
Schlüssel Gefunden : HKCU\Software\Crossrider
Schlüssel Gefunden : HKCU\Software\DataMngr
Schlüssel Gefunden : HKCU\Software\DealPly
Schlüssel Gefunden : HKCU\Software\facemoods.com
Schlüssel Gefunden : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Schlüssel Gefunden : HKCU\Software\Iminent
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011221158}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011221158}
Schlüssel Gefunden : HKCU\Software\PIP
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\TBSB01620
Schlüssel Gefunden : HKLM\Software\AVG Secure Search
Schlüssel Gefunden : HKLM\Software\Babylon
Schlüssel Gefunden : HKLM\Software\BabylonToolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\b
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.escrtSrvc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.escrtSrvc.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\facemoods.dskBnd
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\facemoods.dskBnd.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\facemoods.xtrnl
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\facemoods.xtrnl.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\facemoodsApp.appCore
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\facemoodsApp.appCore.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\S
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TBSB01620.IEToolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TBSB01620.IEToolbar.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TBSB01620.TBSB01620
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TBSB01620.TBSB01620.3
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.TBSB01620
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.TBSB01620.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{12A5F606-B1EC-474C-83ED-95E99FD8058E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Schlüssel Gefunden : HKLM\Software\DealPly
Schlüssel Gefunden : HKLM\Software\facemoods.com
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Schlüssel Gefunden : HKLM\Software\Iminent
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DealPly
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gefunden : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Schlüssel Gefunden : HKLM\Software\PIP
Schlüssel Gefunden : HKU\S-1-5-21-1390067357-2147052231-1417001333-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Schlüssel Gefunden : HKU\S-1-5-21-1390067357-2147052231-1417001333-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Wert Gefunden : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [Internet Browser] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Die Registrierungsdatenbank ist sauber.

*************************

AdwCleaner[R1].txt - [9927 octets] - [29/11/2012 18:41:13]

########## EOF - C:\AdwCleaner[R1].txt - [9987 octets] ##########
         
Code:
ATTFilter
OTL logfile created on: 29.11.2012 18:48:29 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\WinXP\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1014,36 Mb Total Physical Memory | 212,78 Mb Available Physical Memory | 20,98% Memory free
2,38 Gb Paging File | 1,55 Gb Available in Paging File | 65,02% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 111,78 Gb Total Space | 102,23 Gb Free Space | 91,46% Space Free | Partition Type: NTFS
 
