| |
| |||||||
Log-Analyse und Auswertung: Computer ist plötzlich extrem langsamWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
24.02.2013, 17:42
| #1 |
 |  Computer ist plötzlich extrem langsam Liebes Trojanerboard, seit kurzem ist mein Computer extrem langsam geworden. Vor allem das Hochfahren dauert ewig. Ich habe versucht, einige Programme zu löschen und bei anderen Updates zu machen, aber bei einigen funktioniert das nicht. Ich wollte die Schritte 1-3 absolvieren, aber bei dem "gmer"-Scan startet der Computer sofort von alleine neu. Daher nur die anderen beiden Logfiles. Für Hilfe wäre ich sehr dankbar. MfG Tina67OTL Logfile: Code:
ATTFilter OTL logfile created on: 24.02.2013 16:12:24 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Tina\Eigene Dateien\Downloads Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 895,48 Mb Total Physical Memory | 277,19 Mb Available Physical Memory | 30,95% Memory free 2,12 Gb Paging File | 1,58 Gb Available in Paging File | 74,81% Paging File free Paging file location(s): C:\pagefile.sys 1344 2688 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 62,82 Gb Total Space | 28,60 Gb Free Space | 45,52% Space Free | Partition Type: NTFS Drive D: | 11,73 Gb Total Space | 4,88 Gb Free Space | 41,62% Space Free | Partition Type: FAT32 Computer Name: ***| User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.02.24 14:57:46 | 000,170,912 | ---- | M] (Oracle Corporation) -- C:\Programme\Java\jre7\bin\jqs.exe PRC - [2013.02.24 13:18:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Tina\Eigene Dateien\Downloads\OTL.exe PRC - [2013.01.26 03:35:08 | 001,248,208 | ---- | M] (Google Inc.) -- C:\Programme\Google\Chrome\Application\chrome.exe PRC - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012.12.14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012.11.29 20:33:04 | 000,232,608 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\RealNetworks\RealDownloader\recordingmanager.exe PRC - [2012.11.29 20:31:04 | 000,038,608 | ---- | M] () -- C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe PRC - [2012.10.30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe PRC - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe PRC - [2012.09.24 13:46:16 | 001,328,736 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\psia.exe PRC - [2012.09.24 13:46:14 | 000,573,536 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\psi_tray.exe PRC - [2012.04.04 06:05:16 | 003,521,424 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\Kies\KiesTrayAgent.exe PRC - [2010.05.28 07:25:04 | 000,233,472 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe PRC - [2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007.09.06 12:28:18 | 000,110,592 | ---- | M] (Apple, Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe PRC - [2006.01.20 10:20:00 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe PRC - [2005.04.30 15:40:00 | 000,245,760 | ---- | M] (Winbond) -- C:\WINDOWS\system32\wbsecsvc.exe PRC - [2005.01.10 08:35:16 | 000,073,728 | ---- | M] (Computer Associates International) -- C:\Programme\PestPatrol\CookiePatrol.exe PRC - [2004.04.02 14:11:54 | 000,148,480 | ---- | M] () -- C:\Programme\PestPatrol\PPMemCheck.exe PRC - [2003.06.19 22:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE ========== Modules (No Company Name) ========== MOD - [2013.02.24 10:19:21 | 002,063,360 | ---- | M] () -- C:\Programme\AVAST Software\Avast\defs\13022400\algo.dll MOD - [2013.01.26 03:35:06 | 000,460,240 | ---- | M] () -- C:\Programme\Google\Chrome\Application\24.0.1312.57\ppgooglenaclpluginchrome.dll MOD - [2013.01.26 03:35:04 | 004,012,496 | ---- | M] () -- C:\Programme\Google\Chrome\Application\24.0.1312.57\pdf.dll MOD - [2013.01.26 03:34:16 | 001,552,848 | ---- | M] () -- C:\Programme\Google\Chrome\Application\24.0.1312.57\ffmpegsumo.dll MOD - [2012.11.29 20:31:04 | 000,038,608 | ---- | M] () -- C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe MOD - [2009.02.27 15:41:26 | 000,311,296 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\pdfshell.DEU MOD - [2007.08.13 10:39:15 | 000,022,723 | R--- | M] () -- C:\WINDOWS\system32\cl31cl3.dll MOD - [2004.04.02 14:11:54 | 000,148,480 | ---- | M] () -- C:\Programme\PestPatrol\PPMemCheck.exe MOD - [2003.01.26 11:07:42 | 000,061,440 | ---- | M] () -- C:\Programme\PestPatrol\PPServer.dll MOD - [2003.01.26 11:07:40 | 000,212,992 | ---- | M] () -- C:\Programme\PestPatrol\PPEngine.dll ========== Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - [2013.02.24 14:57:46 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2013.02.15 19:32:36 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012.11.29 20:31:04 | 000,038,608 | ---- | M] () [Auto | Running] -- C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service) SRV - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2012.09.24 13:46:16 | 001,328,736 | ---- | M] (Secunia) [Auto | Running] -- C:\Programme\Secunia\PSI\psia.exe -- (Secunia PSI Agent) SRV - [2012.09.24 13:46:16 | 000,656,480 | ---- | M] (Secunia) [Auto | Stopped] -- C:\Programme\Secunia\PSI\sua.exe -- (Secunia Update Agent) SRV - [2010.05.28 07:25:04 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService) SRV - [2007.09.06 12:28:18 | 000,110,592 | ---- | M] (Apple, Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2006.01.20 10:20:00 | 000,073,728 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe -- (LightScribeService) SRV - [2005.04.30 15:40:00 | 000,245,760 | ---- | M] (Winbond) [Auto | Running] -- C:\WINDOWS\System32\wbsecsvc.exe -- (wbsecsvc) SRV - [2005.04.04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2003.07.28 11:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2003.06.19 22:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wanatw4.sys -- (wanatw) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ULILAN51.SYS -- (ULI5261XP) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\activmouse.sys -- (prmvmouse) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ALCXWDM.SYS -- (ALCXWDM) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\activhidsermini.sys -- (ActivHidSerMini) DRV - [2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2012.10.30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2012.10.30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2012.10.30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2012.10.30 23:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr) DRV - [2012.10.30 23:51:57 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2012.10.30 23:51:56 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2012.10.30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2012.01.31 17:15:42 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv) DRV - [2011.12.16 15:19:54 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI) DRV - [2010.12.21 06:55:02 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscemdm.sys -- (sscemdm) DRV - [2010.12.21 06:55:02 | 000,100,352 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssceserd.sys -- (ssceserd) DRV - [2010.12.21 06:55:02 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscebus.sys -- (sscebus) DRV - [2010.12.21 06:55:02 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscemdfl.sys -- (sscemdfl) DRV - [2010.10.25 10:03:52 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2005.11.01 13:48:12 | 001,392,128 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2005.07.26 18:00:22 | 000,140,064 | ---- | M] (Winbond Electronics Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\W33ND.SYS -- (W33ND) DRV - [2005.06.14 14:20:28 | 000,017,792 | ---- | M] (Winbond) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\wbsecdrv.sys -- (wbsecdrv) DRV - [2004.07.22 05:50:16 | 001,268,234 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKCU\..\SearchScopes,DefaultScope = {E9DB9E7B-A275-41D1-8158-D0423FBEBDEB} IE - HKCU\..\SearchScopes\{A102A43A-D8FF-4860-AD78-10160F3E1A8B}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DVXE_de IE - HKCU\..\SearchScopes\{D0B3C627-5F01-457E-9F82-0D8CF7B66F8E}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms} IE - HKCU\..\SearchScopes\{E9DB9E7B-A275-41D1-8158-D0423FBEBDEB}: "URL" = hxxp://www.google.com/cse?cx=partner-pub-3540673482024757:xbhdw8hkfz5&cof=&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.yahoo.de" FF - prefs.js..extensions.enabledAddons: %7B635abd67-4fe9-1b23-4f01-e679fa7484c1%7D:2.5.1.20121012015120 FF - prefs.js..extensions.enabledAddons: jqs%40sun.com:1.0 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2 FF - prefs.js..extensions.enabledItems: de-DE@dictionaries.addons.mozilla.org:2.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_168.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: c:\programme\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: c:\programme\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll () FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Programme\AVAST Software\Avast\WebRep\FF [2013.02.13 22:53:04 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013.02.14 15:22:56 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013.02.14 15:22:56 | 000,000,000 | ---D | M] [2010.01.17 12:44:33 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions [2012.10.28 14:48:37 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\vquo6ri0.default\extensions [2012.10.19 13:48:52 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\vquo6ri0.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2012.10.19 13:48:44 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\vquo6ri0.default\extensions\de-DE@dictionaries.addons.mozilla.org [2012.08.11 09:23:05 | 000,020,591 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\vquo6ri0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2013.02.14 07:27:15 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2013.02.08 17:34:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013.02.14 12:10:00 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF ========== Chrome ========== CHR - homepage: hxxp://www.google.com CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter} CHR - homepage: hxxp://www.google.com CHR - Extension: avast! WebRep = C:\Dokumente und Einstellungen\Tina\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\ CHR - Extension: RealDownloader = C:\Dokumente und Einstellungen\Tina\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_0\ O1 HOSTS File: ([2004.08.10 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O4 - HKLM..\Run: [avast] C:\Programme\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [CookiePatrol] C:\Programme\PestPatrol\CookiePatrol.exe (Computer Associates International) O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found O4 - HKLM..\Run: [KiesTrayAgent] C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [Microsoft Works Update Detection] C:\Programme\Microsoft Works\WkDetect.exe (Microsoft® Corporation) O4 - HKLM..\Run: [PestPatrol Control Center] C-\Programme\PestPatrol\PPControl.exe File not found O4 - HKLM..\Run: [PestPatrolRegistration] C:\Programme\PestPatrol\Register.exe (SecureIT Solutions) O4 - HKLM..\Run: [PPMemCheck] C:\Programme\PestPatrol\PPMemCheck.exe () O4 - HKLM..\Run: [TkBellExe] C:\programme\real\realplayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKCU..\Run: [KiesHelper] C:\Programme\Samsung\Kies\KiesHelper.exe (Samsung) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Secunia PSI Tray.lnk = C:\Programme\Secunia\PSI\psi_tray.exe (Secunia) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme () O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} hxxp://office.microsoft.com/officeupdate/content/opuc3.cab (Office Update Installation Engine) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1143122975250 (WUWebControl Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} https://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1360847132406 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06) O16 - DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 80.69.100.214 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B219A546-51FC-4914-9A31-89C4631F505C}: DhcpNameServer = 80.69.100.214 192.168.0.