Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Mein PC ist vielleicht Infiziert. (https://www.trojaner-board.de/113761-pc-vielleicht-infiziert.html)

Leon3221 17.04.2012 16:44
Mein PC ist vielleicht Infiziert.
 
Hallo Liebe Com.
Heute wurde ein Acc von mir gehackt in meinem Spiel aber ich weiß nicht wie das Passieren konnte ich habe vor Kurtzem erst meine Vieren Software drüber laufen lassen und komischer weise hat es bei 62% Gestoppt und es ging ein Fenster auf nicht von Avira das eine neue Sofware gefunden wurde und dann habe ich nicht installieren geklickt und dann wurde nicht weiter geprüft avira war dann ,,Fertig,, vielleicht hatte es auch garnichts damit zutuhen naja was kan ich sonnst noch tun um sicher zu gehn das mein PC Vieren und Trojaner frei ist kann mir bitte einer Helfen ?

markusg 17.04.2012 16:55
hi
öffne avira, berichte, suche berichte mit funden, poste sie.
avira, ereignisse, poste fundmeldungen.
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

Leon3221 17.04.2012 18:00
Hallo ich habe mit Avira nomma gestestet nichts Kein Fund.
Habe aber OTL gemacht. Und weil nebenbei keine Programme Laufen sollen hoffe habe das richtig gemacht einfach den Browser geschlossen. Und am 2.April war der Letzte Fund aber der Passt nicht mehr rein.

OTL :OTL Logfile:
Code:
OTL logfile created on: 17.04.2012 18:31:10 - Run 1
OTL by OldTimer - Version 3.2.39.2    Folder = C:\Dokumente und Einstellungen\Leon\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1022,42 Mb Total Physical Memory | 592,89 Mb Available Physical Memory | 57,99% Memory free
2,40 Gb Paging File | 1,85 Gb Available in Paging File | 76,86% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 97,65 Gb Total Space | 2,64 Gb Free Space | 2,70% Space Free | Partition Type: NTFS
Drive H: | 675,23 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: LEON3221 | User Name: Leon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.04.17 18:18:12 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Leon\Desktop\OTL.exe
PRC - [2012.03.27 12:13:52 | 000,180,648 | ---- | M] (Google Inc.) -- C:\Dokumente und Einstellungen\Leon\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.111\GoogleCrashHandler.exe
PRC - [2012.03.09 18:53:05 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Programme\Steam\steam.exe
PRC - [2012.01.18 15:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2011.08.09 12:06:07 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.03.28 16:15:17 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.03.28 16:15:04 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.03.28 16:14:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.09.30 14:00:28 | 000,253,264 | ---- | M] () -- C:\Programme\1&1 Surf-Stick\AssistantServices.exe
PRC - [2010.09.30 14:00:28 | 000,139,088 | ---- | M] () -- C:\Programme\1&1 Surf-Stick\UIExec.exe
PRC - [2010.05.25 08:44:30 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) -- C:\WINDOWS\system32\dgdersvc.exe
PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.05.12 11:19:54 | 000,270,336 | ---- | M] () -- C:\WINDOWS\tsnp2std.exe
PRC - [2007.05.10 16:58:42 | 000,344,064 | ---- | M] (Sonix) -- C:\WINDOWS\vsnp2std.exe
PRC - [2007.02.12 14:50:40 | 000,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.04.12 21:33:06 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\db1d2470de43ffcb6f562277208d56e5\System.Web.ni.dll
MOD - [2012.04.12 20:08:48 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d96906db18e87ffe2e08f6cda7e2be0f\System.Windows.Forms.ni.dll
MOD - [2012.04.12 20:08:33 | 001,591,808 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\8d886cdc2ca5f0ff97cd1afe8773bb6e\System.Drawing.ni.dll
MOD - [2012.03.24 10:28:36 | 000,190,776 | ---- | M] () -- C:\Programme\Steam\bin\avformat-53.dll
MOD - [2012.03.24 10:28:36 | 000,123,192 | ---- | M] () -- C:\Programme\Steam\bin\avutil-51.dll
MOD - [2012.03.24 10:28:35 | 001,099,576 | ---- | M] () -- C:\Programme\Steam\bin\avcodec-53.dll
MOD - [2012.02.16 23:22:00 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\c14e58265386feb509cc61bb5e8dd296\System.Runtime.Remoting.ni.dll
MOD - [2012.02.15 16:16:03 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\77e1279cbf4eecfb0284b63316fe43fe\System.Xml.ni.dll
MOD - [2012.02.15 16:14:18 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f056291862e306a8e2b2\System.ni.dll
MOD - [2011.12.06 19:36:23 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll
MOD - [2011.12.06 18:05:09 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011.04.07 19:24:29 | 000,140,288 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2011.03.31 18:45:11 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3036.27933__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2011.03.31 18:45:11 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3036.27930__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2011.03.31 18:45:11 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3036.28032__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2011.03.31 18:45:11 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3036.27948__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2011.03.31 18:45:11 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3036.27940__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2011.03.31 18:45:11 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3036.27960__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2011.03.31 18:45:05 | 000,011,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3075.39054__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2011.03.31 18:45:05 | 000,006,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory.resources\2.0.3075.38696_de_90ba9c70f846762e\CLI.Component.SkinFactory.resources.dll
MOD - [2011.03.31 18:45:04 | 000,397,312 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3075.38732__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2011.03.31 18:45:04 | 000,102,400 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3075.39003__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2011.03.31 18:45:04 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3075.39000__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2011.03.31 18:45:04 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3075.38696__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2011.03.31 18:45:04 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3036.27937__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2011.03.31 18:45:04 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3036.27941__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2011.03.31 18:45:04 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3036.27962__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2011.03.31 18:45:04 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3036.27961__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2011.03.31 18:45:04 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.3036.27941__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2011.03.31 18:45:04 | 000,014,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2011.03.31 18:45:04 | 000,013,312 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2011.03.31 18:45:03 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3036.27949__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2011.03.31 18:45:03 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3075.39002__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2010.09.30 14:00:28 | 000,253,264 | ---- | M] () -- C:\Programme\1&1 Surf-Stick\AssistantServices.exe
MOD - [2010.09.30 14:00:28 | 000,139,088 | ---- | M] () -- C:\Programme\1&1 Surf-Stick\UIExec.exe
MOD - [2010.06.17 15:27:02 | 000,355,688 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2008.04.14 04:22:16 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007.05.12 11:19:54 | 000,270,336 | ---- | M] () -- C:\WINDOWS\tsnp2std.exe
MOD - [2007.02.12 14:50:40 | 000,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe
MOD - [2004.09.02 04:33:56 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\xfire_lsp_9028.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\Programme\Google\Update\GoogleUpdate.exe /medsvc -- (gupdatem) Google Update-Dienst (gupdatem)
SRV - File not found [Auto | Stopped] -- C:\Programme\Google\Update\GoogleUpdate.exe /svc -- (gupdate) Google Update-Dienst (gupdate)
SRV - File not found [Auto | Stopped] -- C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2011.08.09 12:06:07 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.04.24 22:55:00 | 004,066,168 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\system32\GameMon.des -- (npggsvc)
SRV - [2011.03.28 16:15:04 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.09.30 14:00:28 | 000,253,264 | ---- | M] () [Auto | Running] -- C:\Programme\1&1 Surf-Stick\AssistantServices.exe -- (UI Assistant Service)
SRV - [2010.05.25 08:44:30 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\dgdersvc.exe -- (dgdersvc)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\xpsec.sys -- (xpsec)
DRV - File not found [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\xcpip.sys -- (xcpip)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wbymj4iz.sys -- (wbymj4iz.sys)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\fwlanusb.sys -- (FWLANUSB)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2011.10.26 05:01:40 | 007,412,736 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2011.08.09 12:06:08 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.08.09 12:06:08 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.05.03 16:33:46 | 006,404,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010.06.17 15:27:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.06.17 15:26:52 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2010.05.25 09:59:24 | 000,121,576 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2010.05.25 09:59:24 | 000,096,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2010.05.25 09:59:24 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2010.05.25 08:44:30 | 000,018,136 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2009.11.18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009.10.29 19:28:24 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2009.10.29 19:28:24 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2009.10.29 19:28:24 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2009.10.29 19:28:24 | 000,009,216 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\massfilter.sys -- (massfilter)
DRV - [2008.04.13 20:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2007.12.06 09:51:00 | 000,285,952 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2007.05.30 19:15:08 | 000,013,184 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV - [2007.05.10 16:10:50 | 012,179,584 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snp2sxp.sys -- (SNP2STD) USB2.0 PC Camera (SNP2STD)
DRV - [2007.04.16 21:46:00 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006.11.10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2006.02.27 05:46:20 | 000,081,408 | ---- | M] (Realtek Semiconductor Corporation                          ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2005.01.01 11:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\npptNT2.sys -- (NPPTNT2)
DRV - [2004.08.04 14:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004.08.04 14:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004.08.03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.softonic.com/MON00016/tb_v1?SearchSource=10&cc=
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\InprocServer32 File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Softonic)"
FF - prefs.js..browser.startup.homepage: "hxxp://search.softonic.com/MON00016/tb_v1?SearchSource=13&cc="
FF - prefs.js..keyword.URL: "hxxp://search.softonic.com/MON00016/tb_v1?SearchSource=2&cc=&q="
FF - prefs.js..network.proxy.type: 0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Programme\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Dokumente und Einstellungen\Leon\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Dokumente und Einstellungen\Leon\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Programme\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.03.11 01:43:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins
 
[2011.05.07 19:45:12 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\Mozilla\Extensions
[2012.03.29 15:03:32 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\Mozilla\Firefox\Profiles\hz1cr4u4.default\extensions
[2012.03.29 15:03:32 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\Mozilla\Firefox\Profiles\hz1cr4u4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.01.03 15:24:44 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\Mozilla\Firefox\Profiles\hz1cr4u4.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.03.11 01:43:32 | 000,000,000 | ---D | M] (Softonic Toolbar) -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\Mozilla\Firefox\Profiles\hz1cr4u4.default\extensions\ffxtlbra@softonic.com
[2012.01.27 17:20:42 | 000,000,000 | ---D | M] (Yontoo) -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\Mozilla\Firefox\Profiles\hz1cr4u4.default\extensions\plugin@yontoo.com
[2012.03.29 15:01:21 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\Mozilla\Firefox\Profiles\hz1cr4u4.default\searchplugins\icqplugin-1.xml
[2011.12.18 09:11:02 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\Mozilla\Firefox\Profiles\hz1cr4u4.default\searchplugins\icqplugin-10.xml
[2012.03.11 01:43:49 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\Mozilla\Firefox\Profiles\hz1cr4u4.default\searchplugins\icqplugin-11.xml
[2011.09.15 12:47:51 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\Mozilla\Firefox\Profiles\hz1cr4u4.default\searchplugins\icqplugin-2.xml
[2011.09.21 20:46:27 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\Mozilla\Firefox\Profiles\hz1cr4u4.default\searchplugins\icqplugin-3.xml
[2011.09.29 12:38:33 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\Mozilla\Firefox\Profiles\hz1cr4u4.default\searchplugins\icqplugin-4.xml
[2011.10.06 19:43:54 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\Mozilla\Firefox\Profiles\hz1cr4u4.default\searchplugins\icqplugin-5.xml
[2011.10.18 11:44:26 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\Mozilla\Firefox\Profiles\hz1cr4u4.default\searchplugins\icqplugin-6.xml
[2011.11.06 17:05:40 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\Mozilla\Firefox\Profiles\hz1cr4u4.default\searchplugins\icqplugin-7.xml
[2011.11.18 21:36:04 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\Mozilla\Firefox\Profiles\hz1cr4u4.default\searchplugins\icqplugin-8.xml
[2011.12.11 17:06:16 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\Mozilla\Firefox\Profiles\hz1cr4u4.default\searchplugins\icqplugin-9.xml
[2011.08.24 15:54:45 | 000,001,056 | ---- | M] () -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\Mozilla\Firefox\Profiles\hz1cr4u4.default\searchplugins\icqplugin.xml
[2012.01.27 17:25:41 | 000,002,060 | ---- | M] () -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\Mozilla\Firefox\Profiles\hz1cr4u4.default\searchplugins\softonic.xml
[2012.03.18 16:59:44 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.02.10 13:24:40 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.03.18 16:59:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012.03.10 02:11:54 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.03.10 03:39:14 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.10 03:25:15 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.03.10 03:39:14 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.03.10 03:39:14 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.03.10 03:39:14 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.03.10 03:39:14 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Search the web (Softonic) (Enabled)
CHR - default_search_provider: search_url = hxxp://search.softonic.com/MON00016/tb_v1?q={searchTerms}&SearchSource=49&cc=
CHR - default_search_provider: suggest_url =
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Dokumente und Einstellungen\Leon\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Dokumente und Einstellungen\Leon\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Dokumente und Einstellungen\Leon\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Dokumente und Einstellungen\Leon\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Programme\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Dokumente und Einstellungen\Leon\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Programme\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Programme\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Dokumente und Einstellungen\Leon\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Dokumente und Einstellungen\Leon\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Skype Click to Call = C:\Dokumente und Einstellungen\Leon\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
CHR - Extension: Yontoo = C:\Dokumente und Einstellungen\Leon\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.2_0\
CHR - Extension: Google Mail = C:\Dokumente und Einstellungen\Leon\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2004.08.04 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Programme\Softonic\softonic\1.5.11.5\bh\softonic.dll (Softonic.com)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Programme\Yontoo\YontooIEClient.dll File not found
O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Programme\Softonic\softonic\1.5.11.5\softonicTlbr.dll (Softonic.com)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll File not found
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACDaemon.exe File not found
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\FRITZWLANMini.exe File not found
O4 - HKLM..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe ()
O4 - HKLM..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe (Sonix)
O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe ()
O4 - HKLM..\Run: [UIExec] C:\Programme\1&1 Surf-Stick\UIExec.exe ()
O4 - HKCU..\Run: [Disker] C:\Dokumente und Einstellungen\Leon\Lokale Einstellungen\Temp\HIMYM.DLL (Microsoft Corporation)
O4 - HKCU..\Run: [EA Core] "C:\Programme\Electronic Arts\EADM\Core.exe" -silent File not found
O4 - HKCU..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\/\KiesTrayAgent.exe File not found
O4 - HKCU..\Run: [Pando Media Booster] C:\Programme\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [Steam] C:\Programme\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Magic-i Visual Effects.lnk =  File not found
O4 - Startup: C:\Dokumente und Einstellungen\Leon\Startmenü\Programme\Autostart\ubisoft register.lnk =  File not found
O4 - Startup: C:\Dokumente und Einstellungen\Leon\Startmenü\Programme\Autostart\Xfire.lnk =  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: _NoDriveTypeAutoRun = 0
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe File not found
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\System32\nwprovau.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\System32\nwprovau.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\System32\nwprovau.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\System32\nwprovau.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\System32\nwprovau.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - %SystemRoot%\System32\nwprovau.dll File not found
O12 - Plugin for: .spop - C:\Programme\Internet Explorer\PLUGINS\NPDocBox.dll (Intertrust Technologies, Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D0BB0B92-9393-4A1C-B9EE-05115E548DC7}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Leon\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Leon\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.03.31 18:19:59 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007.10.05 16:21:18 | 000,000,000 | R--D | M] - H:\Autorun -- [ CDFS ]
O32 - AutoRun File - [2004.10.05 19:11:42 | 000,180,224 | R--- | M] () - H:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2004.08.24 17:57:32 | 000,000,042 | R--- | M] () - H:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{ace943a4-5bbc-11e0-a742-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{ace943a4-5bbc-11e0-a742-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ace943a4-5bbc-11e0-a742-806d6172696f}\Shell\AutoRun\command - "" = H:\Autorun.exe -- [2004.10.05 19:11:42 | 000,180,224 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offlinebrowsingpaket
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer-Hilfe
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsererweiterungen
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - Zugang zu MSN Site
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML-Datenbindung
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer-Hauptschriftarten
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML-Hilfe
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
 