Computer Name: WINXP-6005ED2CF | User Name: WinXP | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\WinXP\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Dokumente und Einstellungen\WinXP\Lokale Einstellungen\Temporary Internet Files\Content.IE5\76DKTFKO\adwcleaner[1].exe ()
PRC - C:\Dokumente und Einstellungen\WinXP\Lokale Einstellungen\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - C:\Programme\AVG Secure Search\vprot.exe ()
PRC - C:\Programme\Gemeinsame Dateien\AVG Secure Search\ScriptHelperInstaller\13.2.0\ScriptHelper.exe ()
PRC - C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe ()
PRC - C:\Programme\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\AVG\AVG2012\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\AVG\AVG2012\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\AVG\AVG2012\avgemcx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\AVG\AVG2012\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\McAfee Security Scan\3.0.207\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\WINDOWS\system32\PAStiSvc.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Dokumente und Einstellungen\WinXP\Lokale Einstellungen\Temporary Internet Files\Content.IE5\76DKTFKO\adwcleaner[1].exe ()
MOD - C:\Programme\AVG Secure Search\vprot.exe ()
MOD - C:\Programme\Gemeinsame Dateien\AVG Secure Search\ScriptHelperInstaller\13.2.0\ScriptHelper.exe ()
MOD - C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe ()
MOD - C:\Programme\Gemeinsame Dateien\AVG Secure Search\SiteSafetyInstaller\13.2.0\SiteSafety.dll ()
MOD - C:\Programme\Gemeinsame Dateien\AVG Secure Search\DNTInstaller\12.2.6\avgdttbx.dll ()
MOD - C:\Programme\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\WINDOWS\system32\PAStiSvc.exe ()
MOD - C:\Programme\Launch Manager\PowerUtl.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (vToolbarUpdater13.2.0) -- C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe ()
SRV - (AVGIDSAgent) -- C:\Programme\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (avgwd) -- C:\Programme\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (McComponentHostService) -- C:\Programme\McAfee Security Scan\3.0.207\McCHSvc.exe (McAfee, Inc.)
SRV - (NMIndexingService) -- C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe (Nero AG)
SRV - (STI Simulator) -- C:\WINDOWS\system32\PAStiSvc.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (WDICA) --  File not found
DRV - (UIUSys) -- system32\DRIVERS\UIUSYS.SYS File not found
DRV - (PDRFRAME) --  File not found
DRV - (PDRELI) --  File not found
DRV - (PDFRAME) --  File not found
DRV - (PDCOMP) --  File not found
DRV - (PCIDump) --  File not found
DRV - (lbrtfdc) --  File not found
DRV - (i2omgmt) --  File not found
DRV - (Changer) --  File not found
DRV - (avgtp) -- C:\WINDOWS\system32\drivers\avgtpx86.sys ()
DRV - (Avgtdix) -- C:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgldx86) -- C:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSHX) -- C:\WINDOWS\system32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgrkx86) -- C:\WINDOWS\system32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgmfx86) -- C:\WINDOWS\system32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSShim) -- C:\WINDOWS\system32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSFilter) -- C:\WINDOWS\system32\drivers\avgidsfilterx.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSDriver) -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o. )
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corp.)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation)
DRV - (tifm21) -- C:\WINDOWS\system32\drivers\tifm21.sys (Texas Instruments)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (PAC207) -- C:\WINDOWS\system32\drivers\pfc027.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 
IE - HKLM\..\SearchScopes,DefaultScope = {F069E2E6-CCD7-4721-AF63-69B09A4D8DE8}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{F069E2E6-CCD7-4721-AF63-69B09A4D8DE8}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 43 F0 7F DC C5 FA CC 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&AF=109867&babsrc=SP_ss&mntrId=28a779de000000000000001e4ca5ca2e
IE - HKCU\..\SearchScopes\{5CE9C47C-B96C-4315-8434-063F5BD76E60}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={F2D47C2E-E9CF-4542-BA7E-A2F93470EC9A}&mid=&lang=de&ds=AVG&pr=fr&d=2012-05-08 21:46:02&v=12.2.5.32&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{F069E2E6-CCD7-4721-AF63-69B09A4D8DE8}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SKPT_de
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "hxxp://search.babylon.com/?babsrc=HP_Prot"
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.11.0.9874
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.2.0
FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.2.1
FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
FF - prefs.js..extensions.enabledItems: {28387537-e3f9-4ed7-860c-11e69af4a8a0}:4.6.1.01
FF - prefs.js..extensions.enabledItems: {C9B68337-E93A-44EA-94DC-CB300EC06444}:4.51.0
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:12.0.0.2191
FF - prefs.js..extensions.enabledItems: avg@toolbar:12.2.5.32
FF - prefs.js..keyword.URL: "hxxp://dts.search-results.com/sr?src=ffb&appid=1083&systemid=1&sr=0&q="
FF - prefs.js..network.proxy.type: 0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Programme\Gemeinsame Dateien\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Programme\AVG\AVG2012\Firefox4\ [2012.09.11 14:25:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG Secure Search\12.2.5.32\ [2012.09.04 09:06:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.08.22 11:54:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.08.22 11:54:33 | 000,000,000 | ---D | M]
 