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.04.05 05:41:03 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{bee8ca7a-c6a5-11e1-9850-0060b35b1dd1}\Shell - "" = AutoRun O33 - MountPoints2\{bee8ca7a-c6a5-11e1-9850-0060b35b1dd1}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{bee8ca7a-c6a5-11e1-9850-0060b35b1dd1}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O33 - MountPoints2\{ffa631fe-e1dd-11e0-97cd-0060b35b1dd1}\Shell - "" = AutoRun O33 - MountPoints2\{ffa631fe-e1dd-11e0-97cd-0060b35b1dd1}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{ffa631fe-e1dd-11e0-97cd-0060b35b1dd1}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.02.24 13:03:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office Live Add-in [2013.02.24 13:03:02 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft [2013.02.24 12:07:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tina\Lokale Einstellungen\Anwendungsdaten\Secunia PSI [2013.02.17 13:36:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tina\Anwendungsdaten\RealNetworks [2013.02.17 13:34:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tina\Lokale Einstellungen\Anwendungsdaten\Sun [2013.02.14 15:22:38 | 000,000,000 | ---D | C] -- C:\Programme\RealNetworks [2013.02.14 15:22:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks [2013.02.14 15:20:10 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\xing shared [2013.02.14 15:13:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\RealNetworks [2013.02.14 15:13:25 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll [2013.02.14 14:23:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\QuickTime [2013.02.14 14:15:34 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime [2013.02.14 07:57:06 | 000,000,000 | ---D | C] -- C:\Programme\Secunia [2013.02.13 23:04:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Google Chrome [2013.02.13 22:56:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\avast! Free Antivirus [2013.02.13 22:56:26 | 000,021,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2013.02.13 22:56:24 | 000,361,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2013.02.13 22:56:04 | 000,035,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2013.02.13 22:56:01 | 000,054,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2013.02.13 22:55:58 | 000,738,504 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys [2013.02.13 22:55:56 | 000,097,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2013.02.13 22:55:56 | 000,089,752 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2013.02.13 22:55:55 | 000,025,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2013.02.13 22:52:01 | 000,041,224 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2013.02.13 22:51:50 | 000,227,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe [2013.02.13 22:45:27 | 000,000,000 | ---D | C] -- C:\Programme\AVAST Software [2013.02.13 22:45:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVAST Software [2013.02.13 18:41:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Malwarebytes [2013.02.13 18:41:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware [2013.02.13 18:41:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2013.02.13 18:40:46 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2013.02.13 18:40:46 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2013.02.08 17:34:29 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox [2013.02.08 17:24:44 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\***\Recent [2008.05.27 18:34:22 | 000,397,312 | R--- | C] (Electronic Arts) -- C:\Programme\AutoRun.exe [2008.05.27 18:34:22 | 000,380,928 | R--- | C] (Electronic Arts) -- C:\Programme\EASetup.exe [21 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.02.24 16:13:16 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013.02.24 15:56:23 | 000,000,306 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job [2013.02.24 15:55:26 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013.02.24 15:49:03 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013.02.24 15:48:43 | 000,000,270 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3231079407-1651759842-1146664477-1007.job [2013.02.24 15:47:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013.02.24 15:47:48 | 939,048,960 | -HS- | M] () -- C:\hiberfil.sys [2013.02.24 11:47:35 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013.02.17 13:11:41 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2013.02.17 12:23:36 | 000,259,840 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013.02.16 09:10:33 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3231079407-1651759842-1146664477-1007.job [2013.02.14 17:54:49 | 000,000,872 | ---- | M] () -- C:\WINDOWS\uninst.ini [2013.02.14 16:39:59 | 000,000,658 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk [2013.02.14 15:24:42 | 000,000,727 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\RealPlayer.lnk [2013.02.14 15:13:25 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll [2013.02.14 14:23:32 | 000,001,588 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\QuickTime Player.lnk [2013.02.14 08:37:13 | 000,464,800 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2013.02.14 08:37:13 | 000,446,152 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013.02.14 08:37:13 | 000,073,358 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013.02.14 08:37:12 | 000,087,014 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2013.02.14 07:59:29 | 000,000,729 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Secunia PSI Tray.lnk [2013.02.13 23:04:19 | 000,001,781 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk [2013.02.13 22:56:41 | 000,001,657 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\avast! Free Antivirus.lnk [2013.02.13 22:55:57 | 000,003,001 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2013.02.13 20:38:10 | 000,001,713 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader 9.lnk [2013.02.13 18:41:22 | 000,000,760 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk [2013.02.08 17:22:22 | 000,035,647 | ---- | M] () -- C:\Dokumente und Einstellungen\Tina\Desktop\Pressemitteilung Freedom Sounds.pdf [21 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.02.15 19:07:55 | 000,001,767 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office PowerPoint Viewer 2003.lnk [2013.02.14 17:54:47 | 000,000,872 | ---- | C] () -- C:\WINDOWS\uninst.ini [2013.02.14 16:47:17 | 000,001,924 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office PowerPoint Viewer 2007.lnk [2013.02.14 15:30:48 | 000,000,270 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3231079407-1651759842-1146664477-1007.job [2013.02.14 15:30:43 | 000,000,278 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3231079407-1651759842-1146664477-1007.job [2013.02.14 15:24:42 | 000,000,727 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\RealPlayer.lnk [2013.02.14 14:23:31 | 000,001,588 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\QuickTime Player.lnk [2013.02.14 07:59:29 | 000,000,729 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Secunia PSI Tray.lnk [2013.02.14 07:59:04 | 000,000,692 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Secunia PSI.lnk [2013.02.13 23:04:19 | 000,001,781 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk [2013.02.13 22:56:41 | 000,001,657 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\avast! Free Antivirus.lnk [2013.02.13 22:55:58 | 000,000,306 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job [2013.02.13 18:41:22 | 000,000,760 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk [2013.02.08 17:22:44 | 000,035,647 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Pressemitteilung Freedom Sounds.pdf [2013.01.12 16:58:37 | 000,611,344 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat [2012.06.03 21:27:16 | 000,002,402 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\K&S GbR_65739754-B7A7-4A9E-BA1B-990F6A477250.swidtag [2012.05.18 14:09:21 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012.04.10 10:49:16 | 000,000,089 | ---- | C] () -- C:\Dokumente und Einstellungen\***\default.pls [2012.01.31 17:15:44 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe [2010.12.27 17:16:26 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\$_hpcst$.hpc [2010.01.13 18:51:37 | 028,534,656 | ---- | C] ( ) -- C:\Programme\AdbeRdr930_de_DE.exe [2008.05.27 18:34:28 | 088,497,795 | ---- | C] () -- C:\Programme\Group3.cab [2008.05.27 18:34:26 | 005,423,104 | ---- | C] () -- C:\Programme\EURO08.exe [2008.05.27 18:34:22 | 001,784,320 | ---- | C] () -- C:\Programme\autorun.dat [2008.05.27 18:34:22 | 000,021,060 | ---- | C] () -- C:\Programme\config.dat [2008.05.27 18:34:22 | 000,000,146 | ---- | C] () -- C:\Programme\autorun.inf [2006.05.07 15:26:01 | 000,000,166 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\wklnhst.dat [2006.05.07 14:26:29 | 000,016,896 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006.05.07 14:26:29 | 000,000,137 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat ========== ZeroAccess Check ========== [2006.03.23 14:07:55 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 03:22:25 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 03:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2013.02.13 21:13:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Activ Software [2012.12.11 17:37:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ashampoo [2013.02.13 22:45:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVAST Software [2006.05.08 14:42:02 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ [2006.04.05 05:48:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\fun communications [2011.04.28 19:29:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MMM [2006.04.05 06:31:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MSScanAppDataDir [2006.04.05 05:40:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\muvee Technologies [2011.11.24 18:32:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Promethean [2012.04.11 08:25:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung [2006.04.05 06:46:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SmartSound Software Inc [2012.06.07 10:06:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TMP_EGKSPatterN_741 [2011.03.21 21:10:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ulead Systems [2006.03.30 08:36:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint [2008.05.27 18:28:18 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\.# [2011.11.24 18:22:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\ACTIV Software [2010.05.01 11:44:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Amazon [2011.12.08 21:08:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Canon [2011.09.18 11:42:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Imaxel [2006.04.05 06:53:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\InterVideo [2006.08.15 15:20:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\MAGIX [2011.11.24 18:31:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Promethean [2012.04.11 08:29:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Samsung [2012.04.09 18:41:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Temp [2006.05.07 15:26:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Template ========== Purity Check ========== < End of report > OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 24.02.2013 13:23:24 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\***\Eigene Dateien\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
895,48 Mb Total Physical Memory | 220,29 Mb Available Physical Memory | 24,60% Memory free
2,12 Gb Paging File | 1,38 Gb Available in Paging File | 65,35% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 62,82 Gb Total Space | 28,39 Gb Free Space | 45,19% Space Free | Partition Type: NTFS
Drive D: | 11,73 Gb Total Space | 4,88 Gb Free Space | 41,62% Space Free | Partition Type: FAT32
Computer Name: *** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Programme\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- "C:\Programme\Mozilla Firefox\firefox.exe" -osint -url "%1"
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Programme\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Programme\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe:*:enabled:Remoteunterstützung -- (Microsoft Corporation)
"C:\Programme\Messenger\msmsgs.exe" = C:\Programme\Messenger\msmsgs.exe:*:enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Programme\AOL 9.0\AOL.exe" = C:\Programme\AOL 9.0\AOL.exe:*:enabled:AOL 9.0
"C:\Programme\AOL 9.0\WAOL.exe" = C:\Programme\AOL 9.0\WAOL.exe:*:enabled:AOL 9.0
"C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLACSD.exe" = C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLACSD.exe:*:enabled:AOL 9.0 (Connectivity Service)
"C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDIAL.exe" = C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDIAL.exe:*:enabled:AOL 9.0 (Connectivity Service Dialer)
"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:enabled:Microsoft Fax -- (Microsoft Corporation)
"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:enabled:Skype
"C:\Programme\CA\eTrust Antivirus\InocIT.exe" = C:\Programme\CA\eTrust Antivirus\InocIT.exe:*:enabled:eTrust Antivirus - Local Scanner
"C:\Programme\CA\eTrust Antivirus\Realmon.exe" = C:\Programme\CA\eTrust Antivirus\Realmon.exe:*:enabled:eTrust Antivirus - Realtime monitor
"C:\Programme\CA\eTrust Antivirus\InoRpc.exe" = C:\Programme\CA\eTrust Antivirus\InoRpc.exe:*:enabled:eTrust Antivirus - RPC Server
"C:\Programme\NetMeeting\Conf.exe" = C:\Programme\NetMeeting\Conf.exe:*:enabled:NetMeeting -- (Microsoft Corporation)
"C:\Programme\Ahead\Nero MediaHome\NeroMediaHome.exe" = C:\Programme\Ahead\Nero MediaHome\NeroMediaHome.exe:*:enabled:Nero MediaHome -- (Ahead Software AG)
"C:\Programme\InterVideo\DVD7\WinDVD.exe" = C:\Programme\InterVideo\DVD7\WinDVD.exe:*:enabled:InterVideo WinDVD 7 -- (InterVideo Inc.)
"C:\Programme\InterVideo\MediaOne Gallery\mediaone.exe" = C:\Programme\InterVideo\MediaOne Gallery\mediaone.exe:*:enabled:InterVideo MediaOne Gallery -- ()
"C:\Programme\MSN Messenger\msnmsgr.exe" = C:\Programme\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.5 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe:*:enabled:Remoteunterstützung -- (Microsoft Corporation)
"C:\Programme\Messenger\msmsgs.exe" = C:\Programme\Messenger\msmsgs.exe:*:enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Programme\AOL 9.0\AOL.exe" = C:\Programme\AOL 9.0\AOL.exe:*:enabled:AOL 9.0
"C:\Programme\AOL 9.0\WAOL.exe" = C:\Programme\AOL 9.0\WAOL.exe:*:enabled:AOL 9.0
"C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLACSD.exe" = C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLACSD.exe:*:enabled:AOL 9.0 (Connectivity Service)
"C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDIAL.exe" = C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDIAL.exe:*:enabled:AOL 9.0 (Connectivity Service Dialer)
"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:enabled:Microsoft Fax -- (Microsoft Corporation)
"C:\Programme\CA\eTrust Antivirus\InocIT.exe" = C:\Programme\CA\eTrust Antivirus\InocIT.exe:*:enabled:eTrust Antivirus - Local Scanner
"C:\Programme\CA\eTrust Antivirus\Realmon.exe" = C:\Programme\CA\eTrust Antivirus\Realmon.exe:*:enabled:eTrust Antivirus - Realtime monitor
"C:\Programme\CA\eTrust Antivirus\InoRpc.exe" = C:\Programme\CA\eTrust Antivirus\InoRpc.exe:*:enabled:eTrust Antivirus - RPC Server
"C:\Programme\NetMeeting\Conf.exe" = C:\Programme\NetMeeting\Conf.exe:*:enabled:NetMeeting -- (Microsoft Corporation)
"C:\Programme\Ahead\Nero MediaHome\NeroMediaHome.exe" = C:\Programme\Ahead\Nero MediaHome\NeroMediaHome.exe:*:enabled:Nero MediaHome -- (Ahead Software AG)
"C:\Programme\InterVideo\DVD7\WinDVD.exe" = C:\Programme\InterVideo\DVD7\WinDVD.exe:*:enabled:InterVideo WinDVD 7 -- (InterVideo Inc.)