NetSvcs: 6to4 -  File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.04.17 18:18:09 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Leon\Desktop\OTL.exe
[2012.04.15 18:27:49 | 000,000,000 | ---D | C] -- C:\World of Warcraft
[2012.04.12 20:57:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Leon\Lokale Einstellungen\Anwendungsdaten\Help
[2012.04.10 17:55:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\World of Warcraft Public Test
[2012.04.07 12:51:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\MoonMt2 2012
[2012.04.02 23:32:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Leon\Startmenü\Programme\IrfanView
[2012.04.02 23:27:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Tinypic
[2012.03.21 19:26:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Leon\Eigene Dateien\RCT3
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[22 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.04.17 18:26:27 | 000,023,116 | ---- | M] () -- C:\Dokumente und Einstellungen\Leon\Desktop\f.rtf
[2012.04.17 18:19:01 | 000,001,206 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-1844823847-839522115-1003UA.job
[2012.04.17 18:19:00 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.04.17 18:18:12 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Leon\Desktop\OTL.exe
[2012.04.17 17:19:01 | 000,001,082 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.04.17 16:50:59 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.04.17 16:47:57 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.04.16 18:24:52 | 000,002,357 | ---- | M] () -- C:\Dokumente und Einstellungen\Leon\Desktop\Google Chrome.lnk
[2012.04.16 17:58:40 | 000,000,585 | ---- | M] () -- C:\Dokumente und Einstellungen\Leon\Desktop\s.lnk
[2012.04.15 12:19:05 | 000,001,154 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-1844823847-839522115-1003Core.job
[2012.04.14 15:52:47 | 004,529,067 | ---- | M] () -- C:\Dokumente und Einstellungen\Leon\Desktop\Karaoke - Blowing in the wind (Bob Dylan) Full video.mp3
[2012.04.14 01:48:48 | 005,221,748 | ---- | M] () -- C:\Dokumente und Einstellungen\Leon\Desktop\Milow - Ayo Technology (Karaoke).mp3
[2012.04.14 01:44:17 | 000,000,906 | ---- | M] () -- C:\Dokumente und Einstellungen\Leon\Desktop\DVDVideoSoft Free Studio.lnk
[2012.04.14 01:44:16 | 000,001,023 | ---- | M] () -- C:\Dokumente und Einstellungen\Leon\Desktop\Free YouTube to MP3 Converter.lnk
[2012.04.12 20:06:07 | 000,552,040 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.04.12 20:06:07 | 000,502,332 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.04.12 20:06:07 | 000,115,454 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.04.12 20:06:07 | 000,088,238 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.04.12 19:53:58 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.04.11 17:38:10 | 000,000,008 | ---- | M] () -- C:\Dokumente und Einstellungen\Leon\Desktop\Neu RTF-Dokument.rtf
[2012.04.10 17:09:04 | 000,000,662 | ---- | M] () -- C:\Dokumente und Einstellungen\Leon\Desktop\gg.rtf
[2012.03.31 22:05:33 | 000,000,908 | ---- | M] () -- C:\Dokumente und Einstellungen\Leon\Desktop\Verknüpfung mit .Dark-Fusion2 Patcher.lnk
[2012.03.21 19:26:25 | 000,043,520 | ---- | M] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[22 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.04.17 17:45:53 | 000,023,116 | ---- | C] () -- C:\Dokumente und Einstellungen\Leon\Desktop\f.rtf
[2012.04.15 18:45:13 | 000,000,585 | ---- | C] () -- C:\Dokumente und Einstellungen\Leon\Desktop\s.lnk
[2012.04.14 15:52:22 | 004,529,067 | ---- | C] () -- C:\Dokumente und Einstellungen\Leon\Desktop\Karaoke - Blowing in the wind (Bob Dylan) Full video.mp3
[2012.04.14 01:48:21 | 005,221,748 | ---- | C] () -- C:\Dokumente und Einstellungen\Leon\Desktop\Milow - Ayo Technology (Karaoke).mp3
[2012.04.14 01:44:17 | 000,000,906 | ---- | C] () -- C:\Dokumente und Einstellungen\Leon\Desktop\DVDVideoSoft Free Studio.lnk
[2012.04.14 01:44:16 | 000,001,023 | ---- | C] () -- C:\Dokumente und Einstellungen\Leon\Desktop\Free YouTube to MP3 Converter.lnk
[2012.04.11 17:38:10 | 000,000,008 | ---- | C] () -- C:\Dokumente und Einstellungen\Leon\Desktop\Neu RTF-Dokument.rtf
[2012.04.09 20:25:56 | 000,000,662 | ---- | C] () -- C:\Dokumente und Einstellungen\Leon\Desktop\gg.rtf
[2012.03.31 22:05:33 | 000,000,908 | ---- | C] () -- C:\Dokumente und Einstellungen\Leon\Desktop\Verknüpfung mit .Dark-Fusion2 Patcher.lnk
[2012.02.15 15:57:07 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.12.15 06:39:42 | 000,042,392 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2011.12.11 16:13:35 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2011.12.11 16:13:31 | 000,242,430 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2011.12.11 16:13:31 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2011.12.03 16:55:54 | 000,000,328 | ---- | C] () -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\Metin2_Multibot.cfg
[2011.11.22 01:04:33 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2011.11.08 21:59:17 | 000,000,221 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2011.10.25 22:21:48 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\OpenVideo.dll
[2011.10.25 22:21:34 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\OVDecoder.dll
[2011.10.24 11:52:34 | 000,270,336 | ---- | C] () -- C:\WINDOWS\tsnp2std.exe
[2011.10.24 11:52:34 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2std.ini
[2011.10.24 11:52:33 | 012,179,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2sxp.sys
[2011.10.24 11:52:33 | 000,025,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncamd.sys
[2011.10.24 11:52:29 | 000,151,552 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2std.dll
[2011.10.24 11:52:29 | 000,077,824 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2std.dll
[2011.10.24 11:26:41 | 000,020,480 | ---- | C] () -- C:\WINDOWS\FixCamera.exe
[2011.10.18 11:44:05 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.07.23 16:45:07 | 000,006,656 | ---- | C] () -- C:\Dokumente und Einstellungen\Leon\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.10 08:39:32 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011.06.01 21:47:03 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2011.06.01 21:43:36 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2011.05.19 18:29:34 | 000,000,137 | ---- | C] () -- C:\Dokumente und Einstellungen\Leon\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2011.05.08 19:37:10 | 000,064,200 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2011.05.08 18:39:10 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\$_hpcst$.hpc
[2011.05.07 19:45:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011.04.18 16:04:07 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2011.03.31 20:45:31 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2011.03.31 20:45:31 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2011.03.31 20:45:12 | 000,185,344 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2011.03.31 19:10:42 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.03.31 19:03:38 | 000,122,136 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.03.31 18:47:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2011.03.31 18:41:38 | 000,097,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\Fwusb1b.bin
[2011.03.31 18:40:08 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2011.03.31 18:40:01 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2011.03.31 18:34:09 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.03.31 18:17:14 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010.05.25 08:45:24 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2010.05.25 08:45:24 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2010.05.25 08:45:24 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2010.05.25 08:45:24 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
 
========== LOP Check ==========
 
[2011.06.01 21:07:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Easy Driver Pro
[2011.04.05 16:30:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Electronic Arts
[2011.05.09 19:01:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2011.10.31 14:45:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PMB Files
[2011.05.08 18:39:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung
[2012.01.27 17:20:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Tarma Installer
[2011.06.01 21:08:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\UAB
[2012.03.18 17:02:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\.minecraft
[2011.04.19 13:24:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\Atari
[2012.01.27 16:26:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\Chirurgie Simulation
[2012.04.14 01:45:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\DVDVideoSoft
[2011.05.07 22:32:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\DVDVideoSoftIEHelpers
[2011.08.13 15:34:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\ICQ
[2011.04.01 23:21:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\InterTrust
[2011.04.20 18:58:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\Leadertech
[2011.10.30 19:15:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\LolClient
[2012.01.17 14:37:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\OpenOffice.org
[2011.05.07 20:35:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\Samsung
[2012.01.27 17:25:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\Softonic
[2011.07.11 20:41:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\TeamViewer
[2012.03.08 22:50:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\The Creative Assembly
[2012.01.02 01:15:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\TS3Client
[2012.01.02 19:40:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\ts3overlay
[2011.03.31 20:45:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\ubi.com
[2011.08.08 17:29:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\Windows Desktop Search
[2011.08.08 17:57:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Leon\Anwendungsdaten\Windows Search
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2011.12.11 16:05:53 | 000,000,000 | ---D | M] -- C:\ATI
[2011.03.31 18:20:04 | 000,000,000 | ---D | M] -- C:\DELL
[2011.03.31 19:16:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen
[2011.09.24 23:54:48 | 000,000,000 | -HSD | M] -- C:\found.000
[2011.07.02 13:27:31 | 000,000,000 | ---D | M] -- C:\pnp
[2011.04.05 16:30:00 | 000,000,000 | ---D | M] -- C:\ProgramData
[2012.04.10 17:52:52 | 000,000,000 | R--D | M] -- C:\Programme
[2011.03.31 18:54:19 | 000,000,000 | -HSD | M] -- C:\RECYCLER
[2012.04.17 18:21:31 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.05.10 18:57:23 | 000,000,000 | ---D | M] -- C:\UserData
[2012.04.12 21:48:36 | 000,000,000 | ---D | M] -- C:\WINDOWS
[2012.04.17 17:13:06 | 000,000,000 | ---D | M] -- C:\World of Warcraft
 
< %PROGRAMFILES%\*.exe >
Invalid Environment Variable: LOCALAPPDATA
 
< %systemroot%\*. /mp /s >
 
< MD5 for: AGP440.SYS  >
[2004.08.04 14:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2011.05.07 22:16:52 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2011.05.07 22:16:52 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2011.05.07 22:16:52 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2004.08.04 14:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2011.05.07 22:16:52 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2011.05.07 22:16:52 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2011.05.07 22:16:52 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.04 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\eventlog.dll
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
[2004.08.04 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
 
< MD5 for: EXPLORER.EXE  >
[2004.08.04 14:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=22FE1BE02EADDE1632E478E4125639E0 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\explorer.exe
 
< MD5 for: IASTOR.SYS  >
[2005.04.25 17:28:14 | 000,871,040 | ---- | M] (Intel Corporation) MD5=D593517879E65167DF35F6015814AC59 -- C:\WINDOWS\dell\iastor\iastor.sys
 
< MD5 for: NETLOGON.DLL  >
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\netlogon.dll
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
[2004.08.04 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
 