[2012.11.25 17:47:13 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\WinXP\Anwendungsdaten\Mozilla\Extensions
[2012.10.02 19:26:29 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\WinXP\Anwendungsdaten\Mozilla\Firefox\Profiles\ngzh5h7i.default\extensions
[2012.03.10 23:27:44 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Dokumente und Einstellungen\WinXP\Anwendungsdaten\Mozilla\Firefox\Profiles\ngzh5h7i.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
[2012.03.10 23:23:31 | 000,000,000 | ---D | M] (Babylon) -- C:\Dokumente und Einstellungen\WinXP\Anwendungsdaten\Mozilla\Firefox\Profiles\ngzh5h7i.default\extensions\ffxtlbr@babylon.com
[2011.02.27 15:44:01 | 000,000,000 | ---D | M] (Facemoods) -- C:\Dokumente und Einstellungen\WinXP\Anwendungsdaten\Mozilla\Firefox\Profiles\ngzh5h7i.default\extensions\ffxtlbr@Facemoods.com
[2012.10.02 19:26:37 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\WinXP\Anwendungsdaten\Mozilla\Firefox\Profiles\ngzh5h7i.default\extensions\staged
[2010.10.10 15:46:56 | 000,004,669 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\WinXP\Anwendungsdaten\Mozilla\Firefox\Profiles\ngzh5h7i.default\extensions\ffxtlbr@Facemoods.com\content\xpiInstallLgc.js
[2012.06.07 18:42:13 | 000,002,517 | ---- | M] () -- C:\Dokumente und Einstellungen\WinXP\Anwendungsdaten\Mozilla\Firefox\Profiles\ngzh5h7i.default\searchplugins\Search_Results.xml
[2012.11.25 17:47:13 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.04.17 19:05:37 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.02.27 15:48:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2012.09.04 09:06:28 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\DOKUMENTE UND EINSTELLUNGEN\ALL USERS\ANWENDUNGSDATEN\AVG SECURE SEARCH\12.2.5.32
File not found (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\WINXP\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\NGZH5H7I.DEFAULT\EXTENSIONS\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
[2012.09.11 14:25:08 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAMME\AVG\AVG2012\FIREFOX4
File not found (No name found) -- C:\PROGRAMME\IMESH APPLICATIONS\MEDIABAR\DATAMNGR\FIREFOXEXTENSION
[2011.02.27 15:48:36 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.02.27 15:48:36 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2012.04.07 15:53:18 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.11.10 09:32:00 | 000,003,499 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\avg-secure-search.xml
[2012.04.07 15:53:19 | 000,002,344 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.04.07 15:53:19 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.04.07 15:53:19 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.04.07 15:53:19 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://search.imesh.net
CHR - default_search_provider: Search Results ()
CHR - default_search_provider: search_url = hxxp://dts.search-results.com/sr?src=crb&appid=1083&systemid=1&sr=0&q={searchTerms}
CHR - default_search_provider: suggest_url = 
CHR - homepage: hxxp://search.imesh.net
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Programme\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Programme\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Programme\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Iminent (Enabled) = C:\Dokumente und Einstellungen\WinXP\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\4.43.0_0\npIminent.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Dokumente und Einstellungen\WinXP\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Dokumente und Einstellungen\WinXP\Lokale Einstellungen\Anwendungsdaten\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Dokumente und Einstellungen\WinXP\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Dokumente und Einstellungen\WinXP\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Dokumente und Einstellungen\WinXP\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: AVG Safe Search = C:\Dokumente und Einstellungen\WinXP\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\
CHR - Extension: AVG Safe Search = C:\Dokumente und Einstellungen\WinXP\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\
CHR - Extension: Skype Click to Call = C:\Dokumente und Einstellungen\WinXP\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\
CHR - Extension: AVG Do Not Track = C:\Dokumente und Einstellungen\WinXP\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
CHR - Extension: Google Mail = C:\Dokumente und Einstellungen\WinXP\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2004.08.04 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programme\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Programme\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [AzMixerSel] C:\Programme\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [ROC_ROC_JULY_P1] C:\Programme\AVG Secure Search\ROC_ROC_JULY_P1.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [vProt] C:\Programme\AVG Secure Search\vprot.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk = C:\Programme\McAfee Security Scan\3.0.207\SSScheduler.exe (McAfee, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1296671111013 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 193.189.244.194 193.189.244.202
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9B3BC3C8-4111-43DA-81EB-AF665E0AF886}: DhcpNameServer = 192.168.1.1 193.189.244.194 193.189.244.202
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programme\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Programme\Gemeinsame Dateien\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\WinXP\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\WinXP\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.02.02 18:09:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{306ccbc6-55c0-11e1-9846-001e4ca5ca2e}\Shell - "" = AutoRun
O33 - MountPoints2\{306ccbc6-55c0-11e1-9846-001e4ca5ca2e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{306ccbc6-55c0-11e1-9846-001e4ca5ca2e}\Shell\AutoRun\command - "" = E:\Install.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.11.29 18:46:55 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\WinXP\Desktop\OTL.exe
[2012.11.25 17:41:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2012.11.25 17:40:53 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.11.24 09:42:45 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Dokumente und Einstellungen\WinXP\Desktop\tdsskiller.exe
[2012.11.24 09:20:51 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Dokumente und Einstellungen\WinXP\Desktop\aswMBR.exe
[2012.11.21 04:14:01 | 000,000,000 | ---D | C] -- C:\_OTL
 