"C:\Programme\InterVideo\MediaOne Gallery\mediaone.exe" = C:\Programme\InterVideo\MediaOne Gallery\mediaone.exe:*:enabled:InterVideo MediaOne Gallery -- ()
"C:\Programme\MSN Messenger\msnmsgr.exe" = C:\Programme\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.5 -- (Microsoft Corporation)
"C:\Programme\DSC Software\DL10XP.exe" = C:\Programme\DSC Software\DL10XP.exe:*:Enabled:DL-10 for DSC -- ()
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Disabled:Skype
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{055EA790-FBC0-4C01-A6D5-17C77F0E9E92}" = EasyGrade - Update 7.4.1
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Systemsteuerung
"{0D93041A-03EC-11DA-BFBD-00065BBDC0B5}" = MSN Messenger 7.5
"{17811AE7-6445-4A38-9792-60B227C9F48D}" = PestPatrol Registration
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20FD5B04-CE35-4F5B-A2F3-6D9FD644EB70}" = WISO Mein Geld 2006 Professional
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{261D0486-9127-4071-BA1D-FE784310752E}" = videon
"{26A24AE4-039D-4CA4-87B4-2F83216039FF}" = Java(TM) 6 Update 39
"{26A24AE4-039D-4CA4-87B4-2F83217015FF}" = Java 7 Update 15
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{31E1050B-F69F-4A16-8F5A-E44D31901250}" = Ulead DVD DiskRecorder 2.1.1
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{34F0D55F-C386-4195-9A5B-961D3F6ACD46}" = InterVideo MediaOne Gallery
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3EBD3749-304E-4A4C-9575-C00E5F015217}" = Apple Mobile Device Support
"{43DCF766-6838-4F9A-8C91-D92DA586DFA7}" = Microsoft Windows-Journal-Viewer
"{47D2103B-FD51-4017-9C20-DD408B17D726}" = Office 2003 Trial Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 5.2.0
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90885A82-9673-49EA-AB39-AF776639C67C}" = InterVideo WinDVD 7
"{91120407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.3 - Deutsch
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}" = RealDownloader
"{B5924CA6-24A7-48F5-BC9C-8BFA94ED4564}" = LightScribe 1.4.67.1
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{C5DB5FBF-F037-4BEE-A110-257E89EDD8BB}" = Microsoft Word in Works Suite-Add-In
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C7B8E06E-EBBC-4210-93AB-DFC8760E3FC9}" = Works Suite-Betriebssystem-Pack
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D0AC6844-79D4-11D4-AFEE-00C04F443448}" = Microsoft Works 6.0
"{D8EEDC94-EE82-46A0-A7DB-812E3C6A0A6E}_is1" = PSD Viewer
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2260E94-80F2-4CB1-B6B1-6043D9BFFA47}" = Works-Synchronisierung
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{FE4C73C6-5EA3-4C4D-AAF8-5D6E2BCB3211}" = DSC Software
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"ALDI Online Druck Service (Sued)" = ALDI Online Druck Service (Sued)
"ALDI Sued Foto Manager D" = ALDI Sued Foto Manager (D)
"ALDI Sued Foto Service D" = ALDI Sued Foto Service (D)
"All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"Ashampoo Burning Studio 2012_is1" = Ashampoo Burning Studio 2012 v.10.0.15
"ATI Display Driver" = ATI Display Driver
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"Creatix 2.0 AC'97 Soft Modem" = Creatix 2.0 AC'97 Modem
"dm Digi Foto" = dm Digi Foto
"EasyGrade" = EasyGrade v7.1.3
"FoneSync" = FoneSync
"Google Chrome" = Google Chrome
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"MEDION Fotos auf CD Sued D" = MEDION Fotos auf CD Sued (D)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyFreeCodec" = MyFreeCodec
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"RealPlayer 16.0" = RealPlayer
"Secunia PSI" = Secunia PSI (3.0.0.4001)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"ViewpointMediaPlayer" = Viewpoint Media Player
"WIC" = Windows Imaging Component
"Winbond WLAN" = Winbond WLAN
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Media Center Edition Screen Saver Screen Saver" = Windows XP Media Center Edition Screen Saver Screen Saver
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMCSetup" = Windows Media Connect
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Works2001Setup" = Microsoft Works 2001-Setup-Start
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"YTdetect" = Yahoo! Detect
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 14.02.2013 02:45:12 | Computer Name = CHRISTINA | Source = MsiInstaller | ID = 11404
Description = Produkt: WISO Mein Geld 2006 Professional -- Fehler 1404. Schlüssel
konnte nicht gelöscht werden: \Software\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\EnableFullPage\.mfp.
Systemfehler . Überprüfen Sie, ob Sie ausreichende Zugriffsrechte auf diesen Schlüssel
besitzen, oder setzen Sie sich mit Ihrem Supportpersonal in Verbindung.
Error - 14.02.2013 02:45:14 | Computer Name = CHRISTINA | Source = MsiInstaller | ID = 11404
Description = Produkt: WISO Mein Geld 2006 Professional -- Fehler 1404. Schlüssel
konnte nicht gelöscht werden: \Software\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\EnableFullPage\.mfp.
Systemfehler . Überprüfen Sie, ob Sie ausreichende Zugriffsrechte auf diesen Schlüssel
besitzen, oder setzen Sie sich mit Ihrem Supportpersonal in Verbindung.
Error - 14.02.2013 02:45:15 | Computer Name = CHRISTINA | Source = MsiInstaller | ID = 11404
Description = Produkt: WISO Mein Geld 2006 Professional -- Fehler 1404. Schlüssel
konnte nicht gelöscht werden: \Software\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\EnableFullPage\.spl.
Systemfehler . Überprüfen Sie, ob Sie ausreichende Zugriffsrechte auf diesen Schlüssel
besitzen, oder setzen Sie sich mit Ihrem Supportpersonal in Verbindung.
Error - 14.02.2013 02:45:16 | Computer Name = *** | Source = MsiInstaller | ID = 11404
Description = Produkt: WISO Mein Geld 2006 Professional -- Fehler 1404. Schlüssel
konnte nicht gelöscht werden: \Software\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\EnableFullPage\.spl.
Systemfehler . Überprüfen Sie, ob Sie ausreichende Zugriffsrechte auf diesen Schlüssel
besitzen, oder setzen Sie sich mit Ihrem Supportpersonal in Verbindung.
Error - 14.02.2013 02:45:16 | Computer Name = *** | Source = MsiInstaller | ID = 11404
Description = Produkt: WISO Mein Geld 2006 Professional -- Fehler 1404. Schlüssel
konnte nicht gelöscht werden: \Software\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\EnableFullPage\.swf.
Systemfehler . Überprüfen Sie, ob Sie ausreichende Zugriffsrechte auf diesen Schlüssel
besitzen, oder setzen Sie sich mit Ihrem Supportpersonal in Verbindung.
Error - 14.02.2013 02:45:19 | Computer Name = *** | Source = MsiInstaller | ID = 11404
Description = Produkt: WISO Mein Geld 2006 Professional -- Fehler 1404. Schlüssel
konnte nicht gelöscht werden: \Software\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\EnableFullPage\.swf.
Systemfehler . Überprüfen Sie, ob Sie ausreichende Zugriffsrechte auf diesen Schlüssel
besitzen, oder setzen Sie sich mit Ihrem Supportpersonal in Verbindung.
Error - 14.02.2013 06:08:20 | Computer Name = *** | Source = .NET Runtime Optimization Service | ID = 1111
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Service reached limit of transient errors. Will shut down. Last error returned
from Service Manager: 0x80004004.
Error - 15.02.2013 12:42:54 | Computer Name = *** | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
Error - 17.02.2013 07:28:57 | Computer Name = *** | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
Error - 17.02.2013 07:31:07 | Computer Name = *** | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
[ System Events ]
Error - 17.02.2013 07:41:22 | Computer Name = *** | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "upnphost"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {204810B9-73B2-11D4-BF42-00B0D0118B56}
Error - 17.02.2013 08:12:54 | Computer Name = *** | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Windows
Presentation Foundation Font Cache 3.0.0.0.
Error - 17.02.2013 08:12:54 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Presentation Foundation Font Cache 3.0.0.0" wurde
aufgrund folgenden Fehlers nicht gestartet: %%1053
Error - 24.02.2013 06:50:00 | Computer Name = *** | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst
"Universeller Plug & Play-Gerätehost" abhängig, der aufgrund folgenden Fehlers
nicht gestartet wurde: %%1058
Error - 24.02.2013 06:53:11 | Computer Name = *** | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Gatewaydienst
auf Anwendungsebene.
Error - 24.02.2013 06:53:26 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Gatewaydienst auf Anwendungsebene" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1053
Error - 24.02.2013 06:54:12 | Computer Name = *** | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst
"Universeller Plug & Play-Gerätehost" abhängig, der aufgrund folgenden Fehlers
nicht gestartet wurde: %%1058
Error - 24.02.2013 06:54:13 | Computer Name = *** | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "upnphost"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {204810B9-73B2-11D4-BF42-00B0D0118B56}
Error - 24.02.2013 07:15:36 | Computer Name = *** | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Windows
Presentation Foundation Font Cache 3.0.0.0.
Error - 24.02.2013 07:15:37 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Presentation Foundation Font Cache 3.0.0.0" wurde
aufgrund folgenden Fehlers nicht gestartet: %%1053
< End of report >
|
|
24.02.2013, 19:25
| #2 |
| /// Malware-holic   | Computer ist plötzlich extrem langsam Hi,
__________________Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
24.02.2013, 21:10
| #3 |
| | Computer ist plötzlich extrem langsam Danke, für die schnelle Antwort. Hier das logfile:
__________________20:58:33.0906 1988 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 20:58:34.0140 1988 ============================================================ 20:58:34.0140 1988 Current date / time: 2013/02/24 20:58:34.0140 20:58:34.0140 1988 SystemInfo: 20:58:34.0140 1988 20:58:34.0140 1988 OS Version: 5.1.2600 ServicePack: 3.0 20:58:34.0140 1988 Product type: Workstation 20:58:34.0140 1988 ComputerName: *** 20:58:34.0140 1988 UserName: *** 20:58:34.0140 1988 Windows directory: C:\WINDOWS 20:58:34.0140 1988 System windows directory: C:\WINDOWS 20:58:34.0140 1988 Processor architecture: Intel x86 20:58:34.0140 1988 Number of processors: 1 20:58:34.0140 1988 Page size: 0x1000 20:58:34.0140 1988 Boot type: Normal boot 20:58:34.0140 1988 ============================================================ 20:59:00.0265 1988 Drive \Device\Harddisk0\DR0 - Size: 0x12A3F92000 (74.56 Gb), SectorSize: 0x200, Cylinders: 0x2605, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 20:59:00.0703 1988 ============================================================ 20:59:00.0703 1988 \Device\Harddisk0\DR0: 20:59:01.0343 1988 MBR partitions: 20:59:01.0343 1988 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x7DA15C9 20:59:01.0375 1988 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xB, StartLBA 0x7DA1647, BlocksNum 0x177C97E 20:59:01.0390 1988 ============================================================ 20:59:02.0078 1988 C: <-> \Device\Harddisk0\DR0\Partition1 20:59:03.0156 1988 D: <-> \Device\Harddisk0\DR0\Partition2 20:59:03.0656 1988 ============================================================ 20:59:03.0656 1988 Initialize success 20:59:03.0656 1988 ============================================================ 21:00:08.0671 2968 ============================================================ 21:00:08.0671 2968 Scan started 21:00:08.0671 2968 Mode: Manual; 21:00:08.0671 2968 ============================================================ 21:00:10.0187 2968 ================ Scan system memory ======================== 21:00:10.0218 2968 System memory - ok 21:00:10.0234 2968 ================ Scan services ============================= 21:00:11.0265 2968 [ 149A8F7ADF9742554DC323E290551E3E ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys 21:00:11.0359 2968 Aavmker4 - ok 21:00:11.0390 2968 Abiosdsk - ok 21:00:11.0406 2968 abp480n5 - ok 21:00:11.0640 2968 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 21:00:11.0781 2968 ACPI - ok 21:00:11.0906 2968 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 21:00:11.0937 2968 ACPIEC - ok 21:00:11.0937 2968 ActivHidSerMini - ok 21:00:12.0609 2968 [ 563CDCFEEAEF97163E206AF71A61AA6E ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe 21:00:12.0921 2968 AdobeFlashPlayerUpdateSvc - ok 21:00:12.0968 2968 adpu160m - ok 21:00:13.0109 2968 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys 21:00:13.0234 2968 aec - ok 21:00:13.0390 2968 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys 21:00:13.0500 2968 AFD - ok 21:00:14.0500 2968 [ B894A08F2A01E27C1989C31C96FDDE83 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys 21:00:15.0531 2968 AgereSoftModem - ok 21:00:15.0546 2968 Aha154x - ok 21:00:15.0562 2968 aic78u2 - ok 21:00:15.0578 2968 aic78xx - ok 21:00:15.0593 2968 ALCXWDM - ok 21:00:15.0703 2968 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll 21:00:15.0843 2968 Alerter - ok 21:00:15.0906 2968 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe 21:00:16.0031 2968 ALG - ok 21:00:16.0125 2968 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys 21:00:16.0140 2968 AliIde - ok 21:00:16.0328 2968 [ B9DBAAE3219661F4D0C5E8DC0C2F987D ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys 21:00:16.0390 2968 AmdK8 - ok 21:00:16.0406 2968 amsint - ok 21:00:16.0937 2968 [ 3A4982DF893F198A2DFBCCD4CE10F93A ] Apple Mobile Device C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 21:00:17.0218 2968 Apple Mobile Device - ok 21:00:17.0437 2968 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll 21:00:17.0625 2968 AppMgmt - ok 21:00:17.0718 2968 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys 21:00:17.0765 2968 Arp1394 - ok 21:00:17.0781 2968 asc - ok 21:00:17.0796 2968 asc3350p - ok 21:00:17.0812 2968 asc3550 - ok 21:00:18.0187 2968 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 21:00:18.0406 2968 aspnet_state - ok 21:00:18.0484 2968 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys 21:00:18.0562 2968 aswFsBlk - ok 21:00:18.0765 2968 [ 84F0BE324EE111338589F448C3E8BAB2 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys 21:00:18.0859 2968 aswMon2 - ok 21:00:18.0968 2968 [ 7C9F0A2AB17D52261A9252A2EB320884 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys 21:00:19.0015 2968 AswRdr - ok 21:00:19.0750 2968 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys 21:00:20.0328 2968 aswSnx - ok 21:00:20.0625 2968 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys 21:00:20.0906 2968 aswSP - ok 21:00:21.0000 2968 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys 21:00:21.0046 2968 aswTdi - ok 21:00:21.0109 2968 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 21:00:21.0140 2968 AsyncMac - ok 21:00:21.0234 2968 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 21:00:21.0250 2968 atapi - ok 21:00:21.0265 2968 Atdisk - ok 21:00:21.0625 2968 [ 43E945DC2A642539E2B07633CDC9C30E ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe 21:00:22.0390 2968 Ati HotKey Poller - ok 21:00:23.0484 2968 [ C762F8FCA8F7023E3D405AB915E8ACD7 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 21:00:24.0921 2968 ati2mtag - ok 21:00:25.0015 2968 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 21:00:25.0062 2968 Atmarpc - ok 21:00:25.0187 2968 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 21:00:25.0218 2968 AudioSrv - ok 21:00:25.0296 2968 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 21:00:25.0296 2968 audstub - ok 21:00:25.0437 2968 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Programme\AVAST Software\Avast\AvastSvc.exe 21:00:25.0484 2968 avast! Antivirus - ok 21:00:25.0546 2968 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 21:00:25.0656 2968 Beep - ok 21:00:26.0093 2968 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll 21:00:26.0734 2968 BITS - ok 21:00:26.0875 2968 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll 21:00:27.0015 2968 Browser - ok 21:00:27.0062 2968 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 21:00:27.0156 2968 cbidf2k - ok 21:00:27.0187 2968 cd20xrnt - ok 21:00:27.0250 2968 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 21:00:27.0406 2968 Cdaudio - ok 21:00:27.0562 2968 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 21:00:27.0656 2968 Cdfs - ok 21:00:27.0843 2968 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 21:00:27.0984 2968 Cdrom - ok 21:00:28.0046 2968 Changer - ok 21:00:28.0140 2968 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe 21:00:28.0187 2968 CiSvc - ok 21:00:28.0250 2968 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 21:00:28.0312 2968 ClipSrv - ok 21:00:28.0421 2968 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 21:00:29.0531 2968 clr_optimization_v2.0.50727_32 - ok 21:00:29.0609 2968 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys 21:00:29.0625 2968 CmBatt - ok 21:00:29.0640 2968 CmdIde - ok 21:00:29.0687 2968 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys 21:00:29.0703 2968 Compbatt - ok 21:00:29.0718 2968 COMSysApp - ok 21:00:29.0765 2968 Cpqarray - ok 21:00:29.0890 2968 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 21:00:29.0937 2968 CryptSvc - ok 21:00:29.0953 2968 dac2w2k - ok 21:00:29.0968 2968 dac960nt - ok 21:00:30.0484 2968 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 21:00:31.0093 2968 DcomLaunch - ok 21:00:31.0281 2968 [ 6216FD7FD227DE454238A702B218CEC7 ] dgderdrv C:\WINDOWS\system32\drivers\dgderdrv.sys 21:00:31.0375 2968 dgderdrv - ok 21:00:31.0593 2968 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 21:00:31.0765 2968 Dhcp - ok 21:00:31.0875 2968 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 21:00:31.0906 2968 Disk - ok 21:00:31.0921 2968 dmadmin - ok 21:00:32.0593 2968 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 21:00:33.0265 2968 dmboot - ok 21:00:33.0406 2968 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys 21:00:33.0515 2968 dmio - ok 21:00:33.0609 2968 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys 21:00:33.0640 2968 dmload - ok 21:00:33.0703 2968 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll 21:00:33.0734 2968 dmserver - ok 21:00:33.0796 2968 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 21:00:33.0843 2968 DMusic - ok 21:00:33.0937 2968 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 21:00:33.0984 2968 Dnscache - ok 21:00:34.0171 2968 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 21:00:34.0296 2968 Dot3svc - ok 21:00:34.0296 2968 dpti2o - ok 21:00:34.0375 2968 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 21:00:34.0531 2968 drmkaud - ok 21:00:34.0687 2968 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll 21:00:34.0765 2968 EapHost - ok 21:00:34.0921 2968 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll 21:00:35.0015 2968 ERSvc - ok 21:00:35.0187 2968 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe 21:00:35.0390 2968 Eventlog - ok 21:00:35.0656 2968 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll 21:00:35.0859 2968 EventSystem - ok 21:00:36.0078 2968 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 21:00:36.0250 2968 Fastfat - ok 21:00:36.0500 2968 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 21:00:36.0640 2968 FastUserSwitchingCompatibility - ok 21:00:37.0000 2968 [ 08B8B302AF0D1B3B8543429BBAC8F21F ] Fax C:\WINDOWS\system32\fxssvc.exe 21:00:37.0265 2968 Fax - ok 21:00:37.0390 2968 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys 21:00:37.0437 2968 Fdc - ok 21:00:37.0500 2968 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys 21:00:37.0531 2968 Fips - ok 21:00:37.0578 2968 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys 21:00:37.0593 2968 Flpydisk - ok 21:00:37.0781 2968 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 21:00:37.0953 2968 FltMgr - ok 21:00:38.0218 2968 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 21:00:38.0281 2968 FontCache3.0.0.0 - ok 21:00:38.0406 2968 [ B07663A810E861EEBFD0EAC7E82CA62D ] FsUsbExDisk C:\WINDOWS\system32\FsUsbExDisk.SYS 21:00:38.0515 2968 FsUsbExDisk - ok 21:00:38.0843 2968 [ 15AB846886C225FFF0376F3CEF21188F ] FsUsbExService C:\WINDOWS\system32\FsUsbExService.Exe 21:00:39.0140 2968 FsUsbExService - ok 21:00:39.0171 2968 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 21:00:39.0187 2968 Fs_Rec - ok 21:00:39.0343 2968 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 21:00:39.0453 2968 Ftdisk - ok 21:00:39.0625 2968 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 21:00:39.0718 2968 Gpc - ok 21:00:40.0109 2968 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe 21:00:40.0218 2968 gupdate - ok 21:00:40.0375 2968 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe 21:00:40.0390 2968 gupdatem - ok 21:00:40.0671 2968 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe 21:00:40.0812 2968 gusvc - ok 21:00:41.0046 2968 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 21:00:41.0140 2968 helpsvc - ok 21:00:41.0140 2968 HidServ - ok 21:00:41.0265 2968 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys 21:00:41.0375 2968 HidUsb - ok 21:00:41.0703 2968 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 21:00:41.0812 2968 hkmsvc - ok 21:00:41.0828 2968 hpn - ok 21:00:43.0031 2968 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 21:00:43.0296 2968 HTTP - ok 21:00:43.0828 2968 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 21:00:43.0875 2968 HTTPFilter - ok 21:00:44.0156 2968 i2omgmt - ok 21:00:44.0171 2968 i2omp - ok 21:00:44.0359 2968 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 21:00:44.0421 2968 i8042prt - ok 21:00:45.0843 2968 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe 21:00:46.0156 2968 IDriverT - ok 21:00:49.0343 2968 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 21:00:52.0453 2968 idsvc - ok 21:00:52.0718 2968 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 21:00:52.0843 2968 Imapi - ok 21:00:53.0421 2968 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe 21:00:53.0875 2968 ImapiService - ok 21:00:53.0906 2968 ini910u - ok 21:00:53.0937 2968 IntelIde - ok 21:00:55.0109 2968 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys 21:00:56.0078 2968 Ip6Fw - ok 21:00:56.0734 2968 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 21:00:56.0890 2968 IpFilterDriver - ok 21:00:58.0187 2968 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 21:00:58.0265 2968 IpInIp - ok 21:00:58.0828 2968 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 21:01:00.0640 2968 IpNat - ok 21:01:00.0843 2968 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 21:01:00.0953 2968 IPSec - ok 21:01:01.0296 2968 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 21:01:01.0453 2968 IRENUM - ok 21:01:03.0046 2968 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 21:01:03.0125 2968 isapnp - ok 21:01:03.0218 2968 [ 94A8C9436C36CD9657CFED0043066B9C ] Iviaspi C:\WINDOWS\system32\drivers\iviaspi.sys 21:01:03.0687 2968 Iviaspi - ok 21:01:10.0093 2968 [ 1758AF653723679E3746FC7DDD93C69B ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe 21:01:11.0375 2968 JavaQuickStarterService - ok 21:01:11.0468 2968 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 21:01:11.0750 2968 Kbdclass - ok 21:01:13.0187 2968 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 21:01:14.0906 2968 kmixer - ok 21:01:15.0187 2968 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 21:01:16.0734 2968 KSecDD - ok 21:01:17.0000 2968 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll 21:01:17.0234 2968 lanmanserver - ok 21:01:20.0078 2968 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 21:01:20.0500 2968 lanmanworkstation - ok 21:01:20.0515 2968 lbrtfdc - ok 21:01:20.0937 2968 [ D30D9547C02ECEE13E259970F71503D7 ] LightScribeService C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe 21:01:21.0328 2968 LightScribeService - ok 21:01:21.0859 2968 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 21:01:21.0921 2968 LmHosts - ok 21:01:22.0437 2968 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys 21:01:23.0203 2968 MBAMProtector - ok 21:01:25.0375 2968 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe 21:01:27.0468 2968 MBAMScheduler - ok 21:01:28.0828 2968 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe 21:01:29.0953 2968 MBAMService - ok 21:01:32.0937 2968 [ 52404CC76E9D53843BDF97564BB16BED ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe 21:01:33.0578 2968 McrdSvc - ok 21:01:35.0859 2968 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE 21:01:37.0218 2968 MDM - ok 21:01:37.0796 2968 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll 21:01:38.0078 2968 Messenger - ok 21:01:38.0734 2968 [ DED60230E3019C508769EC3C15BCDA44 ] MHN C:\WINDOWS\System32\mhn.dll 21:01:39.0078 2968 MHN - ok 21:01:39.0343 2968 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys 21:01:39.0531 2968 MHNDRV - ok 21:01:40.0437 2968 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 21:01:40.0703 2968 mnmdd - ok 21:01:42.0234 2968 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 21:01:42.0359 2968 mnmsrvc - ok 21:01:42.0515 2968 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys 21:01:42.0609 2968 Modem - ok 21:01:42.0750 2968 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 21:01:42.0890 2968 Mouclass - ok 21:01:43.0375 2968 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys 21:01:43.0468 2968 mouhid - ok 21:01:44.0000 2968 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 21:01:44.0312 2968 MountMgr - ok 21:01:44.0406 2968 mraid35x - ok 21:01:44.0625 2968 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 21:01:44.0843 2968 MRxDAV - ok 21:01:45.0921 2968 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 21:01:46.0562 2968 MRxSmb - ok 21:01:47.0093 2968 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe 21:01:47.0281 2968 MSDTC - ok 21:01:47.0343 2968 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 21:01:47.0937 2968 Msfs - ok 21:01:47.0953 2968 MSIServer - ok 21:01:48.0000 2968 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 21:01:48.0062 2968 MSKSSRV - ok 21:01:48.0250 2968 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 21:01:48.0437 2968 MSPCLOCK - ok 21:01:48.0671 2968 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 