< MD5 for: NVATABUS.SYS  >
[2005.03.29 19:59:25 | 000,088,960 | ---- | M] (NVIDIA Corporation) MD5=A1F88223528AADBB6374132BECBBDCC1 -- C:\WINDOWS\dell\nvraid\NvAtaBus.sys
[2005.03.29 19:59:25 | 000,088,960 | ---- | M] (NVIDIA Corporation) MD5=A1F88223528AADBB6374132BECBBDCC1 -- C:\WINDOWS\system32\drivers\NvAtaBus.sys
 
< MD5 for: SCECLI.DLL  >
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\scecli.dll
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
[2004.08.04 14:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
 
< MD5 for: USER32.DLL  >
[2004.08.04 14:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\user32.dll
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\userinit.exe
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2004.08.04 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2004.08.04 14:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2004.08.04 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2004.08.04 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2011.03.31 20:02:40 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2011.03.31 20:02:40 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2011.03.31 20:02:39 | 000,450,560 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
 
< %systemroot%\system32\*.dll /lockedfiles >
[22 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
 
< %USERPROFILE%\*.* >
[2011.12.09 16:53:03 | 000,002,110 | ---- | M] () -- C:\Dokumente und Einstellungen\Leon\.recently-used.xbel
[2012.04.14 13:05:38 | 005,505,024 | -H-- | M] () -- C:\Dokumente und Einstellungen\Leon\NTUSER.DAT
[2012.04.17 18:35:05 | 000,001,024 | -H-- | M] () -- C:\Dokumente und Einstellungen\Leon\ntuser.dat.LOG
[2012.04.12 21:44:44 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Leon\ntuser.ini
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Kmode: %SystemRoot%\system32\win32k.sys [2012.02.03 11:57:08 | 001,860,224 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
 
<          >

< End of report >
--- --- ---





So und jetzt OTL Extras :





OTL Logfile:
Code:
OTL Extras logfile created on: 17.04.2012 18:31:10 - Run 1
OTL by OldTimer - Version 3.2.39.2    Folder = C:\Dokumente und Einstellungen\Leon\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1022,42 Mb Total Physical Memory | 592,89 Mb Available Physical Memory | 57,99% Memory free
2,40 Gb Paging File | 1,85 Gb Available in Paging File | 76,86% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 97,65 Gb Total Space | 2,64 Gb Free Space | 2,70% Space Free | Partition Type: NTFS
Drive H: | 675,23 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: LEON3221 | User Name: Leon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"58346:TCP" = 58346:TCP:*:Enabled:Pando Media Booster
"58346:UDP" = 58346:UDP:*:Enabled:Pando Media Booster
"3389:TCP" = 3389:TCP:*:Enabled:Remote Desktop
"65533:TCP" = 65533:TCP:*:Enabled:Services
"52344:TCP" = 52344:TCP:*:Enabled:Services
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"6881:TCP" = 6881:TCP:*:Enabled:Blizzard Downloader: 6881
"58346:TCP" = 58346:TCP:*:Enabled:Pando Media Booster
"58346:UDP" = 58346:UDP:*:Enabled:Pando Media Booster
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724
"3389:TCP" = 3389:TCP:*:Enabled:Remote Desktop
"65533:TCP" = 65533:TCP:*:Enabled:Services
"52344:TCP" = 52344:TCP:*:Enabled:Services
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Electronic Arts\EADM\Core.exe" = C:\Programme\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager
"C:\Dokumente und Einstellungen\Leon\Desktop\Kopie von Metin2\metin2client.bin" = C:\Dokumente und Einstellungen\Leon\Desktop\Kopie von Metin2\metin2client.bin:*:Enabled:metin2client
"C:\Dokumente und Einstellungen\Leon\Desktop\Metin2\metin2.bin" = C:\Dokumente und Einstellungen\Leon\Desktop\Metin2\metin2.bin:*:Enabled:metin2
"C:\Dokumente und Einstellungen\Leon\Desktop\Metin2\metin2client.bin" = C:\Dokumente und Einstellungen\Leon\Desktop\Metin2\metin2client.bin:*:Enabled:metin2client
"C:\Dokumente und Einstellungen\Leon\Desktop\Kopie von Kopie von Metin2\metin2client.bin" = C:\Dokumente und Einstellungen\Leon\Desktop\Kopie von Kopie von Metin2\metin2client.bin:*:Enabled:metin2client
"C:\Programme\ICQ7.5\ICQ.exe" = C:\Programme\ICQ7.5\ICQ.exe:*:Enabled:ICQ
"C:\Dokumente und Einstellungen\Leon\Desktop\esayFarmM2\metin2.bin" = C:\Dokumente und Einstellungen\Leon\Desktop\esayFarmM2\metin2.bin:*:Enabled:metin2
"C:\Dokumente und Einstellungen\Leon\Desktop\esayFarmM2\metin2client.bin" = C:\Dokumente und Einstellungen\Leon\Desktop\esayFarmM2\metin2client.bin:*:Enabled:metin2client
"C:\Dokumente und Einstellungen\Leon\Desktop\Hacker (probierrer)\metin2client.bin" = C:\Dokumente und Einstellungen\Leon\Desktop\Hacker (probierrer)\metin2client.bin:*:Enabled:metin2client
"C:\Dokumente und Einstellungen\Leon\Desktop\Metin2 (Clean)\metin2.bin" = C:\Dokumente und Einstellungen\Leon\Desktop\Metin2 (Clean)\metin2.bin:*:Enabled:metin2
"C:\Dokumente und Einstellungen\Leon\Desktop\Metin2 (Clean)\metin2client.bin" = C:\Dokumente und Einstellungen\Leon\Desktop\Metin2 (Clean)\metin2client.bin:*:Enabled:metin2client
"C:\Dokumente und Einstellungen\Leon\Desktop\Kopie von Metin2 (Clean)\metin2.bin" = C:\Dokumente und Einstellungen\Leon\Desktop\Kopie von Metin2 (Clean)\metin2.bin:*:Enabled:metin2
"C:\Dokumente und Einstellungen\Leon\Desktop\Kopie von Metin2 (Clean)\metin2client.bin" = C:\Dokumente und Einstellungen\Leon\Desktop\Kopie von Metin2 (Clean)\metin2client.bin:*:Enabled:metin2client
"C:\Dokumente und Einstellungen\Leon\Desktop\LongDong\metin2client.bin" = C:\Dokumente und Einstellungen\Leon\Desktop\LongDong\metin2client.bin:*:Enabled:metin2client
"C:\Programme\TeamViewer\Version6\TeamViewer.exe" = C:\Programme\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application
"C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe" = C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service
"C:\Dokumente und Einstellungen\Leon\Desktop\M2 Fish erpel\metin2client.bin" = C:\Dokumente und Einstellungen\Leon\Desktop\M2 Fish erpel\metin2client.bin:*:Enabled:metin2client
"C:\Programme\Metin2 Singapore\metin2.bin" = C:\Programme\Metin2 Singapore\metin2.bin:*:Enabled:metin2
"C:\World of Warcraft\Launcher.exe" = C:\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)
"C:\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe" = C:\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\World of Warcraft\Launcher.patch.exe" = C:\World of Warcraft\Launcher.patch.exe:*:Enabled:Blizzard Launcher
"C:\World of Warcraft\BackgroundDownloader.exe" = C:\World of Warcraft\BackgroundDownloader.exe:*:Enabled:BackgroundDownloader -- (Blizzard Entertainment)
"C:\Kopie von World of Warcraft\Launcher.exe" = C:\Kopie von World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher
"C:\Kopie von World of Warcraft\Launcher.patch.exe" = C:\Kopie von World of Warcraft\Launcher.patch.exe:*:Enabled:Blizzard Launcher
"C:\Kopie von World of Warcraft\BackgroundDownloader.exe" = C:\Kopie von World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader
"C:\Dokumente und Einstellungen\Leon\Desktop\WolfTeam-DE\Wolfteam.bin" = C:\Dokumente und Einstellungen\Leon\Desktop\WolfTeam-DE\Wolfteam.bin:*:Enabled:WolfTeam
"C:\Programme\Steam\steam.exe" = C:\Programme\Steam\steam.exe:*:Disabled:Steam -- (Valve Corporation)
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Programme\Xfire\ua_lsp_inst.exe" = C:\Programme\Xfire\ua_lsp_inst.exe:*:Enabled:ua_lsp_inst
"C:\Programme\EA GAMES\Medal of Honor Pacific Assault(tm)\mohpa.exe" = C:\Programme\EA GAMES\Medal of Honor Pacific Assault(tm)\mohpa.exe:*:Enabled:Medal of Honor Pacific Assault(tm)
"C:\Dokumente und Einstellungen\Leon\Eigene Dateien\Downloads\StarCraft_2_EU_de-DE.exe" = C:\Dokumente und Einstellungen\Leon\Eigene Dateien\Downloads\StarCraft_2_EU_de-DE.exe:*:Enabled:Blizzard Downloader
"C:\Programme\StarCraft II\StarCraft II.exe" = C:\Programme\StarCraft II\StarCraft II.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)
"C:\Programme\StarCraft II\Versions\Base19679\SC2.exe" = C:\Programme\StarCraft II\Versions\Base19679\SC2.exe:*:Enabled:StarCraft II -- (Blizzard Entertainment, Inc.)
"C:\Programme\Metin2\metin2.exe" = C:\Programme\Metin2\metin2.exe:*:Enabled:metin2 -- ()
"C:\Programme\Metin2\metin2client.bin" = C:\Programme\Metin2\metin2client.bin:*:Enabled:metin2client -- (Ymir Entertainment)
"C:\Programme\Xfire\Xfire.exe" = C:\Programme\Xfire\Xfire.exe:*:Enabled:Xfire
"C:\Programme\LucasArts\Star Wars Battlefront II\GameData\BattlefrontII.exe" = C:\Programme\LucasArts\Star Wars Battlefront II\GameData\BattlefrontII.exe:*:Enabled:BattlefrontII
"C:\Programme\StarCraft II\Versions\Base21029\SC2.exe" = C:\Programme\StarCraft II\Versions\Base21029\SC2.exe:*:Enabled:StarCraft II -- (Blizzard Entertainment, Inc.)
"C:\Programme\Steam\SteamApps\common\total war shogun 2\Shogun2.exe" = C:\Programme\Steam\SteamApps\common\total war shogun 2\Shogun2.exe:*:Enabled:Total War: SHOGUN 2 -- (The Creative Assembly Ltd)
"C:\Programme\Steam\SteamApps\common\total war shogun 2\data\encyclopedia\how_to_play.html" = C:\Programme\Steam\SteamApps\common\total war shogun 2\data\encyclopedia\how_to_play.html:*:Enabled:Total War: SHOGUN 2 -- ()
"C:\Programme\Steam\SteamApps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat" = C:\Programme\Steam\SteamApps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat:*:Enabled:Total War: SHOGUN 2 -- ()
"C:\Programme\Steam\SteamApps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat" = C:\Programme\Steam\SteamApps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat:*:Enabled:Total War: SHOGUN 2 -- ()
"C:\Programme\Steam\SteamApps\common\empire total war\Empire.exe" = C:\Programme\Steam\SteamApps\common\empire total war\Empire.exe:*:Enabled:Empire: Total War -- (The Creative Assembly Ltd)
"C:\Dokumente und Einstellungen\Leon\Desktop\client\metin2client.bin" = C:\Dokumente und Einstellungen\Leon\Desktop\client\metin2client.bin:*:Enabled:metin2client
"C:\Dokumente und Einstellungen\Leon\Desktop\gh\client\metin2client.bin" = C:\Dokumente und Einstellungen\Leon\Desktop\gh\client\metin2client.bin:*:Enabled:metin2client
"C:\Dokumente und Einstellungen\Leon\Eigene Dateien\Eigene Musik\gh\Blaa\SwitchbotIstNichtERLAUBT.bin" = C:\Dokumente und Einstellungen\Leon\Eigene Dateien\Eigene Musik\gh\Blaa\SwitchbotIstNichtERLAUBT.bin:*:Enabled:SwitchbotIstNichtERLAUBT
"C:\Dokumente und Einstellungen\Leon\Eigene Dateien\Eigene Musik\gh\client\metin2client.bin" = C:\Dokumente und Einstellungen\Leon\Eigene Dateien\Eigene Musik\gh\client\metin2client.bin:*:Enabled:metin2client -- ()
"C:\Dokumente und Einstellungen\Leon\Eigene Dateien\Eigene Musik\gh\df\Zephion - 2012\metin2client.exe" = C:\Dokumente und Einstellungen\Leon\Eigene Dateien\Eigene Musik\gh\df\Zephion - 2012\metin2client.exe:*:Enabled:metin2client
"C:\Programme\MoonMt2 2012\metin2client.exe" = C:\Programme\MoonMt2 2012\metin2client.exe:*:Enabled:metin2client
"I:\World of Warcraft\Temp\wow-4.2.1.2730-enUS-tools-downloader.exe" = I:\World of Warcraft\Temp\wow-4.2.1.2730-enUS-tools-downloader.exe:*:Enabled:Blizzard Downloader
"I:\World of Warcraft\Launcher.patch.exe" = I:\World of Warcraft\Launcher.patch.exe:*:Enabled:Blizzard Launcher
"I:\World of Warcraft\Launcher.exe" = I:\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher
"I:\World of Warcraft Public Test\Launcher.exe" = I:\World of Warcraft Public Test\Launcher.exe:*:Enabled:Blizzard Launcher
"I:\World of Warcraft Public Test\Launcher.patch.exe" = I:\World of Warcraft Public Test\Launcher.patch.exe:*:Enabled:Blizzard Launcher
"I:\World of Warcraft Public Test\BackgroundDownloader.exe" = I:\World of Warcraft Public Test\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader
"I:\World of Warcraft\Temp\wow-4.2.1.2736-enUS-tools-downloader.exe" = I:\World of Warcraft\Temp\wow-4.2.1.2736-enUS-tools-downloader.exe:*:Enabled:Blizzard Downloader
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{03E494A7-F504-DA41-3079-9E2FB36736BC}" = CCC Help English
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04A94422-A264-81D4-D65E-87276F5B402D}" = Catalyst Control Center Localization Italian
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{086BADF8-9B1F-4E89-B207-2EDA520972D6}" = Grand Theft Auto San Andreas
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0E73A14F-23FD-E1B8-ED38-108ECFA08440}" = Catalyst Control Center Localization Portuguese
"{14BC810B-5907-B9C3-B2F4-12D5EEA253F4}" = Catalyst Control Center Graphics Previews Common
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1A69935D-7AA8-C8E3-66FB-920279E0583A}" = Catalyst Control Center
"{1D328E11-3B0C-388C-835D-C9C20E8C7734}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{1F0D5576-C383-4E5E-9906-0B47BECBB8B6}" = Hama Webcam Suite
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23655B51-F898-DC12-A2A1-3348D875F659}" = CCC Help Czech
"{25611B0A-54C2-69B9-723D-668201C22CD4}" = ccc-core-static
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{27F38AC0-298C-F7E2-F3AE-F7D12BBBE9D5}" = CCC Help Chinese Traditional
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{30B695C3-C7B0-69E1-197B-409587BC1FD7}" = CCC Help Norwegian
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{399B10AC-4E84-20F8-5913-82526B16F561}" = Catalyst Control Center Graphics Light
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D374523-CFDE-461A-827E-2A102E2AB365}" = Star Wars Battlefront II
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION
"{3EC34F85-AF61-5B18-42D6-306B6B80E92E}" = Catalyst Control Center Localization Swedish
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B494547-1410-C77E-B6F0-86F394ABAF94}" = CCC Help Hungarian
"{4D7E8B72-AEA2-8493-F5F3-DA10E2EE2D22}" = Catalyst Control Center Localization Chinese Traditional
"{520C1D80-935C-42B9-9340-E883849D804F}_is1" = DriverTuner 3.0.1.0
"{55663DF0-3559-AE1E-0B9E-ED5353914B5D}" = CCC Help Japanese
"{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}" = Medal of Honor Pacific Assault(tm)
"{59F83B00-970D-511C-D9DE-52B233780020}" = CCC Help Portuguese
"{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}" = Microsoft SQL Server System CLR Types
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{616C6F39-4CE1-3434-A665-2F6A04C09A7F}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{64ACFE24-FB82-84A6-9FB8-B90539752E5B}" = Catalyst Control Center Localization German
"{68DD4EAE-C5E4-1E34-F991-B99ABA6DC8E3}" = Catalyst Control Center Graphics Full New
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = hama PC-Webcam RW-250
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{7F4C1C17-C647-3CE0-4426-F368132A66A6}" = CCC Help Turkish
"{81946C2A-5269-A6F5-4566-A9F253007A7E}" = Catalyst Control Center Localization Turkish
"{8615E5FC-8906-AACF-5A1A-FB65046F647B}" = CCC Help Swedish
"{86693815-D500-4887-B6EF-B5F0BFA97736}_is1" = MoonMt2 2012 Version 1.4
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{8959A774-3FB3-B315-ACDF-4B7B70F5A169}" = Catalyst Control Center Core Implementation
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{8DF712DA-D325-4FD0-8DE8-E2D78FC3CDC3}" = IL-2 Sturmovik: Forgotten Battles
"{8F747F2A-B5C7-5DA8-E686-7B343EFCFA48}" = Catalyst Control Center InstallProxy
"{906B417C-6F6C-2A5A-DB5E-5C7499941C58}" = CCC Help Spanish
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon 3
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{93CB830F-517E-1695-C61B-2A1AA105CD78}" = Catalyst Control Center Localization French
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95DCA618-9717-BBD3-B438-A5A9B1EB30C8}" = CCC Help German
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{984880C1-7AC7-5267-A7D9-AEC19C932950}" = Catalyst Control Center Graphics Full Existing
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A3F8688-4F15-B77D-73A1-B0363517D1B1}" = Catalyst Control Center Localization Danish
"{9B1BFDE6-3B65-FB41-BC54-353227EE742A}" = CCC Help Italian
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{A0793FD9-9505-BF02-FF47-83C984DC814B}" = Catalyst Control Center Localization Chinese Standard
"{A106D33E-6B43-42C0-9BFC-D03303261FA7}" = Microsoft SQL Server 2008 R2 Management Objects
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A32A0DF0-6650-6503-293D-64AAF212CBF8}" = Catalyst Control Center Localization Japanese
"{A44D0AC2-0891-5AB9-EE23-3EF3339BC2FE}" = Catalyst Control Center Localization Russian
"{A54BEBF5-D7F9-2B34-6475-FB07780C80CA}" = Catalyst Control Center Localization Polish
"{A8280D9A-D6A4-1E52-E85F-99E3BB19CEEA}" = Catalyst Control Center Localization Czech
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A960DA53-C5C4-37A4-3671-C0236BF41E99}" = CCC Help Chinese Standard
"{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = 1&1 Surf-Stick
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{AEDDF5A3-29CE-11D5-A8C2-000102246AAE}" = ubi.com
"{B0D2BC40-119B-AD18-E697-E6073DD6D149}" = ccc-utility
"{B2C78A98-20EA-D90A-69E3-B15587D51588}" = CCC Help Thai
"{B59DA9F5-3630-FFF1-C47C-B2CA172CF876}" = CCC Help Polish
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B84AE471-81DD-D81F-CD20-B3464877E525}" = Skins
"{BBFEA1AF-ECCE-1114-2EC8-AC304AB6B753}" = Catalyst Control Center Localization Hungarian
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die*Sims™*3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C397AE7E-CFA4-9D60-880D-D0BA7CF3F596}" = CCC Help Finnish
"{C3BBA5F6-83A0-4B12-A70E-6F391D659BA2}_is1" = Chirurgie-Simulator Version 1.0
"{C5ED7EC9-7C4D-AF4F-6C36-55DCDC6F4117}" = Catalyst Control Center Graphics Previews Common
"{C86492CA-DDD8-A358-75D8-7E86D5A4DE72}" = ccc-utility
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}" = Microsoft Visual Basic 2010 Express - DEU
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFCB8616-A5D1-4281-80E8-389F685BFAE2}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D20100AC-608D-1A4C-372E-75009E7C168E}" = CCC Help Danish
"{D801FEB6-53DF-CE1C-67E2-A977E43A7E8F}" = CCC Help Russian
"{D9CC869F-DA2B-3E9B-EF47-29F831A41619}" = AMD Catalyst Install Manager
"{DAA29BAD-1C06-E8E0-CFE6-557F818C7AF7}" = CCC Help Dutch
"{DB7EBA4A-44AF-DF22-EBA7-6BF4E011E319}" = CCC Help French
"{DBB18C43-FE45-36DF-D171-E209B79A76F3}" = Catalyst Control Center Localization Dutch
"{E1BCF465-85F4-C303-944E-9E416977C560}" = CCC Help Korean
"{E3723A04-A894-4036-A78E-282E18F43C0A}_is1" = Tinypic 3.18
"{E3AEC354-AD4C-51D3-E345-CEE6CA8A9C3A}" = Catalyst Control Center Localization Greek
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{EA024A36-5934-05B8-550B-60DA131B90C4}" = CCC Help Greek
"{EE5AC826-8731-6406-9947-D0420143A7BD}" = ccc-core-preinstall
"{EEB193CE-2B04-B568-29FF-FAFA34BB3F19}" = Catalyst Control Center Localization Spanish
"{EEEC1285-F4B2-BD99-C895-BED9881795CC}" = CCC Help English
"{EF0A8C24-E239-45D5-492D-D5895518ACB3}" = Catalyst Control Center Localization Thai
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F88183B1-BD65-F87C-855F-BB7D1AA3AEA2}" = Catalyst Control Center Localization Norwegian
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FC70949F-1417-A3F5-8E84-EBF5ACB93B58}" = Catalyst Control Center Localization Korean
"{FD27D456-ED8A-4027-A1E4-BBF95FAF4799}" = Easy Driver Pro
"{FE22679C-7CE4-8633-CE7F-8122B52C52CF}" = Catalyst Control Center Localization Finnish
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Audacity_is1" = Audacity 1.2.6
"AutoItv3" = AutoIt v3.3.6.1
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"EADM" = EA Download Manager
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FarmingSimulator2009GoldDE_is1" = Landwirtschafts-Simulator 2009 Gold
"FastStone Capture" = FastStone Capture 5.3
"Fraps" = Fraps
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.8
"Free Audio Converter_is1" = Free Audio Converter version 2.2.17.421
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.18.403
"Guitar Explorer 1.0" = Guitar Explorer 1.0
"ICQToolbar" = ICQ Toolbar
"InstallShield_{8DF712DA-D325-4FD0-8DE8-E2D78FC3CDC3}" = IL-2 Sturmovik: Forgotten Battles
"InterActual Player" = InterActual Player
"IrfanView" = IrfanView (remove only)
"M2Fish" = M2Fish 4.1
"Metin2_is1" = Metin2
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Microsoft Visual Basic 2010 Express - DEU" = Microsoft Visual Basic 2010 Express - DEU
"Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"ProPilot Europa" = ProPilot Europa
"RollerCoaster Tycoon 3_is1" = RollerCoaster Tycoon 3
"San Andreas Mod Installer1.1" = San Andreas Mod Installer
"softonic" = Softonic toolbar  on IE and Chrome
"StarCraft II" = StarCraft II
"Steam App 10500" = Empire: Total War
"Steam App 34330" = Total War: SHOGUN 2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 6" = TeamViewer 6
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC classic" = VLC classic
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinRAR archiver" = WinRAR 4.00 (32-bit)
"Wizard101(DE)_is1" = Wizard101(DE)
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"World of Warcraft" = World of Warcraft
"World of Warcraft Public Test" = World of Warcraft Public Test
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xfire" = Xfire (remove only)
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Metin2 Singapore" = Metin2 Singapore
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 13.04.2012 16:10:56 | Computer Name = LEON3221 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung Wow.exe, Version 4.3.3.15354, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 14.04.2012 04:46:46 | Computer Name = LEON3221 | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
 nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
 