========== Files - Modified Within 30 Days ==========
 
[2012.11.29 18:47:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\WinXP\Desktop\OTL.exe
[2012.11.29 18:32:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.11.29 18:21:38 | 000,480,125 | ---- | M] () -- C:\Dokumente und Einstellungen\WinXP\Desktop\adwcleaner.exe
[2012.11.29 14:25:37 | 000,002,243 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk
[2012.11.29 13:36:36 | 101,618,651 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012.11.28 19:07:03 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.11.25 18:05:07 | 000,114,176 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.11.25 17:58:31 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.11.25 17:42:28 | 000,141,227 | ---- | M] () -- C:\logfile
[2012.11.25 17:41:18 | 000,316,594 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.11.25 17:41:18 | 000,311,604 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.11.25 17:41:18 | 000,048,156 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.11.25 17:41:18 | 000,039,992 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.11.25 15:19:13 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2012.11.24 09:43:06 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Dokumente und Einstellungen\WinXP\Desktop\tdsskiller.exe
[2012.11.24 09:39:25 | 000,000,512 | ---- | M] () -- C:\Dokumente und Einstellungen\WinXP\Desktop\MBR.dat
[2012.11.24 09:22:27 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Dokumente und Einstellungen\WinXP\Desktop\aswMBR.exe
[2012.11.24 08:54:36 | 000,000,047 | ---- | M] () -- C:\Dokumente und Einstellungen\WinXP\Anwendungsdaten\msconfig.ini
[2012.11.20 22:33:39 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.11.10 09:31:51 | 000,026,984 | ---- | M] () -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[2012.11.05 07:50:27 | 000,148,480 | R--- | M] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\ESBK.mbb
[2012.11.05 07:50:25 | 000,102,400 | R--- | M] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\ESBK.mb
 