21:01:48.0984 2968 MSPQM - ok 21:01:49.0093 2968 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 21:01:49.0296 2968 mssmbios - ok 21:01:49.0859 2968 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 21:01:50.0250 2968 Mup - ok 21:01:51.0265 2968 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll 21:01:52.0140 2968 napagent - ok 21:01:52.0453 2968 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 21:01:52.0875 2968 NDIS - ok 21:01:53.0343 2968 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 21:01:53.0515 2968 NdisTapi - ok 21:01:53.0937 2968 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 21:01:54.0015 2968 Ndisuio - ok 21:01:54.0656 2968 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 21:01:55.0375 2968 NdisWan - ok 21:01:55.0562 2968 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 21:01:55.0781 2968 NDProxy - ok 21:01:55.0968 2968 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 21:01:56.0125 2968 NetBIOS - ok 21:01:56.0578 2968 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 21:01:57.0312 2968 NetBT - ok 21:01:57.0640 2968 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe 21:01:58.0140 2968 NetDDE - ok 21:01:58.0250 2968 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 21:01:58.0265 2968 NetDDEdsdm - ok 21:01:58.0750 2968 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe 21:01:58.0750 2968 Netlogon - ok 21:01:59.0015 2968 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll 21:01:59.0531 2968 Netman - ok 21:01:59.0781 2968 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 21:02:00.0015 2968 NetTcpPortSharing - ok 21:02:00.0734 2968 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys 21:02:01.0609 2968 NIC1394 - ok 21:02:01.0968 2968 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll 21:02:02.0218 2968 Nla - ok 21:02:02.0437 2968 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 21:02:02.0546 2968 Npfs - ok 21:02:03.0406 2968 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 21:02:04.0812 2968 Ntfs - ok 21:02:05.0062 2968 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 21:02:05.0093 2968 NtLmSsp - ok 21:02:06.0359 2968 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 21:02:07.0078 2968 NtmsSvc - ok 21:02:07.0203 2968 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys 21:02:07.0343 2968 Null - ok 21:02:08.0125 2968 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 21:02:08.0406 2968 NwlnkFlt - ok 21:02:08.0578 2968 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 21:02:08.0671 2968 NwlnkFwd - ok 21:02:08.0968 2968 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys 21:02:09.0093 2968 ohci1394 - ok 21:02:09.0625 2968 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE 21:02:10.0187 2968 ose - ok 21:02:10.0890 2968 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\drivers\Parport.sys 21:02:11.0375 2968 Parport - ok 21:02:12.0390 2968 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 21:02:12.0468 2968 PartMgr - ok 21:02:12.0890 2968 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 21:02:13.0015 2968 ParVdm - ok 21:02:14.0750 2968 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 21:02:14.0968 2968 PCI - ok 21:02:14.0984 2968 PCIDump - ok 21:02:15.0031 2968 PCIIde - ok 21:02:15.0265 2968 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys 21:02:15.0546 2968 Pcmcia - ok 21:02:15.0593 2968 PDCOMP - ok 21:02:15.0625 2968 PDFRAME - ok 21:02:15.0640 2968 PDRELI - ok 21:02:15.0718 2968 PDRFRAME - ok 21:02:15.0750 2968 perc2 - ok 21:02:15.0765 2968 perc2hib - ok 21:02:16.0015 2968 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe 21:02:16.0031 2968 PlugPlay - ok 21:02:17.0468 2968 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 21:02:17.0484 2968 PolicyAgent - ok 21:02:17.0640 2968 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 21:02:17.0828 2968 PptpMiniport - ok 21:02:17.0828 2968 prmvmouse - ok 21:02:17.0906 2968 [ 2CB55427C58679F49AD600FCCBA76360 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys 21:02:18.0671 2968 Processor - ok 21:02:20.0250 2968 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 21:02:20.0265 2968 ProtectedStorage - ok 21:02:20.0500 2968 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 21:02:20.0734 2968 PSched - ok 21:02:20.0953 2968 [ D24DFD16A1E2A76034DF5AA18125C35D ] PSI C:\WINDOWS\system32\DRIVERS\psi_mf.sys 21:02:21.0046 2968 PSI - ok 21:02:21.0453 2968 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 21:02:21.0562 2968 Ptilink - ok 21:02:22.0312 2968 [ 617ACCADA2E0A0F43EC6030BBAC49513 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys 21:02:22.0359 2968 PxHelp20 - ok 21:02:22.0375 2968 ql1080 - ok 21:02:22.0390 2968 Ql10wnt - ok 21:02:22.0437 2968 ql12160 - ok 21:02:22.0437 2968 ql1240 - ok 21:02:22.0484 2968 ql1280 - ok 21:02:22.0578 2968 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 21:02:22.0640 2968 RasAcd - ok 21:02:22.0828 2968 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll 21:02:23.0625 2968 RasAuto - ok 21:02:23.0687 2968 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 21:02:25.0234 2968 Rasl2tp - ok 21:02:25.0921 2968 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll 21:02:26.0265 2968 RasMan - ok 21:02:26.0500 2968 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 21:02:26.0640 2968 RasPppoe - ok 21:02:26.0890 2968 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 21:02:26.0968 2968 Raspti - ok 21:02:28.0234 2968 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 21:02:28.0515 2968 Rdbss - ok 21:02:28.0640 2968 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 21:02:28.0875 2968 RDPCDD - ok 21:02:29.0281 2968 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys 21:02:29.0609 2968 rdpdr - ok 21:02:30.0031 2968 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 21:02:30.0437 2968 RDPWD - ok 21:02:31.0406 2968 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 21:02:31.0625 2968 RDSessMgr - ok 21:02:33.0031 2968 [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] RealNetworks Downloader Resolver Service C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe 21:02:33.0187 2968 RealNetworks Downloader Resolver Service - ok 21:02:34.0078 2968 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 21:02:34.0171 2968 redbook - ok 21:02:34.0296 2968 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 21:02:34.0406 2968 RemoteAccess - ok 21:02:35.0203 2968 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 21:02:35.0343 2968 RemoteRegistry - ok 21:02:35.0484 2968 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe 21:02:35.0625 2968 RpcLocator - ok 21:02:36.0453 2968 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll 21:02:36.0484 2968 RpcSs - ok 21:02:37.0187 2968 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe 21:02:37.0781 2968 RSVP - ok 21:02:38.0750 2968 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe 21:02:38.0812 2968 SamSs - ok 21:02:39.0156 2968 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 21:02:39.0296 2968 SCardSvr - ok 21:02:39.0875 2968 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll 21:02:40.0187 2968 Schedule - ok 21:02:40.0531 2968 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 21:02:40.0843 2968 Secdrv - ok 21:02:41.0765 2968 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll 21:02:41.0781 2968 seclogon - ok 21:02:42.0156 2968 Secunia PSI Agent - ok 21:02:42.0156 2968 Secunia Update Agent - ok 21:02:45.0062 2968 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll 21:02:45.0125 2968 SENS - ok 21:02:46.0093 2968 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\drivers\Serial.sys 21:02:46.0250 2968 Serial - ok 21:02:46.0968 2968 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\DRIVERS\sfloppy.sys 21:02:49.0906 2968 Sfloppy - ok 21:02:51.0015 2968 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 21:02:51.0312 2968 SharedAccess - ok 21:02:51.0500 2968 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 21:02:52.0015 2968 ShellHWDetection - ok 21:02:52.0234 2968 Simbad - ok 21:02:52.0265 2968 Sparrow - ok 21:02:52.0390 2968 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys 21:02:52.0562 2968 splitter - ok 21:02:55.0265 2968 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe 21:02:55.0375 2968 Spooler - ok 21:02:55.0812 2968 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 21:02:56.0031 2968 sr - ok 21:02:57.0703 2968 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll 21:02:58.0140 2968 srservice - ok 21:03:00.0218 2968 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 21:03:00.0687 2968 Srv - ok 21:03:01.0203 2968 [ B2063CE662AF3AB20045121A5B716DF6 ] sscebus C:\WINDOWS\system32\DRIVERS\sscebus.sys 21:03:01.0453 2968 sscebus - ok 21:03:02.0203 2968 [ 66799DC0AFE3DCAF8368CAE17394A762 ] sscemdfl C:\WINDOWS\system32\DRIVERS\sscemdfl.sys 21:03:02.0578 2968 sscemdfl - ok 21:03:02.0968 2968 [ CBF03FFC08F8DB547BAB2F79AA663D16 ] sscemdm C:\WINDOWS\system32\DRIVERS\sscemdm.sys 21:03:03.0765 2968 sscemdm - ok 21:03:03.0890 2968 [ 60CD4AD33AA52E58FAAC3ABAD18CF8EF ] ssceserd C:\WINDOWS\system32\DRIVERS\ssceserd.sys 21:03:04.0062 2968 ssceserd - ok 21:03:04.0421 2968 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 21:03:04.0718 2968 SSDPSRV - ok 21:03:04.0968 2968 [ A2DBCC4C8860449DF1AB758EA28B4DE0 ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys 21:03:05.0671 2968 StillCam - ok 21:03:06.0140 2968 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll 21:03:06.0500 2968 stisvc - ok 21:03:06.0562 2968 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 21:03:06.0625 2968 swenum - ok 21:03:07.0484 2968 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 21:03:07.0640 2968 swmidi - ok 21:03:07.0656 2968 SwPrv - ok 21:03:07.0671 2968 symc810 - ok 21:03:07.0687 2968 symc8xx - ok 21:03:07.0718 2968 sym_hi - ok 21:03:07.0718 2968 sym_u3 - ok 21:03:08.0468 2968 [ E76E0A9A30A4F2809A3356AF32D06F0B ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys 21:03:08.0859 2968 SynTP - ok 21:03:09.0328 2968 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 21:03:09.0750 2968 sysaudio - ok 21:03:10.0484 2968 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 21:03:10.0968 2968 SysmonLog - ok 21:03:11.0671 2968 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 21:03:13.0437 2968 TapiSrv - ok 21:03:13.0828 2968 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 21:03:14.0875 2968 Tcpip - ok 21:03:15.0062 2968 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 21:03:15.0640 2968 TDPIPE - ok 21:03:21.0890 2968 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 21:03:26.0687 2968 TDTCP - ok 21:03:33.0765 2968 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 21:03:34.0468 2968 TermDD - ok 21:03:35.0515 2968 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll 21:03:36.0828 2968 TermService - ok 21:03:37.0812 2968 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll 21:03:38.0812 2968 Themes - ok 21:03:39.0093 2968 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe 21:03:39.0265 2968 TlntSvr - ok 21:03:39.0750 2968 TosIde - ok 21:03:40.0093 2968 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll 21:03:40.0281 2968 TrkWks - ok 21:03:40.0437 2968 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 21:03:42.0328 2968 Udfs - ok 21:03:42.0343 2968 ULI5261XP - ok 21:03:42.0390 2968 ultra - ok 21:03:43.0234 2968 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 21:03:44.0484 2968 Update - ok 21:03:45.0296 2968 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll 21:03:46.0640 2968 upnphost - ok 21:03:46.0875 2968 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe 21:03:47.0062 2968 UPS - ok 21:03:47.0765 2968 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 21:03:48.0125 2968 usbehci - ok 21:03:48.0859 2968 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 21:03:49.0046 2968 usbhub - ok 21:03:49.0125 2968 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys 21:03:49.0781 2968 usbohci - ok 21:03:49.0859 2968 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys 21:03:50.0000 2968 usbprint - ok 21:03:50.0578 2968 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 21:03:50.0875 2968 usbscan - ok 21:03:50.0953 2968 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 21:03:52.0031 2968 USBSTOR - ok 21:03:52.0156 2968 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 21:03:52.0781 2968 VgaSave - ok 21:03:52.0796 2968 ViaIde - ok 21:03:53.0000 2968 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 21:03:53.0203 2968 VolSnap - ok 21:03:54.0062 2968 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe 21:03:55.0031 2968 VSS - ok 21:03:55.0812 2968 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll 21:03:56.0437 2968 W32Time - ok 21:03:57.0562 2968 [ 0BAA4C13CCD2CAFE1E121121F1C1611D ] W33ND C:\WINDOWS\system32\DRIVERS\W33ND.SYS 21:03:59.0953 2968 W33ND - ok 21:04:00.0531 2968 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 21:04:00.0859 2968 Wanarp - ok 21:04:00.0953 2968 wanatw - ok 21:04:01.0546 2968 [ 553E38A0E5C8FEB94CC228F3AF700AC2 ] wbsecdrv C:\WINDOWS\system32\DRIVERS\wbsecdrv.sys 21:04:02.0062 