Error - 14.04.2012 08:44:10 | Computer Name = LEON3221 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung avscan.exe, Version 10.3.0.7, fehlgeschlagenes
 Modul avscan.exe, Version 10.3.0.7, Fehleradresse 0x0000df27.
 
Error - 15.04.2012 03:42:56 | Computer Name = LEON3221 | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
 nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
 
Error - 15.04.2012 07:14:00 | Computer Name = LEON3221 | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
 nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
 
Error - 16.04.2012 00:23:04 | Computer Name = LEON3221 | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
 nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
 
Error - 16.04.2012 00:24:35 | Computer Name = LEON3221 | Source = Windows Search Service | ID = 3013
Description = Eintrag <C:\DOKUMENTE UND EINSTELLUNGEN\LEON\DESKTOP\BUFFED_WOW.ZIP>
 in der Hash-Zuordnung kann nicht aktualisiert werden.  Kontext:  Anwendung, SystemIndex
 Katalog  Details:  Ein an das System angeschlossenes Gerät funktioniert nicht.  (0x8007001f)

 
Error - 16.04.2012 11:57:14 | Computer Name = LEON3221 | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
 nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
 
Error - 17.04.2012 00:42:36 | Computer Name = LEON3221 | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
 nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
 
Error - 17.04.2012 00:43:16 | Computer Name = LEON3221 | Source = ESENT | ID = 490
Description = svchost (984) Versuch, Datei "C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb"
 für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der
 Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet
 wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
 
[ System Events ]
Error - 14.04.2012 04:47:05 | Computer Name = LEON3221 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden
 Fehlers nicht gestartet:  %%3
 
Error - 14.04.2012 08:43:30 | Computer Name = LEON3221 | Source = VolSnap | ID = 393226
Description = Die Schattenkopie von Volume "I:" hat das Installationszeitlimit überschritten.
 
Error - 15.04.2012 03:43:13 | Computer Name = LEON3221 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden
 Fehlers nicht gestartet:  %%3
 
Error - 15.04.2012 07:14:29 | Computer Name = LEON3221 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden
 Fehlers nicht gestartet:  %%3
 
Error - 16.04.2012 00:23:29 | Computer Name = LEON3221 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden
 Fehlers nicht gestartet:  %%3
 
Error - 16.04.2012 11:57:29 | Computer Name = LEON3221 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden
 Fehlers nicht gestartet:  %%3
 
Error - 17.04.2012 00:42:56 | Computer Name = LEON3221 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden
 Fehlers nicht gestartet:  %%3
 
Error - 17.04.2012 10:50:26 | Computer Name = LEON3221 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden
 Fehlers nicht gestartet:  %%3
 
Error - 17.04.2012 10:51:20 | Computer Name = LEON3221 | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Gatewaydienst
 auf Anwendungsebene.
 