========== Files Created - No Company Name ==========
 
[2012.11.29 18:21:30 | 000,480,125 | ---- | C] () -- C:\Dokumente und Einstellungen\WinXP\Desktop\adwcleaner.exe
[2012.11.24 09:39:25 | 000,000,512 | ---- | C] () -- C:\Dokumente und Einstellungen\WinXP\Desktop\MBR.dat
[2012.11.19 15:17:23 | 000,000,047 | ---- | C] () -- C:\Dokumente und Einstellungen\WinXP\Anwendungsdaten\msconfig.ini
[2012.09.04 09:06:15 | 000,026,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[2012.08.22 12:46:45 | 000,001,755 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache
[2012.04.29 19:31:20 | 000,004,608 | ---- | C] () -- C:\Dokumente und Einstellungen\WinXP\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.04.17 19:08:57 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\PAStiSvc.exe
[2012.04.17 19:08:44 | 000,010,240 | R--- | C] () -- C:\WINDOWS\System32\PA207Usd.dll
[2012.04.17 19:08:43 | 000,162,176 | R--- | C] () -- C:\WINDOWS\System32\drivers\pfc027.sys
[2011.10.20 15:21:24 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.07.01 15:31:08 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011.02.03 10:55:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011.02.03 10:19:34 | 000,204,800 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4820.dll
[2011.02.03 10:19:33 | 000,910,464 | R--- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2011.02.02 19:16:57 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011.02.02 18:11:56 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.02.02 18:06:49 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011.02.02 18:00:07 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.02.02 17:58:49 | 000,114,176 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2010.11.05 06:04:20 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 06:52:34 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
         
Code:
ATTFilter
OTL Extras logfile created on: 29.11.2012 18:48:29 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\WinXP\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1014,36 Mb Total Physical Memory | 212,78 Mb Available Physical Memory | 20,98% Memory free
2,38 Gb Paging File | 1,55 Gb Available in Paging File | 65,02% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 111,78 Gb Total Space | 102,23 Gb Free Space | 91,46% Space Free | Partition Type: NTFS
 
Computer Name: WINXP-6005ED2CF | User Name: WinXP | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\iMesh Applications\iMesh\iMesh.exe" = C:\Programme\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\AVG\AVG10\avgmfapx.exe" = C:\Programme\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG-Installationsprogramm
"C:\Programme\Java\jre6\bin\java.exe" = C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\Limewire Plus+\limewire.exe" = C:\Programme\Limewire Plus+\limewire.exe:*:Disabled:LimeWire p2p for windows
"C:\Programme\Messenger\msmsgs.exe" = C:\Programme\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Programme\AVG\AVG2012\avgmfapx.exe" = C:\Programme\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG-Installationsprogramm -- (AVG Technologies CZ, s.r.o.)
"C:\Programme\iMesh Applications\iMesh\iMesh.exe" = C:\Programme\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh
"C:\Programme\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe" = C:\Programme\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater
"C:\Programme\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Programme\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare
"C:\Programme\AVG\AVG2012\avgnsx.exe" = C:\Programme\AVG\AVG2012\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Programme\AVG\AVG2012\avgdiagex.exe" = C:\Programme\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnose 2012 -- (AVG Technologies CZ, s.r.o.)
"C:\Programme\AVG\AVG2012\avgemcx.exe" = C:\Programme\AVG\AVG2012\avgemcx.exe:*:Enabled:Personal E-Mail-Scanner -- (AVG Technologies CZ, s.r.o.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1DFFB787-735E-371B-9C43-1321C10B4335}" = Microsoft .NET Framework 2.0 Client Service Pack 2 - Language Pack (DEU)
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{54C085D1-53E9-3768-B1B9-6018671D4882}" = Microsoft .NET Framework 3.0 Client Profile - Language Pack (DEU)
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{AAB93551-3FFE-42B2-8315-96252BBC1031}" = Nero 7 Essentials
"{ABEC4C47-2E98-49BF-AF8E-06316B6B2BB9}" = AVG 2012
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X - Deutsch
"{B69C390B-826F-473C-86EB-7AD4950818C3}" = AVG 2012
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{DB780B85-B4B5-4864-A49C-9B706B169C93}" = TIPCI
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}" = QuickTime
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7172E9B-1145-3768-94E6-8477A73E860F}" = Microsoft .NET Framework 3.5 Client Profile - Language Pack (DEU)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AVG" = AVG 2012
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"DealPly" = DealPly
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"ie8" = Windows Internet Explorer 8
"InstallShield_{DB780B85-B4B5-4864-A49C-9B706B169C93}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"LManager" = Launch Manager
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft.Net.Client.3.5.LangPack.deu" = Microsoft .NET Framework Client Profile Language Pack - DEU
"Mozilla Firefox (3.6.28)" = Mozilla Firefox (3.6.28)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"VLC media player" = VLC media player 1.1.7
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 15.11.2012 14:33:51 | Computer Name = WINXP-6005ED2CF | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 15.11.2012 14:38:37 | Computer Name = WINXP-6005ED2CF | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 16.11.2012 08:20:17 | Computer Name = WINXP-6005ED2CF | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 25.11.2012 12:43:09 | Computer Name = WINXP-6005ED2CF | Source = MsiInstaller | ID = 11905
Description = Produkt: ESScore -- Fehler 1905. Fehler beim Entfernen von Modul C:\Programme\Kodak\Kodak
 EasyShare software\bin\vdt.dll aus der Registrierung. HRESULT . Bitte wenden Sie
 sich an Ihren Support.
 