2968 wbsecdrv - ok 21:04:02.0078 2968 wbsecsvc - ok 21:04:02.0109 2968 WDICA - ok 21:04:02.0609 2968 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 21:04:02.0937 2968 wdmaud - ok 21:04:03.0187 2968 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll 21:04:03.0390 2968 WebClient - ok 21:04:04.0500 2968 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 21:04:05.0671 2968 winmgmt - ok 21:04:06.0343 2968 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll 21:04:06.0640 2968 WmdmPmSN - ok 21:04:07.0750 2968 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll 21:04:09.0578 2968 Wmi - ok 21:04:09.0875 2968 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 21:04:10.0265 2968 WmiApSrv - ok 21:04:12.0078 2968 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe 21:04:14.0109 2968 WMPNetworkSvc - ok 21:04:14.0421 2968 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys 21:04:14.0937 2968 WpdUsb - ok 21:04:15.0171 2968 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll 21:04:15.0437 2968 wscsvc - ok 21:04:15.0875 2968 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll 21:04:16.0890 2968 wuauserv - ok 21:04:17.0125 2968 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys 21:04:17.0437 2968 WudfPf - ok 21:04:18.0062 2968 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys 21:04:18.0734 2968 WudfRd - ok 21:04:18.0906 2968 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll 21:04:19.0046 2968 WudfSvc - ok 21:04:20.0015 2968 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 21:04:20.0859 2968 WZCSVC - ok 21:04:21.0562 2968 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll 21:04:21.0843 2968 xmlprov - ok 21:04:21.0875 2968 ================ Scan global =============================== 21:04:22.0156 2968 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll 21:04:23.0000 2968 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll 21:04:24.0687 2968 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll 21:04:25.0296 2968 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe 21:04:26.0015 2968 [Global] - ok 21:04:26.0046 2968 ================ Scan MBR ================================== 21:04:26.0109 2968 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0 21:04:33.0734 2968 \Device\Harddisk0\DR0 - ok 21:04:33.0734 2968 ================ Scan VBR ================================== 21:04:33.0765 2968 [ 3512296C03EBE65E2D567EBF627925BE ] \Device\Harddisk0\DR0\Partition1 21:04:33.0796 2968 \Device\Harddisk0\DR0\Partition1 - ok 21:04:33.0843 2968 [ 6AD4F36E9FB040E494BA742ED2E3F1B4 ] \Device\Harddisk0\DR0\Partition2 21:04:34.0031 2968 \Device\Harddisk0\DR0\Partition2 - ok 21:04:34.0031 2968 ============================================================ 21:04:34.0031 2968 Scan finished 21:04:34.0031 2968 ============================================================ 21:04:35.0171 0192 Detected object count: 0 21:04:35.0171 0192 Actual detected object count: 0 |
|
25.02.2013, 18:11
| #4 |
| /// Malware-holic | Computer ist plötzlich extrem langsam Hi prüfe die Bilder, die in der Anleitung stehen, und konfiguriere TDSS-Killer dementsprechend, scanne erneut.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
25.02.2013, 20:20
| #5 |
| | Computer ist plötzlich extrem langsam Sorry, jetzt müsste es passen: 19:37:23.0437 3476 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 19:37:25.0828 3476 ============================================================ 19:37:25.0859 3476 Current date / time: 2013/02/25 19:37:25.0828 19:37:25.0859 3476 SystemInfo: 19:37:25.0859 3476 19:37:25.0859 3476 OS Version: 5.1.2600 ServicePack: 3.0 19:37:25.0906 3476 Product type: Workstation 19:37:25.0937 3476 ComputerName: *** 19:37:28.0015 3476 UserName: *** 19:37:28.0015 3476 Windows directory: C:\WINDOWS 19:37:28.0046 3476 System windows directory: C:\WINDOWS 19:37:29.0375 3476 Processor architecture: Intel x86 19:37:29.0390 3476 Number of processors: 1 19:37:29.0390 3476 Page size: 0x1000 19:37:29.0390 3476 Boot type: Normal boot 19:37:29.0406 3476 ============================================================ 19:38:47.0312 3476 Drive \Device\Harddisk0\DR0 - Size: 0x12A3F92000 (74.56 Gb), SectorSize: 0x200, Cylinders: 0x2605, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 19:38:47.0843 3476 ============================================================ 19:38:47.0875 3476 \Device\Harddisk0\DR0: 19:38:47.0875 3476 MBR partitions: 19:38:47.0875 3476 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x7DA15C9 19:38:47.0921 3476 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xB, StartLBA 0x7DA1647, BlocksNum 0x177C97E 19:38:47.0937 3476 ============================================================ 19:38:48.0000 3476 C: <-> \Device\Harddisk0\DR0\Partition1 19:38:48.0000 3476 D: <-> \Device\Harddisk0\DR0\Partition2 19:38:48.0359 3476 ============================================================ 19:38:48.0390 3476 Initialize success 19:38:48.0390 3476 ============================================================ 19:42:47.0609 3104 ============================================================ 19:42:47.0609 3104 Scan started 19:42:47.0609 3104 Mode: Manual; SigCheck; TDLFS; 19:42:47.0609 3104 ============================================================ 19:42:49.0859 3104 ================ Scan system memory ======================== 19:42:49.0875 3104 System memory - ok 19:42:49.0875 3104 ================ Scan services ============================= 19:42:50.0703 3104 [ 149A8F7ADF9742554DC323E290551E3E ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys 19:42:58.0250 3104 Aavmker4 - ok 19:42:58.0281 3104 Abiosdsk - ok 19:42:58.0296 3104 abp480n5 - ok 19:42:58.0531 3104 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 19:44:00.0671 3104 ACPI - ok 19:44:01.0140 3104 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 19:44:12.0156 3104 ACPIEC - ok 19:44:12.0203 3104 ActivHidSerMini - ok 19:44:13.0718 3104 [ 563CDCFEEAEF97163E206AF71A61AA6E ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe 19:44:16.0171 3104 AdobeFlashPlayerUpdateSvc - ok 19:44:16.0187 3104 adpu160m - ok 19:44:18.0562 3104 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys 19:44:20.0109 3104 aec - ok 19:44:20.0703 3104 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys 19:44:21.0125 3104 AFD - ok 19:44:22.0109 3104 [ B894A08F2A01E27C1989C31C96FDDE83 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys 19:44:26.0750 3104 AgereSoftModem - ok 19:44:26.0843 3104 Aha154x - ok 19:44:26.0906 3104 aic78u2 - ok 19:44:26.0968 3104 aic78xx - ok 19:44:26.0984 3104 ALCXWDM - ok 19:44:27.0062 3104 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll 19:44:32.0765 3104 Alerter - ok 19:44:32.0859 3104 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe 19:44:34.0015 3104 ALG - ok 19:44:34.0125 3104 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys 19:44:34.0718 3104 AliIde - ok 19:44:34.0953 3104 [ B9DBAAE3219661F4D0C5E8DC0C2F987D ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys 19:44:36.0109 3104 AmdK8 - ok 19:44:36.0109 3104 amsint - ok 19:44:37.0109 3104 [ 3A4982DF893F198A2DFBCCD4CE10F93A ] Apple Mobile Device C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 19:44:37.0500 3104 Apple Mobile Device ( UnsignedFile.Multi.Generic ) - warning 19:44:37.0500 3104 Apple Mobile Device - detected UnsignedFile.Multi.Generic (1) 19:44:37.0703 3104 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll 19:44:38.0500 3104 AppMgmt - ok 19:44:38.0593 3104 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys 19:44:39.0359 3104 Arp1394 - ok 19:44:39.0421 3104 asc - ok 19:44:39.0437 3104 asc3350p - ok 19:44:39.0468 3104 asc3550 - ok 19:44:39.0875 3104 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 19:44:40.0234 3104 aspnet_state - ok 19:44:40.0328 3104 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys 19:44:40.0437 3104 aswFsBlk - ok 19:44:40.0546 3104 [ 84F0BE324EE111338589F448C3E8BAB2 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys 19:44:40.0750 3104 aswMon2 - ok 19:44:40.0843 3104 [ 7C9F0A2AB17D52261A9252A2EB320884 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys 19:44:41.0312 3104 AswRdr - ok 19:44:41.0890 3104 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys 19:44:43.0312 3104 aswSnx - ok 19:44:43.0625 3104 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys 19:44:47.0171 3104 aswSP - ok 19:44:47.0390 3104 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys 19:44:47.0500 3104 aswTdi - ok 19:44:47.0625 3104 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 19:44:49.0375 3104 AsyncMac - ok 19:44:49.0906 3104 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 19:44:51.0359 3104 atapi - ok 19:44:51.0359 3104 Atdisk - ok 19:44:51.0765 3104 [ 43E945DC2A642539E2B07633CDC9C30E ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe 19:44:54.0171 3104 Ati HotKey Poller - ok 19:44:55.0765 3104 [ C762F8FCA8F7023E3D405AB915E8ACD7 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 19:45:02.0703 3104 ati2mtag - ok 19:45:02.0812 3104 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 19:45:04.0156 3104 Atmarpc - ok 19:45:04.0234 3104 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 19:45:05.0906 3104 AudioSrv - ok 19:45:06.0000 3104 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 19:45:12.0796 3104 audstub - ok 19:45:12.0937 3104 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Programme\AVAST Software\Avast\AvastSvc.exe 19:45:13.0125 3104 avast! Antivirus - ok 19:45:13.0187 3104 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 19:45:14.0859 3104 Beep - ok 19:45:15.0265 3104 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll 19:45:18.0921 3104 BITS - ok 19:45:19.0031 3104 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll 19:45:21.0734 3104 Browser - ok 19:45:21.0781 3104 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 19:45:23.0718 3104 cbidf2k - ok 19:45:23.0718 3104 cd20xrnt - ok 19:45:23.0781 3104 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 19:45:25.0671 3104 Cdaudio - ok 19:45:25.0765 3104 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 19:45:28.0531 3104 Cdfs - ok 19:45:28.0781 3104 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 19:45:30.0390 3104 Cdrom - ok 19:45:30.0406 3104 Changer - ok 19:45:30.0468 3104 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe 19:45:31.0609 3104 CiSvc - ok 19:45:31.0671 3104 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 19:45:33.0734 3104 ClipSrv - ok 19:45:33.0828 3104 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 19:45:34.0500 3104 clr_optimization_v2.0.50727_32 - ok 19:45:34.0531 3104 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys 19:45:35.0843 3104 CmBatt - ok 19:45:35.0906 3104 CmdIde - ok 19:45:35.0953 3104 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys 19:45:41.0281 3104 Compbatt - ok 19:45:41.0484 3104 COMSysApp - ok 19:45:42.0156 3104 Cpqarray - ok 19:45:42.0406 3104 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 19:45:50.0062 3104 CryptSvc - ok 19:45:50.0515 3104 dac2w2k - ok 19:45:50.0828 3104 dac960nt - ok 19:45:51.0796 3104 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 19:45:55.0203 3104 DcomLaunch - ok 19:45:55.0265 3104 [ 6216FD7FD227DE454238A702B218CEC7 ] dgderdrv C:\WINDOWS\system32\drivers\dgderdrv.sys 19:45:55.0843 3104 dgderdrv - ok 19:45:55.0984 3104 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 19:46:00.0218 3104 Dhcp - ok 19:46:00.0281 3104 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 19:46:01.0421 3104 Disk - ok 19:46:01.0437 3104 dmadmin - ok 19:46:02.0218 3104 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 19:46:04.0828 3104 dmboot - ok 19:46:05.0140 3104 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys 19:46:06.0531 3104 dmio - ok 19:46:06.0562 3104 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys 19:46:08.0250 3104 dmload - ok 19:46:08.0312 3104 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll 19:46:14.0375 3104 dmserver - ok 19:46:14.0562 3104 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 19:46:18.0250 3104 DMusic - ok 19:46:18.0718 3104 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 19:46:20.0500 3104 Dnscache - ok 19:46:20.0875 3104 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 19:46:26.0906 3104 Dot3svc - ok 19:46:26.0921 3104 dpti2o - ok 19:46:27.0015 3104 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 19:46:27.0406 3104 drmkaud - ok 19:46:27.0593 3104 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll 19:46:27.0890 3104 EapHost - ok 19:46:27.0953 3104 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll 19:46:28.0187 3104 ERSvc - ok 19:46:28.0328 3104 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe 19:46:28.0484 3104 Eventlog - ok 19:46:28.0734 3104 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll 19:46:29.0093 3104 EventSystem - ok 19:46:29.0328 3104 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 19:46:29.0671 3104 Fastfat - ok 19:46:29.0828 3104 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 19:46:30.0031 3104 FastUserSwitchingCompatibility - ok 19:46:30.0484 3104 [ 08B8B302AF0D1B3B8543429BBAC8F21F ] Fax