Error - 17.04.2012 10:51:21 | Computer Name = LEON3221 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Gatewaydienst auf Anwendungsebene" wurde aufgrund folgenden
 Fehlers nicht gestartet:  %%1053
 
 
< End of report >
--- --- ---

markusg 17.04.2012 18:12
hab ich was von nem neuen suchlauf gesagt, ich will das du guckst ob es logs mit funden gibt, also alte logs, und die postest.
bzw unter avira, ereignisse, fundmeldungen posten

Leon3221 17.04.2012 18:15
Also Hier der Fund vom 2. April :


Avira AntiVir Personal
Erstellungsdatum der Reportdatei: Montag, 2. April 2012 23:44

Es wird nach 3578474 Virenstämmen gesucht.

Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer : Avira AntiVir Personal - Free Antivirus
Seriennummer : 0000149996-ADJIE-0000001
Plattform : Windows XP
Windowsversion : (Service Pack 3) [5.1.2600]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : LEON3221

Versionsinformationen:
BUILD.DAT : 10.2.0.707 36070 Bytes 25.01.2012 12:53:00
AVSCAN.EXE : 10.3.0.7 484008 Bytes 09.08.2011 10:06:07
AVSCAN.DLL : 10.0.5.0 57192 Bytes 09.08.2011 10:06:07
LUKE.DLL : 10.3.0.5 45416 Bytes 09.08.2011 10:06:08
LUKERES.DLL : 10.0.0.0 13672 Bytes 14.01.2010 10:59:47
AVSCPLR.DLL : 10.3.0.7 119656 Bytes 09.08.2011 10:06:08
AVREG.DLL : 10.3.0.9 88833 Bytes 12.08.2011 17:28:56
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 08:05:36
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 14:15:11
VBASE002.VDF : 7.11.19.170 14374912 Bytes 20.12.2011 12:39:09
VBASE003.VDF : 7.11.21.238 4472832 Bytes 01.02.2012 10:53:46
VBASE004.VDF : 7.11.26.44 4329472 Bytes 28.03.2012 11:20:54
VBASE005.VDF : 7.11.26.45 2048 Bytes 28.03.2012 11:20:55
VBASE006.VDF : 7.11.26.46 2048 Bytes 28.03.2012 11:20:55
VBASE007.VDF : 7.11.26.47 2048 Bytes 28.03.2012 11:20:55
VBASE008.VDF : 7.11.26.48 2048 Bytes 28.03.2012 11:20:56
VBASE009.VDF : 7.11.26.49 2048 Bytes 28.03.2012 11:20:56
VBASE010.VDF : 7.11.26.50 2048 Bytes 28.03.2012 11:20:56
VBASE011.VDF : 7.11.26.51 2048 Bytes 28.03.2012 11:20:56
VBASE012.VDF : 7.11.26.52 2048 Bytes 28.03.2012 11:20:56
VBASE013.VDF : 7.11.26.53 2048 Bytes 28.03.2012 11:20:56
VBASE014.VDF : 7.11.26.107 221696 Bytes 30.03.2012 11:20:59
VBASE015.VDF : 7.11.26.179 224768 Bytes 02.04.2012 19:07:16
VBASE016.VDF : 7.11.26.180 2048 Bytes 02.04.2012 19:07:16
VBASE017.VDF : 7.11.26.181 2048 Bytes 02.04.2012 19:07:17
VBASE018.VDF : 7.11.26.182 2048 Bytes 02.04.2012 19:07:17
VBASE019.VDF : 7.11.26.183 2048 Bytes 02.04.2012 19:07:17
VBASE020.VDF : 7.11.26.184 2048 Bytes 02.04.2012 19:07:17
VBASE021.VDF : 7.11.26.185 2048 Bytes 02.04.2012 19:07:17
VBASE022.VDF : 7.11.26.186 2048 Bytes 02.04.2012 19:07:17
VBASE023.VDF : 7.11.26.187 2048 Bytes 02.04.2012 19:07:17
VBASE024.VDF : 7.11.26.188 2048 Bytes 02.04.2012 19:07:17
VBASE025.VDF : 7.11.26.189 2048 Bytes 02.04.2012 19:07:17
VBASE026.VDF : 7.11.26.190 2048 Bytes 02.04.2012 19:07:18
VBASE027.VDF : 7.11.26.191 2048 Bytes 02.04.2012 19:07:18
VBASE028.VDF : 7.11.26.192 2048 Bytes 02.04.2012 19:07:18
VBASE029.VDF : 7.11.26.193 2048 Bytes 02.04.2012 19:07:18
VBASE030.VDF : 7.11.26.194 2048 Bytes 02.04.2012 19:07:18
VBASE031.VDF : 7.11.26.206 66048 Bytes 02.04.2012 19:07:18
Engineversion : 8.2.10.36
AEVDF.DLL : 8.1.2.2 106868 Bytes 30.11.2011 13:25:07
AESCRIPT.DLL : 8.1.4.15 442747 Bytes 02.04.2012 19:07:37
AESCN.DLL : 8.1.8.2 131444 Bytes 08.02.2012 10:56:42
AESBX.DLL : 8.2.5.5 606579 Bytes 12.03.2012 14:02:00
AERDL.DLL : 8.1.9.15 639348 Bytes 12.10.2011 09:01:48
AEPACK.DLL : 8.2.16.9 807287 Bytes 02.04.2012 19:07:36
AEOFFICE.DLL : 8.1.2.26 201083 Bytes 02.04.2012 19:07:34
AEHEUR.DLL : 8.1.4.10 4551031 Bytes 02.04.2012 19:07:28
AEHELP.DLL : 8.1.19.1 254327 Bytes 02.04.2012 19:07:20
AEGEN.DLL : 8.1.5.23 409973 Bytes 10.03.2012 15:34:43
AEEXP.DLL : 8.1.0.27 82293 Bytes 02.04.2012 19:07:37
AEEMU.DLL : 8.1.3.0 393589 Bytes 28.03.2011 14:14:45
AECORE.DLL : 8.1.25.6 201078 Bytes 18.03.2012 14:20:19
AEBB.DLL : 8.1.1.0 53618 Bytes 28.03.2011 14:14:44
AVWINLL.DLL : 10.0.0.0 19304 Bytes 28.03.2011 14:14:57
AVPREF.DLL : 10.0.3.2 44904 Bytes 09.08.2011 10:06:07
AVREP.DLL : 10.0.0.10 174120 Bytes 18.05.2011 16:59:16
AVARKT.DLL : 10.0.26.1 255336 Bytes 09.08.2011 10:06:07
AVEVTLOG.DLL : 10.0.0.9 203112 Bytes 09.08.2011 10:06:07
SQLITE3.DLL : 3.6.19.0 355688 Bytes 17.06.2010 13:27:02
AVSMTP.DLL : 10.0.0.17 63848 Bytes 28.03.2011 14:14:57
NETNT.DLL : 10.0.0.0 11624 Bytes 28.03.2011 14:15:04
RCIMAGE.DLL : 10.0.0.35 2589544 Bytes 09.08.2011 10:06:06
RCTEXT.DLL : 10.0.64.0 98664 Bytes 09.08.2011 10:06:06

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: avguard_async_scan
Konfigurationsdatei...................: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\TEMP\AVGUARD_c7461037\guard_slideup.avp
Protokollierung.......................: standard
Primäre Aktion........................: reparieren
Sekundäre Aktion......................: quarantäne
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: aus
Durchsuche aktive Programme...........: ein
Durchsuche Registrierung..............: aus
Suche nach Rootkits...................: aus
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: vollständig

Beginn des Suchlaufs: Montag, 2. April 2012 23:44

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'avscan.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'WinRAR.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchFilterHost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'alg.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'AssistantServices.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'jqs.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'dgdersvc.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'WindowsSearch.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'ccc.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'Steam.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'GoogleCrashHandler.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'ctfmon.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'MOM.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'vsnp2std.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'tsnp2std.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'FixCamera.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'RTHDCPL.EXE' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'UIExec.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'Ati2evxx.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'Ati2evxx.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '1' Modul(e) wurden durchsucht

Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\Dokumente und Einstellungen\Leon\Eigene Dateien\Eigene Musik\gh\df\Zephion - 2012\metin2client.exe'
C:\Dokumente und Einstellungen\Leon\Eigene Dateien\Eigene Musik\gh\df\Zephion - 2012\metin2client.exe
[FUND] Ist das Trojanische Pferd TR/Crypt.TPM.Gen
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4be0bf3d.qua' verschoben!


Ende des Suchlaufs: Montag, 2. April 2012 23:45
Benötigte Zeit: 00:28 Minute(n)

Der Suchlauf wurde vollständig durchgeführt.

0 Verzeichnisse wurden überprüft
44 Dateien wurden geprüft
1 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
1 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
43 Dateien ohne Befall
0 Archive wurden durchsucht
0 Warnungen
1 Hinweise

markusg 17.04.2012 18:17
woher stammte die gefundene version?

Leon3221 17.04.2012 18:21
Ich denke mal das du damit jetzt meinst woher ich den Virus habe oder ?
Wen ja das weiß ich nicht mehr ist ja scho bissel her.

markusg 17.04.2012 18:25
woher du das hier hast:
C:\Dokumente und Einstellungen\Leon\Eigene Dateien\Eigene Musik\gh\df\Zephion - 2012\metin2client.exe
ist ja ein von dir selbst gemachter download nehme ich an

Leon3221 17.04.2012 18:32
Ja ich war auf einer Internet Seite und wollte mir ein Spiel Client Downloaden. Als ich gemerkt habe das dieser ein Virus hat habe ich es gescannt und dann Gelöscht per Avira.

markusg 17.04.2012 18:34
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.
Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Leon3221 17.04.2012 19:11
Das Programm hat erstmal was von Microsoft runter geladen habe davor extra avira und firewall ausgeamcht. Und Hier das Log :