Error - 25.11.2012 12:43:26 | Computer Name = WINXP-6005ED2CF | Source = MsiInstaller | ID = 11905
Description = Product: ESSgui -- Error 1905.Module C:\Programme\Kodak\Kodak EasyShare
 software\bin\ESCom.dll failed to unregister.  HRESULT .  Contact your support personnel.
 
Error - 25.11.2012 12:46:26 | Computer Name = WINXP-6005ED2CF | Source = MsiInstaller | ID = 11905
Description = Product: PCDADDIN -- Error 1905.Module C:\Programme\Kodak\Kodak EasyShare
 software\AddIn\VPCD.dll failed to unregister.  HRESULT .  Contact your support 
personnel.
 
Error - 25.11.2012 12:46:26 | Computer Name = WINXP-6005ED2CF | Source = MsiInstaller | ID = 11905
Description = Product: PCDADDIN -- Error 1905.Module C:\Programme\Kodak\Kodak EasyShare
 software\AddIn\Atlbutn.dll failed to unregister.  HRESULT .  Contact your support
 personnel.
 
Error - 25.11.2012 12:46:26 | Computer Name = WINXP-6005ED2CF | Source = MsiInstaller | ID = 11905
Description = Product: PCDADDIN -- Error 1905.Module C:\Programme\Kodak\Kodak EasyShare
 software\AddIn\VistaPCD.cyx failed to unregister.  HRESULT .  Contact your support
 personnel.
 
Error - 26.11.2012 03:29:58 | Computer Name = WINXP-6005ED2CF | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 26.11.2012 09:24:44 | Computer Name = WINXP-6005ED2CF | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
[ System Events ]
Error - 29.11.2012 13:33:27 | Computer Name = WINXP-6005ED2CF | Source = SideBySide | ID = 16842811
Description = Generate Activation Context ist für C:\Programme\AVG\AVG2012\avgse.dll
 fehlgeschlagen.  Referenzfehlermeldung: Der Vorgang wurde erfolgreich beendet.  .
 
Error - 29.11.2012 13:33:58 | Computer Name = WINXP-6005ED2CF | Source = SideBySide | ID = 16842784
Description = Abhängige Assemblierung "Microsoft.VC90.MFC" konnte nicht gefunden
 werden. "Last Error": Die referenzierte Assemblierung ist nicht auf dem Computer
 installiert.  
 
Error - 29.11.2012 13:33:58 | Computer Name = WINXP-6005ED2CF | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly ist für Microsoft.VC90.MFC fehlgeschlagen.
Referenzfehlermeldung:
 Die referenzierte Assemblierung ist nicht auf dem Computer installiert.  .
 
Error - 29.11.2012 13:33:58 | Computer Name = WINXP-6005ED2CF | Source = SideBySide | ID = 16842811
Description = Generate Activation Context ist für C:\Programme\AVG\AVG2012\avgse.dll
 fehlgeschlagen.  Referenzfehlermeldung: Der Vorgang wurde erfolgreich beendet.  .
 