C:\WINDOWS\system32\fxssvc.exe 19:46:30.0937 3104 Fax - ok 19:46:31.0078 3104 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys 19:46:31.0453 3104 Fdc - ok 19:46:31.0515 3104 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys 19:46:31.0953 3104 Fips - ok 19:46:31.0984 3104 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys 19:46:32.0515 3104 Flpydisk - ok 19:46:32.0671 3104 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 19:46:32.0984 3104 FltMgr - ok 19:46:33.0156 3104 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 19:46:33.0234 3104 FontCache3.0.0.0 - ok 19:46:33.0328 3104 [ B07663A810E861EEBFD0EAC7E82CA62D ] FsUsbExDisk C:\WINDOWS\system32\FsUsbExDisk.SYS 19:46:33.0453 3104 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning 19:46:33.0453 3104 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1) 19:46:33.0734 3104 [ 15AB846886C225FFF0376F3CEF21188F ] FsUsbExService C:\WINDOWS\system32\FsUsbExService.Exe 19:46:34.0015 3104 FsUsbExService ( UnsignedFile.Multi.Generic ) - warning 19:46:34.0015 3104 FsUsbExService - detected UnsignedFile.Multi.Generic (1) 19:46:34.0062 3104 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 19:46:34.0468 3104 Fs_Rec - ok 19:46:34.0593 3104 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 19:46:35.0062 3104 Ftdisk - ok 19:46:35.0140 3104 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 19:46:35.0421 3104 Gpc - ok 19:46:35.0640 3104 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe 19:46:35.0781 3104 gupdate - ok 19:46:35.0921 3104 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe 19:46:36.0000 3104 gupdatem - ok 19:46:36.0265 3104 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe 19:46:36.0500 3104 gusvc - ok 19:46:36.0640 3104 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 19:46:36.0953 3104 helpsvc - ok 19:46:36.0968 3104 HidServ - ok 19:46:37.0031 3104 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys 19:46:37.0375 3104 HidUsb - ok 19:46:37.0984 3104 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 19:46:38.0953 3104 hkmsvc - ok 19:46:38.0968 3104 hpn - ok 19:46:39.0218 3104 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 19:46:41.0906 3104 HTTP - ok 19:46:42.0218 3104 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 19:46:43.0562 3104 HTTPFilter - ok 19:46:43.0578 3104 i2omgmt - ok 19:46:43.0578 3104 i2omp - ok 19:46:43.0671 3104 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 19:46:44.0000 3104 i8042prt - ok 19:46:44.0203 3104 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe 19:46:51.0265 3104 IDriverT ( UnsignedFile.Multi.Generic ) - warning 19:46:51.0265 3104 IDriverT - detected UnsignedFile.Multi.Generic (1) 19:46:52.0312 3104 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 19:46:54.0828 3104 idsvc - ok 19:46:55.0000 3104 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 19:46:56.0015 3104 Imapi - ok 19:46:56.0437 3104 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe 19:46:57.0218 3104 ImapiService - ok 19:46:57.0234 3104 ini910u - ok 19:46:57.0265 3104 IntelIde - ok 19:46:57.0375 3104 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys 19:46:57.0671 3104 Ip6Fw - ok 19:46:57.0781 3104 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 19:46:58.0140 3104 IpFilterDriver - ok 19:46:58.0187 3104 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 19:46:58.0468 3104 IpInIp - ok 19:46:58.0734 3104 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 19:46:59.0109 3104 IpNat - ok 19:46:59.0281 3104 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 19:46:59.0687 3104 IPSec - ok 19:46:59.0968 3104 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 19:47:00.0359 3104 IRENUM - ok 19:47:00.0468 3104 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 19:47:00.0781 3104 isapnp - ok 19:47:02.0000 3104 [ 94A8C9436C36CD9657CFED0043066B9C ] Iviaspi C:\WINDOWS\system32\drivers\iviaspi.sys 19:47:02.0093 3104 Iviaspi ( UnsignedFile.Multi.Generic ) - warning 19:47:02.0093 3104 Iviaspi - detected UnsignedFile.Multi.Generic (1) 19:47:03.0968 3104 [ 1758AF653723679E3746FC7DDD93C69B ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe 19:47:04.0171 3104 JavaQuickStarterService - ok 19:47:04.0265 3104 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 19:47:04.0609 3104 Kbdclass - ok 19:47:04.0843 3104 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 19:47:05.0062 3104 kmixer - ok 19:47:05.0218 3104 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 19:47:05.0625 3104 KSecDD - ok 19:47:06.0218 3104 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll 19:47:06.0437 3104 lanmanserver - ok 19:47:07.0031 3104 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 19:47:08.0187 3104 lanmanworkstation - ok 19:47:08.0203 3104 lbrtfdc - ok 19:47:10.0296 3104 [ D30D9547C02ECEE13E259970F71503D7 ] LightScribeService C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe 19:47:11.0062 3104 LightScribeService ( UnsignedFile.Multi.Generic ) - warning 19:47:11.0062 3104 LightScribeService - detected UnsignedFile.Multi.Generic (1) 19:47:11.0703 3104 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 19:47:12.0484 3104 LmHosts - ok 19:47:12.0750 3104 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys 19:47:13.0031 3104 MBAMProtector - ok 19:47:15.0140 3104 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe 19:47:16.0765 3104 MBAMScheduler - ok 19:47:17.0906 3104 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe 19:47:20.0296 3104 MBAMService - ok 19:47:23.0281 3104 [ 52404CC76E9D53843BDF97564BB16BED ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe 19:47:23.0687 3104 McrdSvc - ok 19:47:25.0984 3104 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE 19:47:26.0531 3104 MDM - ok 19:47:26.0781 3104 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll 19:47:27.0421 3104 Messenger - ok 19:47:27.0875 3104 [ DED60230E3019C508769EC3C15BCDA44 ] MHN C:\WINDOWS\System32\mhn.dll 19:47:31.0031 3104 MHN ( UnsignedFile.Multi.Generic ) - warning 19:47:31.0031 3104 MHN - detected UnsignedFile.Multi.Generic (1) 19:47:31.0140 3104 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys 19:47:31.0484 3104 MHNDRV ( UnsignedFile.Multi.Generic ) - warning 19:47:31.0484 3104 MHNDRV - detected UnsignedFile.Multi.Generic (1) 19:47:31.0812 3104 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 19:47:32.0812 3104 mnmdd - ok 19:47:33.0109 3104 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 19:47:33.0656 3104 mnmsrvc - ok 19:47:34.0000 3104 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys 19:47:34.0968 3104 Modem - ok 19:47:35.0187 3104 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 19:47:35.0984 3104 Mouclass - ok 19:47:36.0156 3104 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys 19:47:36.0687 3104 mouhid - ok 19:47:36.0906 3104 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 19:47:37.0390 3104 MountMgr - ok 19:47:37.0406 3104 mraid35x - ok 19:47:37.0656 3104 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 19:47:38.0484 3104 MRxDAV - ok 19:47:39.0218 3104 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 19:47:40.0921 3104 MRxSmb - ok 19:47:41.0109 3104 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe 19:47:41.0734 3104 MSDTC - ok 19:47:41.0812 3104 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 19:47:42.0453 3104 Msfs - ok 19:47:42.0484 3104 MSIServer - ok 19:47:42.0562 3104 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 19:47:43.0375 3104 MSKSSRV - ok 19:47:43.0906 3104 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 19:47:44.0640 3104 MSPCLOCK - ok 19:47:44.0687 3104 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 19:47:45.0109 3104 MSPQM - ok 19:47:45.0437 3104 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 19:47:45.0781 3104 mssmbios - ok 19:47:46.0421 3104 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 19:47:47.0093 3104 Mup - ok 19:47:47.0859 3104 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll 19:47:48.0796 3104 napagent - ok 19:47:49.0109 3104 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 19:47:50.0125 3104 NDIS - ok 19:47:50.0343 3104 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 19:47:51.0125 3104 NdisTapi - ok 19:47:51.0375 3104 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 19:47:52.0250 3104 Ndisuio - ok 19:47:52.0484 3104 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 19:48:03.0015 3104 NdisWan - ok 19:48:03.0140 3104 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 19:48:04.0625 3104 NDProxy - ok 19:48:04.0718 3104 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 19:48:13.0031 3104 NetBIOS - ok 19:48:13.0328 3104 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 19:48:14.0140 3104 NetBT - ok 19:48:14.0296 3104 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe 19:48:15.0484 3104 NetDDE - ok 19:48:15.0593 3104 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 19:48:16.0703 3104 NetDDEdsdm - ok 19:48:17.0109 3104 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe 19:48:17.0609 3104 Netlogon - ok 19:48:18.0734 3104 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll 19:48:19.0593 3104 Netman - ok 19:48:20.0359 3104 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 19:48:21.0468 3104 NetTcpPortSharing - ok 19:48:21.0640 3104 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys 19:48:25.0390 3104 NIC1394 - ok 19:48:26.0500 3104 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll 19:48:30.0062 3104 Nla - ok 19:48:31.0140 3104 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 19:48:32.0234 3104 Npfs - ok 19:48:33.0687 3104 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 19:48:35.0750 3104 Ntfs - ok 19:48:36.0093 3104 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 19:48:36.0453 3104 NtLmSsp - ok 19:48:36.0953 3104 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 19:48:38.0281 3104 NtmsSvc - ok 19:48:38.0359 3104 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys 19:48:39.0468 3104 Null - ok 19:48:39.0546 3104 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 19:48:40.0203 3104 NwlnkFlt - ok 19:48:40.0468 3104 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 19:48:41.0484 3104 NwlnkFwd - ok 19:48:41.0718 3104 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys 19:48:42.0875 3104 ohci1394 - ok 19:48:43.0453 3104 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE 19:48:43.0593 3104 ose - ok 19:48:43.0812 3104 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\drivers\Parport.sys 19:48:44.0828 3104 Parport - ok 19:48:44.0953 3104 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 19:48:46.0187 3104 PartMgr - ok 19:48:46.0453 3104 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 19:48:48.0062 3104 ParVdm - ok 19:48:48.0328 3104 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 19:48:48.0734 3104 PCI - ok 19:48:48.0796 3104 PCIDump - ok 19:48:48.0812 3104 PCIIde - ok 19:48:49.0187 3104 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys 19:48:50.0000 3104 Pcmcia - ok 19:48:50.0015 3104 PDCOMP - ok 19:48:50.0046 3104 PDFRAME - ok 19:48:50.0078 3104 PDRELI - ok 19:48:50.0093 3104 PDRFRAME - ok 19:48:50.0109 3104 perc2 - ok 19:48:50.0125 3104 perc2hib - ok 19:48:50.0281 3104 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe 19:48:50.0703 3104 PlugPlay - ok 19:48:50.0734 3104 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 19:48:51.0796 3104 PolicyAgent - ok 19:48:52.0453 3104 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 19:48:52.0968 3104 PptpMiniport - ok 19:48:52.0984 3104 prmvmouse - ok 19:48:53.0500 3104 [ 2CB55427C58679F49AD600FCCBA76360 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys 19:48:53.0953 3104 Processor - ok 19:48:54.0015 3104 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 19:48:54.0828 3104 ProtectedStorage - ok 19:48:54.0937 3104 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 19:48:55.0593 3104 PSched - ok 19:48:57.0156 3104 [ D24DFD16A1E2A76034DF5AA18125C35D ] PSI C:\WINDOWS\system32\DRIVERS\psi_mf.sys 19:48:57.0484 3104 PSI - ok 19:48:57.0546 3104 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 19:48:58.0921 3104 Ptilink - ok 19:48:59.0453 3104 [ 617ACCADA2E0A0F43EC6030BBAC49513 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys 19:49:00.0156 3104 PxHelp20 - ok 19:49:00.0156 3104 ql1080 - ok 19:49:00.0187 3104 Ql10wnt - ok 19:49:00.0203 3104 ql12160 - ok 19:49:00.0218 3104 ql1240 - ok 19:49:00.0234 3104 ql1280 - ok 19:49:00.0500 3104 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 19:49:01.0812 3104 RasAcd - ok 19:49:01.0937 3104 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll 19:49:02.0781 3104 RasAuto - ok 19:49:03.0078 3104 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 19:49:04.0390 3104 Rasl2tp - ok 19:49:05.0640 3104 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll 19:49:06.0406 3104 RasMan - ok 19:49:06.0484 3104 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 19:49:06.0937 3104 RasPppoe - ok 19:49:07.0093 3104 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 19:49:07.0843 3104 Raspti - ok 19:49:08.0015 3104 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 