Combofix Logfile:
Code:
ComboFix 12-04-16.03 - Leon 17.04.2012  19:44:02.1.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.49.1031.18.1022.471 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Leon\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokume~1\Leon\LOKALE~1\Temp\HIMYM.DLL
c:\dokumente und einstellungen\Leon\Lokale Einstellungen\Temp\HIMYM.DLL
c:\dokumente und einstellungen\Leon\WINDOWS
c:\windows\IsUn0407.exe
c:\windows\system32\_000006_.tmp.dll
c:\windows\system32\_000007_.tmp.dll
c:\windows\system32\_000014_.tmp.dll
.
.
(((((((((((((((((((((((((((((((((((((((  Treiber/Dienste  )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_xcpip
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-03-17 bis 2012-04-17  ))))))))))))))))))))))))))))))
.
.
2012-04-15 16:27 . 2012-04-17 15:13        --------        d-----w-        C:\World of Warcraft
2012-04-12 18:57 . 2012-04-12 18:57        --------        d-----w-        c:\dokumente und einstellungen\Leon\Lokale Einstellungen\Anwendungsdaten\Help
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-21 17:26 . 2011-11-21 23:04        43520        ----a-w-        c:\windows\system32\CmdLineExt03.dll
2012-03-18 14:59 . 2011-07-17 12:45        73728        ----a-w-        c:\windows\system32\javacpl.cpl
2012-03-18 14:59 . 2011-07-17 12:45        472808        ----a-w-        c:\windows\system32\deployJava1.dll
2012-03-09 05:52 . 2011-08-08 15:01        414368        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-29 14:09 . 2004-08-04 12:00        177664        ----a-w-        c:\windows\system32\wintrust.dll
2012-02-29 14:09 . 2004-08-04 12:00        148480        ----a-w-        c:\windows\system32\imagehlp.dll
2012-02-28 18:49 . 2004-08-04 12:00        672768        ----a-w-        c:\windows\system32\wininet.dll
2012-02-28 18:49 . 2004-08-04 12:00        61952        ----a-w-        c:\windows\system32\tdc.ocx
2012-02-28 18:49 . 2004-08-04 12:00        81920        ----a-w-        c:\windows\system32\ieencode.dll
2012-02-28 18:47 . 2004-08-04 12:00        371200        ----a-w-        c:\windows\system32\html.iec
2012-02-03 09:57 . 2004-08-04 12:00        1860224        ----a-w-        c:\windows\system32\win32k.sys
2012-03-10 00:11 . 2012-03-10 23:43        97208        ----a-w-        c:\programme\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\atapi.sys
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
[-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys
.
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\asyncmac.sys
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys
[-] 2004-08-04 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys
.
[-] 2004-08-04 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[-] 2004-08-04 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys
.
[-] 2008-04-14 . 1704D8C4C8807B889E43C649B478A452 . 25216 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys
[-] 2008-04-14 . 1704D8C4C8807B889E43C649B478A452 . 25216 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\kbdclass.sys
[-] 2008-04-14 . 1704D8C4C8807B889E43C649B478A452 . 25216 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys
[-] 2004-08-04 . B128FC0A5CD83F669D5DE4B58F77C7D6 . 25216 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys
.
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ndis.sys
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys
[-] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ndis.sys
.
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ntfs.sys
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys
[-] 2004-08-04 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntfs.sys
.
[-] 2004-08-04 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[-] 2004-08-04 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys
.
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
[-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\tcpip.sys
[-] 2004-08-04 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748_0$\tcpip.sys
.
[-] 2008-04-14 . B42057F06BBB98B31876C0B3F2B54E33 . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll
[-] 2008-04-14 . B42057F06BBB98B31876C0B3F2B54E33 . 77824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\browser.dll
[-] 2008-04-14 . B42057F06BBB98B31876C0B3F2B54E33 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll
[-] 2004-08-04 . D8653DCD80CF2EBB333FC4FCC43A7DEF . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll
.
[-] 2008-04-14 . AFB8261B56CBA0D86AEB6DF682AF9785 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe
[-] 2008-04-14 . AFB8261B56CBA0D86AEB6DF682AF9785 . 13312 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\lsass.exe
[-] 2008-04-14 . AFB8261B56CBA0D86AEB6DF682AF9785 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[-] 2004-08-04 . 183805EB05BCA5A1E4AAAED4D2BE3690 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe
.
[-] 2008-04-14 . E6D88F1F6745BF00B57E7855A2AB696C . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll
[-] 2008-04-14 . E6D88F1F6745BF00B57E7855A2AB696C . 198144 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\netman.dll
[-] 2008-04-14 . E6D88F1F6745BF00B57E7855A2AB696C . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
[-] 2004-08-04 . CDF4DA6B518105343FE9E8AFBBF8FBF4 . 198144 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netman.dll
.
[-] 2008-04-14 02:22 . D0DE8A2EC95184E5193BB4B3112E29DF . 846848 . . [2001.12.4414.700] . . c:\windows\ServicePackFiles\i386\comres.dll
[-] 2008-04-14 02:22 . D0DE8A2EC95184E5193BB4B3112E29DF . 846848 . . [2001.12.4414.700] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\comres.dll
[-] 2008-04-14 02:22 . D0DE8A2EC95184E5193BB4B3112E29DF . 846848 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
[-] 2004-08-04 12:00 . 4B9D9E2708019763C5A72DA776DB1158 . 846848 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\comres.dll
.
[-] 2008-04-14 . D6F603772A789BB3228F310D650B8BD1 . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll
[-] 2008-04-14 . D6F603772A789BB3228F310D650B8BD1 . 409088 . . [6.7.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\qmgr.dll
[-] 2008-04-14 . D6F603772A789BB3228F310D650B8BD1 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[-] 2008-04-14 . D6F603772A789BB3228F310D650B8BD1 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll
[-] 2004-08-04 . 3A5E54A9AB96EF2D273B58136FB58EFE . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll
.
[-] 2009-02-09 . D3D765E8455A961AE567B408F767D4F9 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 . 3127AFBF2C1ED0AB14A1BBB7AAECB85B . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\rpcss.dll
[-] 2009-02-09 . 3127AFBF2C1ED0AB14A1BBB7AAECB85B . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . 3127AFBF2C1ED0AB14A1BBB7AAECB85B . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[-] 2009-02-09 . D45BBCDDC74A1B0259A0C4B00C190D20 . 399360 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\rpcss.dll
[-] 2009-02-09 . 8AFBC2E1E5555A1C29953AF854F0FCA5 . 401408 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\rpcss.dll
[-] 2008-04-14 . E970C2296916BF4A2F958680016FE312 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
[-] 2008-04-14 . E970C2296916BF4A2F958680016FE312 . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll
[-] 2008-04-14 . E970C2296916BF4A2F958680016FE312 . 399360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\rpcss.dll
[-] 2004-08-04 . 9F28FF58D6D67B123272869D89D14004 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572_0$\rpcss.dll
.
[-] 2009-02-09 . A3EDBE9053889FB24AB22492472B39DC . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\services.exe
[-] 2009-02-09 . A3EDBE9053889FB24AB22492472B39DC . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-09 . A3EDBE9053889FB24AB22492472B39DC . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-09 . F0A7D59AF279326528715B206669B86C . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2009-02-09 . 65F6B774819BD727358157CEDEA67B8E . 111104 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\services.exe
[-] 2009-02-09 . A07CA23EA361A01E627D911CF139B950 . 111104 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\services.exe
[-] 2008-04-14 . 4BB6A83640F1D1792AD21CE767B621C6 . 109056 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe
[-] 2008-04-14 . 4BB6A83640F1D1792AD21CE767B621C6 . 109056 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe
[-] 2008-04-14 . 4BB6A83640F1D1792AD21CE767B621C6 . 109056 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\services.exe
[-] 2004-08-04 . EDB6B81761BD60F32F740BBC40AFB676 . 108544 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572_0$\services.exe
.
[-] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\dllcache\spoolsv.exe
[-] 2008-04-14 . 39356A9CDB6753A6D13A4072A9F5A4BB . 57856 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2347290$\spoolsv.exe
[-] 2008-04-14 . 39356A9CDB6753A6D13A4072A9F5A4BB . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe
[-] 2008-04-14 . 39356A9CDB6753A6D13A4072A9F5A4BB . 57856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\spoolsv.exe
[-] 2004-08-04 . 54E7113A4BD696E430919BCAF5C65E06 . 57856 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe
.
[-] 2008-04-14 . F09A527B422E25C478E38CAA0E44417A . 513024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . F09A527B422E25C478E38CAA0E44417A . 513024 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\winlogon.exe
[-] 2008-04-14 . F09A527B422E25C478E38CAA0E44417A . 513024 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2004-08-04 . 2B6A0BAF33A9918F09442D873848FF72 . 507392 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe
.
[7] 2009-08-06 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\system32\wuauclt.exe
[7] 2009-08-06 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\system32\dllcache\wuauclt.exe
[-] 2008-04-14 . 65E60C18DDB0215C201FF75E32D564C8 . 111616 . . [5.4.3790.5512] . . c:\windows\ServicePackFiles\i386\wuauclt.exe
[-] 2008-04-14 . 65E60C18DDB0215C201FF75E32D564C8 . 111616 . . [5.4.3790.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\wuauclt.exe
.
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ipsec.sys
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
[-] 2004-08-04 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys
.
[-] 2010-08-23 . 1438703F3D9FFE111DA3869E4F3EEE73 . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2010-08-23 . 1438703F3D9FFE111DA3869E4F3EEE73 . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[-] 2010-08-23 . 2B6ADE29F8D00EEFA5FA2250CBE094AD . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[-] 2008-04-14 . AD28671D1B83A386B070DC451A113C13 . 617472 . . [5.82] . . c:\windows\$NtUninstallKB2296011$\comctl32.dll
[-] 2008-04-14 . AD28671D1B83A386B070DC451A113C13 . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2008-04-14 . AD28671D1B83A386B070DC451A113C13 . 617472 . . [5.82] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\comctl32.dll
[-] 2008-04-14 . 3C93CE6C6985C55952B7BE6673E9FD15 . 1054208 . . [6.0] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\asms\60\msft\windows\common\controls\comctl32.dll
[-] 2008-04-14 . 3C93CE6C6985C55952B7BE6673E9FD15 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[-] 2004-08-04 . 2CF914215226B3F7FA1AE4A47E4D261C . 611328 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll
[-] 2004-08-04 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[-] 2004-08-04 . 9D0F57B9C65BF8A07DB655A9ED6EB2EE . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
.
[-] 2008-04-14 . 611F824E5C703A5A899F84C5F1699E4D . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll
[-] 2008-04-14 . 611F824E5C703A5A899F84C5F1699E4D . 62464 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\cryptsvc.dll
[-] 2008-04-14 . 611F824E5C703A5A899F84C5F1699E4D . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[-] 2004-08-04 . 1A5F9DB98DF7955B4C7CBDBF2C638238 . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll
.
[-] 2008-07-07 20:30 . D68ED3908C7A0DB446111D34AC40DC18 . 253952 . . [2001.12.4414.320] . . c:\windows\$NtServicePackUninstall$\es.dll
[-] 2008-07-07 20:26 . AF4F6B5739D18CA7972AB53E091CBC74 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
[-] 2008-07-07 20:26 . AF4F6B5739D18CA7972AB53E091CBC74 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:26 . AF4F6B5739D18CA7972AB53E091CBC74 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:23 . ADA7241C16F3F42C7F210539FAD5F3AA . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-07-07 20:16 . 3912BEF896D1D687B6053409E5F5F2A6 . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
[-] 2008-04-14 02:22 . 0F3EDAEE1EF97CF3DB2BE23A7289B78C . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll
[-] 2008-04-14 02:22 . 0F3EDAEE1EF97CF3DB2BE23A7289B78C . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll
[-] 2008-04-14 02:22 . 0F3EDAEE1EF97CF3DB2BE23A7289B78C . 246272 . . [2001.12.4414.701] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\es.dll
[-] 2004-08-04 12:00 . 4E1A8645EE77CB9454FFE53C59620A25 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB950974_0$\es.dll
.
[-] 2008-04-14 . F9954695D246B33A5BF105029A4C6AB6 . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll
[-] 2008-04-14 . F9954695D246B33A5BF105029A4C6AB6 . 110080 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\imm32.dll
[-] 2008-04-14 . F9954695D246B33A5BF105029A4C6AB6 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[-] 2004-08-04 . 94101D13A1818A9D08337EEC12ED277A . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll
.
[-] 2009-03-21 . A6F4977F9D2C9506050BFF0EF0B574B5 . 1059840 . . [5.1.2600.3541] . . c:\windows\$NtServicePackUninstall$\kernel32.dll
[-] 2009-03-21 . B055C64AABC1A3E3DE57EC8025CAD283 . 1063424 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3GDR\kernel32.dll