Error - 29.11.2012 13:34:07 | Computer Name = WINXP-6005ED2CF | Source = SideBySide | ID = 16842784
Description = Abhängige Assemblierung "Microsoft.VC90.MFC" konnte nicht gefunden
 werden. "Last Error": Die referenzierte Assemblierung ist nicht auf dem Computer
 installiert.  
 
Error - 29.11.2012 13:34:07 | Computer Name = WINXP-6005ED2CF | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly ist für Microsoft.VC90.MFC fehlgeschlagen.
Referenzfehlermeldung:
 Die referenzierte Assemblierung ist nicht auf dem Computer installiert.  .
 
Error - 29.11.2012 13:34:07 | Computer Name = WINXP-6005ED2CF | Source = SideBySide | ID = 16842811
Description = Generate Activation Context ist für C:\Programme\AVG\AVG2012\avgse.dll
 fehlgeschlagen.  Referenzfehlermeldung: Der Vorgang wurde erfolgreich beendet.  .
 
Error - 29.11.2012 13:35:17 | Computer Name = WINXP-6005ED2CF | Source = SideBySide | ID = 16842784
Description = Abhängige Assemblierung "Microsoft.VC90.MFC" konnte nicht gefunden
 werden. "Last Error": Die referenzierte Assemblierung ist nicht auf dem Computer
 installiert.  
 
Error - 29.11.2012 13:35:17 | Computer Name = WINXP-6005ED2CF | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly ist für Microsoft.VC90.MFC fehlgeschlagen.
Referenzfehlermeldung:
 Die referenzierte Assemblierung ist nicht auf dem Computer installiert.  .
 
Error - 29.11.2012 13:35:17 | Computer Name = WINXP-6005ED2CF | Source = SideBySide | ID = 16842811
Description = Generate Activation Context ist für C:\Programme\AVG\AVG2012\avgse.dll
 fehlgeschlagen.  Referenzfehlermeldung: Der Vorgang wurde erfolgreich beendet.  .
 
 
< End of report >
         

Alt 30.11.2012, 06:37   #10
Psychotic
/// Malwareteam
 
Virus- Windows -XP - Standard

Virus- Windows -XP



Hm, da hab ich leider den falschen Baustein genommen. Tut mir leid...


Schritt 1: adwCleaner



Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.




Schritt 2: Neues OTL-Log


  • Doppelklick auf die OTL.exe
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________
Kein Asylrecht für Trojaner!

Proud Member of UNITE

Hinweis: Ich bin nur werktags erreichbar!
Anfragen über PM werden ignoriert!

Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board!

Alt 03.12.2012, 07:35   #11
Psychotic
/// Malwareteam
 
Virus- Windows -XP - Standard

Virus- Windows -XP



Hallo, benötigst Du noch weiterhin Hilfe ? Sollte ich innerhalb der nächsten 24 Stunden keine Antwort von dir erhalten, werde ich dein Thema aus meinen Abos nehmen und bekomme dadurch keine Nachricht über neue Antworten. Das Verschwinden der Symptome bedeutet nicht, dass dein System schon sauber ist
__________________
Kein Asylrecht für Trojaner!

Proud Member of UNITE

Hinweis: Ich bin nur werktags erreichbar!
Anfragen über PM werden ignoriert!

Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board!

Alt 03.12.2012, 10:13   #12
Kenny337
 
Virus- Windows -XP - Standard

Virus- Windows -XP



Hallo, ich kann das Programm nicht ausführen. Löschen startet, jedoch erhalte ich die Sanduhr und nichts weiter passiert.

Alt 03.12.2012, 11:20   #13
Psychotic
/// Malwareteam
 
Virus- Windows -XP - Standard

Virus- Windows -XP



Starte den PC im abgesicherten Modus und versuche es erneut!