19:49:09.0593 3104 Rdbss - ok 19:49:09.0906 3104 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 19:49:10.0296 3104 RDPCDD - ok 19:49:11.0203 3104 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys 19:49:12.0250 3104 rdpdr - ok 19:49:13.0187 3104 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 19:49:18.0515 3104 RDPWD - ok 19:49:18.0968 3104 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 19:49:20.0968 3104 RDSessMgr - ok 19:49:22.0078 3104 [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] RealNetworks Downloader Resolver Service C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe 19:49:22.0671 3104 RealNetworks Downloader Resolver Service - ok 19:49:22.0734 3104 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 19:49:23.0875 3104 redbook - ok 19:49:24.0890 3104 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 19:49:25.0203 3104 RemoteAccess - ok 19:49:25.0468 3104 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 19:49:25.0921 3104 RemoteRegistry - ok 19:49:26.0031 3104 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe 19:49:26.0500 3104 RpcLocator - ok 19:49:27.0171 3104 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll 19:49:29.0281 3104 RpcSs - ok 19:49:29.0468 3104 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe 19:49:30.0531 3104 RSVP - ok 19:49:30.0656 3104 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe 19:49:31.0125 3104 SamSs - ok 19:49:31.0265 3104 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 19:49:32.0187 3104 SCardSvr - ok 19:49:32.0937 3104 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll 19:49:34.0187 3104 Schedule - ok 19:49:34.0390 3104 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 19:49:36.0531 3104 Secdrv - ok 19:49:36.0671 3104 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll 19:49:37.0203 3104 seclogon - ok 19:49:37.0421 3104 Secunia PSI Agent - ok 19:49:37.0437 3104 Secunia Update Agent - ok 19:49:38.0078 3104 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll 19:49:38.0765 3104 SENS - ok 19:49:38.0906 3104 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\drivers\Serial.sys 19:49:39.0640 3104 Serial - ok 19:49:39.0781 3104 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\DRIVERS\sfloppy.sys 19:49:40.0171 3104 Sfloppy - ok 19:49:40.0562 3104 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 19:49:41.0468 3104 SharedAccess - ok 19:49:41.0687 3104 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 19:49:41.0890 3104 ShellHWDetection - ok 19:49:41.0906 3104 Simbad - ok 19:49:41.0921 3104 Sparrow - ok 19:49:41.0984 3104 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys 19:49:42.0734 3104 splitter - ok 19:49:42.0890 3104 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe 19:49:43.0234 3104 Spooler - ok 19:49:43.0359 3104 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 19:49:43.0781 3104 sr - ok 19:49:44.0078 3104 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll 19:49:45.0031 3104 srservice - ok 19:49:45.0453 3104 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 19:49:46.0875 3104 Srv - ok 19:49:47.0078 3104 [ B2063CE662AF3AB20045121A5B716DF6 ] sscebus C:\WINDOWS\system32\DRIVERS\sscebus.sys 19:49:47.0281 3104 sscebus - ok 19:49:47.0359 3104 [ 66799DC0AFE3DCAF8368CAE17394A762 ] sscemdfl C:\WINDOWS\system32\DRIVERS\sscemdfl.sys 19:49:47.0937 3104 sscemdfl - ok 19:49:48.0062 3104 [ CBF03FFC08F8DB547BAB2F79AA663D16 ] sscemdm C:\WINDOWS\system32\DRIVERS\sscemdm.sys 19:49:48.0343 3104 sscemdm - ok 19:49:48.0437 3104 [ 60CD4AD33AA52E58FAAC3ABAD18CF8EF ] ssceserd C:\WINDOWS\system32\DRIVERS\ssceserd.sys 19:49:48.0656 3104 ssceserd - ok 19:49:49.0421 3104 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 19:49:51.0921 3104 SSDPSRV - ok 19:49:52.0015 3104 [ A2DBCC4C8860449DF1AB758EA28B4DE0 ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys 19:49:52.0968 3104 StillCam - ok 19:49:53.0500 3104 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll 19:49:55.0156 3104 stisvc - ok 19:49:55.0312 3104 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 19:49:55.0906 3104 swenum - ok 19:49:56.0015 3104 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 19:49:56.0875 3104 swmidi - ok 19:49:57.0109 3104 SwPrv - ok 19:49:57.0187 3104 symc810 - ok 19:49:57.0203 3104 symc8xx - ok 19:49:57.0218 3104 sym_hi - ok 19:49:57.0250 3104 sym_u3 - ok 19:49:57.0515 3104 [ E76E0A9A30A4F2809A3356AF32D06F0B ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys 19:49:58.0046 3104 SynTP - ok 19:49:58.0546 3104 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 19:49:59.0390 3104 sysaudio - ok 19:49:59.0531 3104 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 19:50:01.0203 3104 SysmonLog - ok 19:50:01.0453 3104 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 19:50:03.0062 3104 TapiSrv - ok 19:50:03.0406 3104 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 19:50:04.0203 3104 Tcpip - ok 19:50:05.0031 3104 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 19:50:05.0609 3104 TDPIPE - ok 19:50:05.0687 3104 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 19:50:06.0156 3104 TDTCP - ok 19:50:06.0265 3104 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 19:50:06.0593 3104 TermDD - ok 19:50:08.0328 3104 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll 19:50:09.0531 3104 TermService - ok 19:50:10.0140 3104 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll 19:50:11.0843 3104 Themes - ok 19:50:12.0734 3104 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe 19:50:13.0859 3104 TlntSvr - ok 19:50:13.0875 3104 TosIde - ok 19:50:14.0093 3104 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll 19:50:15.0140 3104 TrkWks - ok 19:50:15.0234 3104 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 19:50:16.0312 3104 Udfs - ok 19:50:16.0328 3104 ULI5261XP - ok 19:50:16.0453 3104 ultra - ok 19:50:16.0828 3104 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 19:50:18.0390 3104 Update - ok 19:50:18.0921 3104 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll 19:50:19.0515 3104 upnphost - ok 19:50:19.0609 3104 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe 19:50:20.0078 3104 UPS - ok 19:50:20.0343 3104 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 19:50:21.0453 3104 usbehci - ok 19:50:21.0703 3104 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 19:50:22.0625 3104 usbhub - ok 19:50:22.0734 3104 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys 19:50:23.0765 3104 usbohci - ok 19:50:23.0890 3104 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys 19:50:24.0312 3104 usbprint - ok 19:50:25.0406 3104 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 19:50:26.0250 3104 usbscan - ok 19:50:26.0765 3104 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 19:50:27.0968 3104 USBSTOR - ok 19:50:28.0562 3104 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 19:50:29.0531 3104 VgaSave - ok 19:50:29.0546 3104 ViaIde - ok 19:50:29.0656 3104 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 19:50:30.0000 3104 VolSnap - ok 19:50:30.0953 3104 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe 19:50:32.0234 3104 VSS - ok 19:50:33.0203 3104 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll 19:50:35.0750 3104 W32Time - ok 19:50:36.0609 3104 [ 0BAA4C13CCD2CAFE1E121121F1C1611D ] W33ND C:\WINDOWS\system32\DRIVERS\W33ND.SYS 19:50:39.0921 3104 W33ND - ok 19:50:41.0781 3104 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 19:50:43.0750 3104 Wanarp - ok 19:50:43.0765 3104 wanatw - ok 19:50:43.0859 3104 [ 553E38A0E5C8FEB94CC228F3AF700AC2 ] wbsecdrv C:\WINDOWS\system32\DRIVERS\wbsecdrv.sys 19:50:44.0031 3104 wbsecdrv ( UnsignedFile.Multi.Generic ) - warning 19:50:44.0031 3104 wbsecdrv - detected UnsignedFile.Multi.Generic (1) 19:50:44.0062 3104 wbsecsvc - ok 19:50:44.0078 3104 WDICA - ok 19:50:44.0625 3104 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 19:50:44.0984 3104 wdmaud - ok 19:50:45.0125 3104 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll 19:50:46.0765 3104 WebClient - ok 19:50:47.0718 3104 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 19:50:48.0343 3104 winmgmt - ok 19:50:48.0468 3104 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll 19:50:49.0093 3104 WmdmPmSN - ok 19:50:49.0828 3104 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll 19:50:51.0156 3104 Wmi - ok 19:50:51.0703 3104 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 19:50:52.0609 3104 WmiApSrv - ok 19:50:59.0531 3104 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe 19:51:01.0843 3104 WMPNetworkSvc - ok 19:51:02.0625 3104 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys 19:51:03.0000 3104 WpdUsb - ok 19:51:09.0453 3104 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll 19:51:10.0562 3104 wscsvc - ok 19:51:11.0781 3104 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll 19:51:12.0828 3104 wuauserv - ok 19:51:13.0062 3104 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys 19:51:13.0781 3104 WudfPf - ok 19:51:13.0937 3104 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys 19:51:14.0421 3104 WudfRd - ok 19:51:14.0531 3104 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll 19:51:15.0390 3104 WudfSvc - ok 19:51:16.0937 3104 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 19:51:26.0015 3104 WZCSVC - ok 19:51:27.0359 3104 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll 19:51:28.0265 3104 xmlprov - ok 19:51:28.0296 3104 ================ Scan global =============================== 19:51:28.0421 3104 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll 19:51:29.0078 3104 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll 19:51:30.0250 3104 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll 19:51:30.0609 3104 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe 19:51:30.0625 3104 [Global] - ok 19:51:30.0625 3104 ================ Scan MBR ================================== 19:51:31.0156 3104 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0 19:51:55.0406 3104 \Device\Harddisk0\DR0 - ok 19:51:55.0421 3104 ================ Scan VBR ================================== 19:51:55.0546 3104 [ 3512296C03EBE65E2D567EBF627925BE ] \Device\Harddisk0\DR0\Partition1 19:51:55.0968 3104 \Device\Harddisk0\DR0\Partition1 - ok 19:51:56.0015 3104 [ 6FC8CA293581F30C410419C7437CF90A ] \Device\Harddisk0\DR0\Partition2 19:51:56.0109 3104 \Device\Harddisk0\DR0\Partition2 - ok 19:51:56.0125 3104 ============================================================ 19:51:56.0125 3104 Scan finished 19:51:56.0125 3104 ============================================================ 19:51:56.0484 1592 Detected object count: 9 19:51:56.0484 1592 Actual detected object count: 9 19:53:53.0515 1592 Apple Mobile Device ( UnsignedFile.Multi.Generic ) - skipped by user 19:53:53.0515 1592 Apple Mobile Device ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:53:53.0515 1592 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user 19:53:53.0515 1592 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:53:53.0515 1592 FsUsbExService ( UnsignedFile.Multi.Generic ) - skipped by user 19:53:53.0515 1592 FsUsbExService ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:53:53.0515 1592 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user 19:53:53.0515 1592 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:53:53.0531 1592 Iviaspi ( UnsignedFile.Multi.Generic ) - skipped by user 19:53:53.0531 1592 Iviaspi ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:53:53.0531 1592 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user 19:53:53.0531 1592 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:53:53.0531 1592 MHN ( UnsignedFile.Multi.Generic ) - skipped by user 19:53:53.0531 1592 MHN ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:53:53.0531 1592 MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user 19:53:53.0531 1592 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:53:53.0546 1592 wbsecdrv ( UnsignedFile.Multi.Generic ) - skipped by user 19:53:53.0546 1592 wbsecdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:02:53.0890 1704 Deinitialize success |
|
25.02.2013, 20:24
| #6 |
| /// Malware-holic | Computer ist plötzlich extrem langsam Aloa, Scan mit Combofix
__________________ --> Computer ist plötzlich extrem langsam |
|
27.02.2013, 10:19
| #7 |
| | Computer ist plötzlich extrem langsam Hi, ich habe jetzt mehrfach versucht, den Scan mit Combofix zu machen, aber jedes Mal endet es nach einer Weile damit, dass der Computer herunter und wieder hochfährt, es aber kein Logfile gibt. Stattdessen kam die Windows Meldung: Das System wird nach einem schwerwiegenden Fehler wieder ausgeführt. Problemsignatur: BCCode: 19 BCP1: 000 000 20 BCP2: 84037968 BCP3: 84037080 BCP4: 1A830001 OSVer: 5_1_2600 SP: 3_0 Product: 256_1 |
|
27.02.2013, 13:18
| #8 |
| /// Malware-holic | Computer ist plötzlich extrem langsam starte neu, drücke f8 wähle abgesicherter modus, melde dich in deinem Konto an, führe combofix erneut aus, starte, wenn fertig, in den normalen Modus und poste das log.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
WARNUNG an die MITLESER: 
Linear-Darstellung