[-] 2009-03-21 . B055C64AABC1A3E3DE57EC8025CAD283 . 1063424 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
[-] 2009-03-21 . B055C64AABC1A3E3DE57EC8025CAD283 . 1063424 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll
[-] 2009-03-21 . 3EB703BFC2ED26A3D8ACB8626AB2C006 . 1065472 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2009-03-21 . B6053A5FA67EAC4A292A44F585881FFF . 1062912 . . [5.1.2600.3541] . . c:\windows\$hf_mig$\KB959426\SP2QFE\kernel32.dll
[-] 2008-04-14 . 4C897C69754D88F496339B1A666907C1 . 1063424 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
[-] 2008-04-14 . 4C897C69754D88F496339B1A666907C1 . 1063424 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll
[-] 2008-04-14 . 4C897C69754D88F496339B1A666907C1 . 1063424 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\kernel32.dll
[-] 2004-08-04 . E6CD85D0D37416CF138F01F4BB0FC872 . 1057280 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB959426_0$\kernel32.dll
.
[-] 2008-04-14 . 5543A9D4A1D0F9F84092482A9373A024 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll
[-] 2008-04-14 . 5543A9D4A1D0F9F84092482A9373A024 . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\linkinfo.dll
[-] 2008-04-14 . 5543A9D4A1D0F9F84092482A9373A024 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2004-08-04 . 3898FFF548E2968CB3AC5A71D7F4E425 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll
.
[-] 2008-04-14 . F38F3C47BBFFD748C1359AB171C3A630 . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll
[-] 2008-04-14 . F38F3C47BBFFD748C1359AB171C3A630 . 22016 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\lpk.dll
[-] 2008-04-14 . F38F3C47BBFFD748C1359AB171C3A630 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[-] 2004-08-04 . B4AD65C79F85C61D32C015B11E03CAAD . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll
.
[7] 2012-02-28 . 16EFAEA524E4CF8CCD5ED35175EB92FA . 3108864 . . [6.00.2900.6197] . . c:\windows\SoftwareDistribution\Download\9940468349cb3d3bf2042419f069c1e2\sp3gdr\mshtml.dll
[7] 2012-02-28 . 16EFAEA524E4CF8CCD5ED35175EB92FA . 3108864 . . [6.00.2900.6197] . . c:\windows\system32\mshtml.dll
[7] 2012-02-28 . 16EFAEA524E4CF8CCD5ED35175EB92FA . 3108864 . . [6.00.2900.6197] . . c:\windows\system32\dllcache\mshtml.dll
[7] 2012-02-28 . 0936C3FE6EE599B775CA5C2FD465CAB3 . 3109376 . . [6.00.2900.6197] . . c:\windows\$hf_mig$\KB2675157\SP3QFE\mshtml.dll
[7] 2012-02-28 . 0936C3FE6EE599B775CA5C2FD465CAB3 . 3109376 . . [6.00.2900.6197] . . c:\windows\SoftwareDistribution\Download\9940468349cb3d3bf2042419f069c1e2\sp3qfe\mshtml.dll
[7] 2011-12-19 . C09D109CB95A69836B03EF13D4264DA8 . 3108864 . . [6.00.2900.6182] . . c:\windows\$hf_mig$\KB2647516\SP3QFE\mshtml.dll
[7] 2011-12-19 . B004233161F3671CC2647792D3B09850 . 3108352 . . [6.00.2900.6182] . . c:\windows\$NtUninstallKB2675157$\mshtml.dll
[-] 2011-11-03 . A5422905C24FDA0F76CE08A1771AEC8E . 3108352 . . [6.00.2900.6169] . . c:\windows\$NtUninstallKB2647516$\mshtml.dll
[-] 2011-11-03 . C27D3210AA6C0AE77CE4A3C64E952F7A . 3108864 . . [6.00.2900.6169] . . c:\windows\$hf_mig$\KB2618444\SP3QFE\mshtml.dll
[-] 2011-09-05 . A09B036C4996DF8A260610E406424FEE . 3107328 . . [6.00.2900.6148] . . c:\windows\$NtUninstallKB2618444$\mshtml.dll
[-] 2011-09-05 . 378A362C7DCF8899B2942F8B549FBC25 . 3107840 . . [6.00.2900.6148] . . c:\windows\$hf_mig$\KB2586448\SP3QFE\mshtml.dll
[-] 2011-06-28 . A6D644815A45A8AA148161E56687F4BA . 3106304 . . [6.00.2900.6129] . . c:\windows\$hf_mig$\KB2559049\SP3QFE\mshtml.dll
[-] 2011-06-27 . 39CAB716B66F591E9F9EF94C0A931DF5 . 3105792 . . [6.00.2900.6129] . . c:\windows\$NtUninstallKB2586448$\mshtml.dll
[-] 2011-04-25 . 6B73A4BDD27BE437C071381EF6FB3102 . 3100672 . . [6.00.2900.6104] . . c:\windows\$NtUninstallKB2559049$\mshtml.dll
[-] 2011-04-25 . 3250D1FC3F92771EE92D8AD9A9938807 . 3101184 . . [6.00.2900.6104] . . c:\windows\$hf_mig$\KB2530548\SP3QFE\mshtml.dll
[-] 2011-02-17 . D7CDCE52498742BEC353972E6B787783 . 3099648 . . [6.00.2900.6082] . . c:\windows\$NtUninstallKB2530548$\mshtml.dll
[-] 2011-02-17 . 4BD23F7AF946AF64CC63260BB3ED07CB . 3099648 . . [6.00.2900.6082] . . c:\windows\$hf_mig$\KB2497640\SP3QFE\mshtml.dll
[-] 2010-04-16 . 164B4195439F7A0919A6CA7BDEC238AC . 3094016 . . [6.00.2900.5969] . . c:\windows\$hf_mig$\KB982381\SP3GDR\mshtml.dll
[-] 2010-04-16 . 164B4195439F7A0919A6CA7BDEC238AC . 3094016 . . [6.00.2900.5969] . . c:\windows\$NtUninstallKB2497640$\mshtml.dll
[-] 2010-04-16 . 65E4FEB30D4307C1425F8635EE75200D . 3094528 . . [6.00.2900.5969] . . c:\windows\$hf_mig$\KB982381\SP3QFE\mshtml.dll
[-] 2010-04-16 . F78A7680EC0A14F1D601364DD4635D7B . 3086336 . . [6.00.2900.3698] . . c:\windows\$NtServicePackUninstall$\mshtml.dll
[-] 2010-04-16 . 61244206F4B9840DE7AD5BF8DE5B9A49 . 3094016 . . [6.00.2900.3698] . . c:\windows\$hf_mig$\KB982381\SP2QFE\mshtml.dll
[-] 2008-04-14 . 72AE55A9FFBC60650339CB12E35C7DD5 . 3066880 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\mshtml.dll
[-] 2008-04-14 . 72AE55A9FFBC60650339CB12E35C7DD5 . 3066880 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\mshtml.dll
[-] 2004-08-04 . CAC51AD576713E5F0CE2251ED3A7FE82 . 3003392 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB982381$\mshtml.dll
.
[-] 2008-04-14 . C6A6E53A0C34EC87883137A6CB87AE5E . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll
[-] 2008-04-14 . C6A6E53A0C34EC87883137A6CB87AE5E . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\msvcrt.dll
[-] 2008-04-14 . C6A6E53A0C34EC87883137A6CB87AE5E . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[-] 2008-04-14 . C536AAD8A71608FE33CD956214EDD366 . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\asms\70\msft\windows\mswincrt\msvcrt.dll
[-] 2008-04-14 . C536AAD8A71608FE33CD956214EDD366 . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
[-] 2004-08-04 . B30BAA48E5063E71C76280E34E7E4802 . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll
[-] 2004-08-04 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
[-] 2004-08-04 . 365B3C43810E1CF41B3BE1E7180F583B . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll
.
[-] 2008-06-20 . ACD8BD448A74F344D46FCAF21BAB92AF . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
[-] 2008-06-20 . ACD8BD448A74F344D46FCAF21BAB92AF . 247296 . . [5.1.2600.5625] . . c:\windows\$NtUninstallKB2509553$\mswsock.dll
[-] 2008-06-20 . 4AA50627B01C0E9C6B4C6BD3AF648F12 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
[-] 2008-06-20 . 4AA50627B01C0E9C6B4C6BD3AF648F12 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-06-20 . 774274C487493452DF3B0126DBE7FF3B . 247296 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\mswsock.dll
[-] 2008-06-20 . EB55B1D9978B61E9913EDCD27EEC4C7C . 247296 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll
[-] 2008-06-20 . F1B67B6B0751AE0E6E964B02821206A3 . 247296 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . F1B67B6B0751AE0E6E964B02821206A3 . 247296 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
[-] 2008-04-14 . F12B9D9A069331877D006CC81B4735F9 . 247296 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll
[-] 2008-04-14 . F12B9D9A069331877D006CC81B4735F9 . 247296 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll
[-] 2008-04-14 . F12B9D9A069331877D006CC81B4735F9 . 247296 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\mswsock.dll
[-] 2004-08-04 . B36E08F680BAE4DFC5C24D00A2DFC9E7 . 247296 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748_0$\mswsock.dll
.
[-] 2009-02-06 . ED4BBAD725A21632FB205452749FC8F5 . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[-] 2009-02-06 . ED4BBAD725A21632FB205452749FC8F5 . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[-] 2008-04-14 . 0098D35F91DEAB9C127360A877F2CF84 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll
[-] 2008-04-14 . 0098D35F91DEAB9C127360A877F2CF84 . 407040 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\netlogon.dll
[-] 2008-04-14 . 0098D35F91DEAB9C127360A877F2CF84 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[-] 2004-08-04 . D27395EDCD3416AFD125A9370DCB585C . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll
.
[-] 2008-04-14 . C8C0BDABC966B6C24D337DF0A0A399E1 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll
[-] 2008-04-14 . C8C0BDABC966B6C24D337DF0A0A399E1 . 17408 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\powrprof.dll
[-] 2008-04-14 . C8C0BDABC966B6C24D337DF0A0A399E1 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[-] 2004-08-04 . 5604574D490B798BD9A946B021A766AD . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll
.
[-] 2008-04-14 . 5132443DF6FC3771A17AB4AE55DCBC28 . 187904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll
[-] 2008-04-14 . 5132443DF6FC3771A17AB4AE55DCBC28 . 187904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\scecli.dll
[-] 2008-04-14 . 5132443DF6FC3771A17AB4AE55DCBC28 . 187904 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[-] 2004-08-04 . 64DC26B3CF7BCCAD431CE360A4C625D5 . 186880 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll
.
[-] 2008-04-14 . 44161A59DC33AC2EA9C95438ADFFFB7F . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll
[-] 2008-04-14 . 44161A59DC33AC2EA9C95438ADFFFB7F . 5120 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\sfc.dll
[-] 2008-04-14 . 44161A59DC33AC2EA9C95438ADFFFB7F . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[-] 2004-08-04 . F62934BC94299083EBFC8810242D8640 . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll
.
[-] 2008-04-14 . 4FBC75B74479C7A6F829E0CA19DF3366 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe
[-] 2008-04-14 . 4FBC75B74479C7A6F829E0CA19DF3366 . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\svchost.exe
[-] 2008-04-14 . 4FBC75B74479C7A6F829E0CA19DF3366 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[-] 2004-08-04 . 65A819B121EB6FDAB4400EA42BDFFE64 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe
.
[-] 2008-04-14 . 05903CAC4B98908D55EA5774775B382E . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll
[-] 2008-04-14 . 05903CAC4B98908D55EA5774775B382E . 249856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\tapisrv.dll
[-] 2008-04-14 . 05903CAC4B98908D55EA5774775B382E . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[-] 2004-08-04 . 4584E2A5FE662AB3E7C32936E1449043 . 246272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll
.
[-] 2008-04-14 . B0050CC5340E3A0760DD8B417FF7AEBD . 580096 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . B0050CC5340E3A0760DD8B417FF7AEBD . 580096 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\user32.dll
[-] 2008-04-14 . B0050CC5340E3A0760DD8B417FF7AEBD . 580096 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2004-08-04 . 56785FD5236D7B22CF471A6DA9DB46D8 . 578560 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\user32.dll
.
[-] 2008-04-14 . 788F95312E26389D596C0FA55834E106 . 26624 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe
[-] 2008-04-14 . 788F95312E26389D596C0FA55834E106 . 26624 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\userinit.exe
[-] 2008-04-14 . 788F95312E26389D596C0FA55834E106 . 26624 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[-] 2004-08-04 . D1E53DC57143F2584B1DD53B036C0633 . 25088 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe
.
[7] 2012-02-28 . 252ADBC04DFF0733D58837BEDB6D2BFE . 672768 . . [6.00.2900.6197] . . c:\windows\SoftwareDistribution\Download\9940468349cb3d3bf2042419f069c1e2\sp3gdr\wininet.dll
[7] 2012-02-28 . 252ADBC04DFF0733D58837BEDB6D2BFE . 672768 . . [6.00.2900.6197] . . c:\windows\system32\wininet.dll
[7] 2012-02-28 . 252ADBC04DFF0733D58837BEDB6D2BFE . 672768 . . [6.00.2900.6197] . . c:\windows\system32\dllcache\wininet.dll
[7] 2012-02-28 . 260420FE90C050A5A738D70F76C09A9B . 674304 . . [6.00.2900.6197] . . c:\windows\$hf_mig$\KB2675157\SP3QFE\wininet.dll
[7] 2012-02-28 . 260420FE90C050A5A738D70F76C09A9B . 674304 . . [6.00.2900.6197] . . c:\windows\SoftwareDistribution\Download\9940468349cb3d3bf2042419f069c1e2\sp3qfe\wininet.dll
[7] 2011-12-19 . FF7F32695A4DD5ED9AA6231713ADBDBB . 672768 . . [6.00.2900.6182] . . c:\windows\$NtUninstallKB2675157$\wininet.dll
[7] 2011-12-19 . 515144C0CA9587C61D7F6FA763060574 . 674304 . . [6.00.2900.6182] . . c:\windows\$hf_mig$\KB2647516\SP3QFE\wininet.dll
[-] 2011-11-01 . B82FB47BDDA4911192DBC27A2056E216 . 672768 . . [6.00.2900.6168] . . c:\windows\$NtUninstallKB2647516$\wininet.dll
[-] 2011-11-01 . C346342087FC2DFC90082F8B9DFCA53D . 674304 . . [6.00.2900.6168] . . c:\windows\$hf_mig$\KB2618444\SP3QFE\wininet.dll
[-] 2011-09-05 . 7B9AB7AB80F0602D578197ACB0B15A54 . 672768 . . [6.00.2900.6148] . . c:\windows\$NtUninstallKB2618444$\wininet.dll
[-] 2011-09-05 . B5AC4AB48CDBFADF9878FCD1E732C89B . 674304 . . [6.00.2900.6148] . . c:\windows\$hf_mig$\KB2586448\SP3QFE\wininet.dll
[-] 2011-06-21 . 9A0A03B1FA9818B569FB2CB806F766E2 . 672768 . . [6.00.2900.6126] . . c:\windows\$NtUninstallKB2586448$\wininet.dll
[-] 2011-06-21 . D3F75779427B44927B101446BBBC7F82 . 674304 . . [6.00.2900.6126] . . c:\windows\$hf_mig$\KB2559049\SP3QFE\wininet.dll
[-] 2011-04-25 . 2FA2FD1C2AEE93315FFEEB110F242400 . 672768 . . [6.00.2900.6104] . . c:\windows\$NtUninstallKB2559049$\wininet.dll
[-] 2011-04-25 . 307F7A9B9E4165138FD278DCE18B726F . 674304 . . [6.00.2900.6104] . . c:\windows\$hf_mig$\KB2530548\SP3QFE\wininet.dll
[-] 2011-02-17 . 8B8AF0B04AD9766EA87C05FABBE8526A . 672768 . . [6.00.2900.6082] . . c:\windows\$NtUninstallKB2530548$\wininet.dll
[-] 2011-02-17 . C6F2390D635C1A14C39F259C2C8A25A9 . 674304 . . [6.00.2900.6082] . . c:\windows\$hf_mig$\KB2497640\SP3QFE\wininet.dll
[-] 2010-04-16 . 0CC0A30F7F06C6A5A40911616CA35085 . 672768 . . [6.00.2900.5969] . . c:\windows\$hf_mig$\KB982381\SP3GDR\wininet.dll
[-] 2010-04-16 . 0CC0A30F7F06C6A5A40911616CA35085 . 672768 . . [6.00.2900.5969] . . c:\windows\$NtUninstallKB2497640$\wininet.dll
[-] 2010-04-16 . 68B82A22151D41988B3BCB7C881E2B0E . 674304 . . [6.00.2900.5969] . . c:\windows\$hf_mig$\KB982381\SP3QFE\wininet.dll