Abgesicherter Modus zur Bereinigung
  • Windows mit F8-Taste beim Start in den abgesicherten Modus bringen.
  • Starte den Rechner in den abgesicherten Modus mit Netzwerktreibern:

__________________
Kein Asylrecht für Trojaner!

Proud Member of UNITE

Hinweis: Ich bin nur werktags erreichbar!
Anfragen über PM werden ignoriert!

Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board!

Alt 19.12.2012, 07:17   #14
Psychotic
/// Malwareteam
 
Virus- Windows -XP - Standard

Virus- Windows -XP



Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomm ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen
__________________
Kein Asylrecht für Trojaner!

Proud Member of UNITE

Hinweis: Ich bin nur werktags erreichbar!
Anfragen über PM werden ignoriert!

Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board!

Antwort

Themen zu Virus- Windows -XP
anhang, bildschirm, datei, dateien, erstell, hoffe, hänge, laptop, modus, otl.txt, otlpe, reatogo-x-pe, scan, starte, virus, windows



Ähnliche Themen: Virus- Windows -XP


  1. Windows XP: BKA Virus
    Plagegeister aller Art und deren Bekämpfung - 07.02.2015 (13)
  2. Zombie News Virus / Windows Version Installer - Windows 7
    Log-Analyse und Auswertung - 21.12.2014 (1)
  3. Alter laptop Windows vista sp2 32bit: (vermutlich)virus blockt Windows services und einige Internet verbindungen
    Log-Analyse und Auswertung - 04.11.2014 (3)
  4. Windows 7: Avira meldet Boo/ cidox.b virus und Windows ist nicht mehr aktiviert
    Log-Analyse und Auswertung - 20.10.2014 (15)
  5. Windows 8, Windows PC-Repair Virus und wohl noch andere
    Log-Analyse und Auswertung - 07.05.2014 (27)
  6. Windows 7 Meldung Win32/Small-CA Virus entfernen, AntiVir findet nichts, Windows Update und Defender funktionieren nicht mehr
    Log-Analyse und Auswertung - 20.11.2013 (15)
  7. Windows 7: Pup Virus
    Log-Analyse und Auswertung - 17.08.2013 (13)
  8. GUV Virus Windows XP
    Plagegeister aller Art und deren Bekämpfung - 22.01.2013 (3)
  9. Windows XP Home und Windows Update Virus
    Plagegeister aller Art und deren Bekämpfung - 26.09.2012 (5)
  10. GVU 2.07 Virus, Windows 7 - 64 Bit
    Log-Analyse und Auswertung - 22.07.2012 (1)
  11. GVU Virus 2.07 auf Windows 7 - 64 Bit
    Log-Analyse und Auswertung - 21.07.2012 (8)
  12. Windows 7 (64bit) Virus/Trojaner (evtl. Windows Verschlüsselungs Trojaner)
    Plagegeister aller Art und deren Bekämpfung - 07.05.2012 (19)
  13. Windows System blockiert - Virus Windows Vista
    Log-Analyse und Auswertung - 17.02.2012 (13)
  14. Windows gesperrt - Virus Windows Vista
    Log-Analyse und Auswertung - 15.02.2012 (37)
  15. C:\WINDOWS\system32\IE.exe möglicherweise unbekannter Virus NewHeur_PE Virus
    Plagegeister aller Art und deren Bekämpfung - 10.12.2010 (19)
  16. Windows Update und Windows Gadgets durch Virus blockiert
    Plagegeister aller Art und deren Bekämpfung - 01.10.2010 (19)
  17. Windows Update und Windows Gadgets durch Virus blockiert
    Mülltonne - 16.09.2010 (2)

Zum Thema Virus- Windows -XP - Hallo, hab mir einen Virus eingefangen. Der Bildschirm bleibt weiß. Ich kann das Laptop nicht im abgesichtern Modus starten. Besitze ein Laptop mit Windows XP-System. Hab das Laptop mit der - Virus- Windows -XP...
Archiv
Du betrachtest: Virus- Windows -XP auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.