[-] 2010-04-16 . C7B31EF1A7F52D99E92BFF1B053D6EB2 . 667648 . . [6.00.2900.3698] . . c:\windows\$NtServicePackUninstall$\wininet.dll
[-] 2010-04-16 . 4350AD71E6C5F397BB76DFF7C4BCFCBD . 674304 . . [6.00.2900.3698] . . c:\windows\$hf_mig$\KB982381\SP2QFE\wininet.dll
[-] 2008-04-14 . B4AEE98A48917B274FACFB78BBE0BC84 . 671744 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\wininet.dll
[-] 2008-04-14 . B4AEE98A48917B274FACFB78BBE0BC84 . 671744 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\wininet.dll
[-] 2004-08-04 . B1A1DA99C4A6EBFD59F86A453BF02F39 . 662016 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB982381$\wininet.dll
.
[-] 2008-04-14 . 6A35E2D6F5F052C84EC2CEB296389439 . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll
[-] 2008-04-14 . 6A35E2D6F5F052C84EC2CEB296389439 . 82432 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ws2_32.dll
[-] 2008-04-14 . 6A35E2D6F5F052C84EC2CEB296389439 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[-] 2004-08-04 . D569240A22421D5F670BB6FB6DD522B5 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll
.
[-] 2008-04-14 . C7D8A0517CBF16B84F657DE87EBE9D4B . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll
[-] 2008-04-14 . C7D8A0517CBF16B84F657DE87EBE9D4B . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ws2help.dll
[-] 2008-04-14 . C7D8A0517CBF16B84F657DE87EBE9D4B . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll
[-] 2004-08-04 . B3ADA72D1E3E10A8F6430669DFC38ED0 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll
.
[-] 2008-04-14 . 418045A93CD87A352098AB7DABE1B53E . 1036800 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 418045A93CD87A352098AB7DABE1B53E . 1036800 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2008-04-14 . 418045A93CD87A352098AB7DABE1B53E . 1036800 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\explorer.exe
[-] 2004-08-04 . 22FE1BE02EADDE1632E478E4125639E0 . 1035264 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\explorer.exe
.
[-] 2008-04-14 . AD9226BF3CED13636083BB9C76E9D2A2 . 153600 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[-] 2008-04-14 . AD9226BF3CED13636083BB9C76E9D2A2 . 153600 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regedit.exe
[-] 2008-04-14 . AD9226BF3CED13636083BB9C76E9D2A2 . 153600 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\regedit.exe
[-] 2004-08-04 . 8193CE5FB09E83F2699FD65BBCBE2FD2 . 153600 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regedit.exe
.
[-] 2011-11-01 . 6AD6619E7523E27B771569C26F408F0A . 1288704 . . [5.1.2600.6168] . . c:\windows\system32\ole32.dll
[-] 2011-11-01 . 6AD6619E7523E27B771569C26F408F0A . 1288704 . . [5.1.2600.6168] . . c:\windows\system32\dllcache\ole32.dll
[-] 2011-11-01 . D684C601EC79D9543D50EB2DB124FE78 . 1289216 . . [5.1.2600.6168] . . c:\windows\$hf_mig$\KB2624667\SP3QFE\ole32.dll
[-] 2010-07-16 . B28AF7976F2D8109C0DC2CF2460BEDC2 . 1288192 . . [5.1.2600.6010] . . c:\windows\$NtUninstallKB2624667$\ole32.dll
[-] 2010-07-16 . B3D7633CF83B09042A49810A7A72ADED . 1289216 . . [5.1.2600.6010] . . c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
[-] 2008-04-14 . E08D638BA3D3DD6DF6E31216AB66AE0B . 1287680 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB979687$\ole32.dll
[-] 2008-04-14 . E08D638BA3D3DD6DF6E31216AB66AE0B . 1287680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ole32.dll
[-] 2008-04-14 . E08D638BA3D3DD6DF6E31216AB66AE0B . 1287680 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ole32.dll
[-] 2004-08-04 . D700449AD3045E81680C25A79620A171 . 1281536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ole32.dll
.
[-] 2010-04-16 . 45954AFB7AE6E29B23C56B830C820A11 . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\usp10.dll
[-] 2010-04-16 . 45954AFB7AE6E29B23C56B830C820A11 . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\dllcache\usp10.dll
[-] 2010-04-16 . EB2AD9C7DADE6C63F5F933881BA2A430 . 406016 . . [1.0420.2600.5969] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll
[-] 2008-04-14 . 052F968390A85D37D5EE8BE3AB2A83A2 . 406016 . . [1.0420.2600.5512] . . c:\windows\$NtUninstallKB981322$\usp10.dll
[-] 2008-04-14 . 052F968390A85D37D5EE8BE3AB2A83A2 . 406016 . . [1.0420.2600.5512] . . c:\windows\ServicePackFiles\i386\usp10.dll
[-] 2008-04-14 . 052F968390A85D37D5EE8BE3AB2A83A2 . 406016 . . [1.0420.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\usp10.dll
[-] 2004-08-04 . E4E40EAFF464EBE7752BAD3D82AF1715 . 406528 . . [1.0420.2600.2180] . . c:\windows\$NtServicePackUninstall$\usp10.dll
.
[-] 2008-04-14 . 671ABB33C712B1585A5BF7ADD36AD96E . 4096 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\ksuser.dll
[-] 2008-04-14 . 671ABB33C712B1585A5BF7ADD36AD96E . 4096 . . [5.3.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ksuser.dll
[-] 2008-04-14 . 671ABB33C712B1585A5BF7ADD36AD96E . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ksuser.dll
[-] 2004-08-03 . 4721744CE11F385073F6F9F7831752C7 . 4096 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\ksuser.dll
.
[-] 2008-04-14 . 01B4E6E990B6C5EA8856D96C7FD044B2 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . 01B4E6E990B6C5EA8856D96C7FD044B2 . 15360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ctfmon.exe
[-] 2008-04-14 . 01B4E6E990B6C5EA8856D96C7FD044B2 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2004-08-04 . 7CE20569925DF6789C31799F0C538F29 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe
.
[-] 2009-07-27 . 2DB7D303C36DDD055215052F118E8E75 . 135680 . . [6.00.2900.5853] . . c:\windows\system32\shsvcs.dll
[-] 2009-07-27 . 2DB7D303C36DDD055215052F118E8E75 . 135680 . . [6.00.2900.5853] . . c:\windows\system32\dllcache\shsvcs.dll
[-] 2009-07-27 . 927666F4228E3FBBC3D1171581DC8BDC . 135680 . . [6.00.2900.5853] . . c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll
[-] 2008-04-14 . 40602EBFBE06AA075C8E4560743F6883 . 135168 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB971029$\shsvcs.dll
[-] 2008-04-14 . 40602EBFBE06AA075C8E4560743F6883 . 135168 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll
[-] 2008-04-14 . 40602EBFBE06AA075C8E4560743F6883 . 135168 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\shsvcs.dll
[-] 2004-08-04 . BAC5F7F0C2B8C1B9832594851E0F9914 . 135168 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll
.
[-] 2008-04-14 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\srsvc.dll
[-] 2008-04-14 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2004-08-04 . 015F302C4CF961F20C3F98F3A7CA7917 . 171008 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll
.
[-] 2008-04-14 . EDAFBE25FB6480CE68F688BA691890DC . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe
[-] 2008-04-14 . EDAFBE25FB6480CE68F688BA691890DC . 13824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\wscntfy.exe
[-] 2008-04-14 . EDAFBE25FB6480CE68F688BA691890DC . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[-] 2004-08-04 . 7D3E0BEB62799112F5C9FF717D72BF29 . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe
.
[-] 2008-04-14 . 0ADA34871A2E1CD2CAAFED1237A47750 . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll
[-] 2008-04-14 . 0ADA34871A2E1CD2CAAFED1237A47750 . 129024 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\xmlprov.dll
[-] 2008-04-14 . 0ADA34871A2E1CD2CAAFED1237A47750 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[-] 2004-08-04 . 8302DE1C64618D72346DD0034DBC5D9B . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll
.
[-] 2008-04-14 . 04955AA695448C181B367D964AF158AA . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll
[-] 2008-04-14 . 04955AA695448C181B367D964AF158AA . 56320 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\eventlog.dll
[-] 2008-04-14 . 04955AA695448C181B367D964AF158AA . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
[-] 2004-08-04 . B932C077D5A65B71B4512544AC404CB4 . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll
.
[-] 2008-04-14 . 5251425B86EA4A3532B8BB8D14044E61 . 1571840 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll
[-] 2008-04-14 . 5251425B86EA4A3532B8BB8D14044E61 . 1571840 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\sfcfiles.dll
[-] 2008-04-14 . 5251425B86EA4A3532B8BB8D14044E61 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[-] 2004-08-04 . 80F7B7198B869C07C98627AF812D68B6 . 1548288 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll
.
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ipsec.sys
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
[-] 2004-08-04 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys
.
[-] 2008-04-14 . E4CD1F3D84E1C2CA0B8CF7501E201593 . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll
[-] 2008-04-14 . E4CD1F3D84E1C2CA0B8CF7501E201593 . 59904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\regsvc.dll
[-] 2008-04-14 . E4CD1F3D84E1C2CA0B8CF7501E201593 . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[-] 2004-08-04 . AE81CF7D7CFA79CD03E8FB99788A7E09 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll
.
[-] 2008-04-14 . A050194A44D7FA8D7186ED2F4E8367AE . 193536 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll
[-] 2008-04-14 . A050194A44D7FA8D7186ED2F4E8367AE . 193536 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\schedsvc.dll
[-] 2008-04-14 . A050194A44D7FA8D7186ED2F4E8367AE . 193536 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[-] 2004-08-04 . D5E73842F38E24457C63FEF8CEFFBE19 . 192000 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll
.
[-] 2008-04-14 . 4DF5B05DFAEC29E13E1ED6F6EE12C500 . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll
[-] 2008-04-14 . 4DF5B05DFAEC29E13E1ED6F6EE12C500 . 71680 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ssdpsrv.dll
[-] 2008-04-14 . 4DF5B05DFAEC29E13E1ED6F6EE12C500 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[-] 2004-08-04 . 6FA03B462B2FFFE2627171B7FE73EE29 . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll
.
[-] 2008-04-14 . B7DE02C863D8F5A005A7BF375375A6A4 . 297472 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll
[-] 2008-04-14 . B7DE02C863D8F5A005A7BF375375A6A4 . 297472 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\termsrv.dll
[-] 2008-04-14 . B7DE02C863D8F5A005A7BF375375A6A4 . 297472 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[-] 2004-08-04 . 1850BC10DE5DCCCEDE063FC2D0F2CEDA . 297472 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll
.
[-] 2008-04-14 . 0DAF0705D7B39C94E287913226688804 . 348672 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\hnetcfg.dll
[-] 2008-04-14 . 0DAF0705D7B39C94E287913226688804 . 348672 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\hnetcfg.dll
[-] 2008-04-14 . 0DAF0705D7B39C94E287913226688804 . 348672 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll
[-] 2004-08-04 . AE93E415220A4C0112768A0DEE36D28D . 348672 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\hnetcfg.dll
.
[-] 2008-04-14 . D45960BE52C3C610D361977057F98C54 . 175616 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\appmgmts.dll
[-] 2008-04-14 . D45960BE52C3C610D361977057F98C54 . 175616 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\appmgmts.dll
[-] 2008-04-14 . D45960BE52C3C610D361977057F98C54 . 175616 . . [5.1.2600.5512] . . c:\windows\system32\appmgmts.dll
[-] 2004-08-04 . BECD5328E7869807D6557BE4FE60C72F . 175616 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\appmgmts.dll
.
[-] 2004-08-04 . 9E1CA3160DAFB159CA14F83B1E317F75 . 12160 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
.
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\aec.sys
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
[-] 2004-08-03 20:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtServicePackUninstall$\aec.sys
.
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\agp440.sys
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys
.
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ip6fw.sys
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
[-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys
.
[-] 2010-09-18 07:18 . 4891FCDAE77486BFB56999AA217651FA . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll
[-] 2010-09-18 06:52 . 1614669828A32BCD06E1BE6F334BB888 . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll
[-] 2010-09-18 06:52 . 1614669828A32BCD06E1BE6F334BB888 . 953856 . . [4.1.6151] . . c:\windows\system32\dllcache\mfc40u.dll
[-] 2008-04-14 02:22 . ACC19BA6876AF18768EE87931CAD14E2 . 927504 . . [4.1.0.61] . . c:\windows\$NtUninstallKB2387149$\mfc40u.dll
[-] 2008-04-14 02:22 . ACC19BA6876AF18768EE87931CAD14E2 . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll
[-] 2008-04-14 02:22 . ACC19BA6876AF18768EE87931CAD14E2 . 927504 . . [4.1.0.61] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\mfc40u.dll
[-] 2004-08-04 12:00 . 31DD27AB47F62D383505F35CA972748B . 924432 . . [4.1.6140] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll
.
[-] 2008-04-14 . B7550A7107281D170CE85524B1488C98 . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll
[-] 2008-04-14 . B7550A7107281D170CE85524B1488C98 . 33792 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\msgsvc.dll
[-] 2008-04-14 . B7550A7107281D170CE85524B1488C98 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[-] 2004-08-04 . E5215AB942C5AC5F7EB0E54871D7A27C . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll
.
[-] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[-] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll
[-] 2004-08-04 12:00 . D68CC4EBF7B03FD770D5962295AD814E . 52736 . . [9.0.1.56] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
.
[-] 2011-10-26 . 525C18123E6FAF032E3853A4B9D8F255 . 2071680 . . [5.1.2600.6165] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[-] 2011-10-26 . 525C18123E6FAF032E3853A4B9D8F255 . 2071680 . . [5.1.2600.6165] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[-] 2011-10-26 . 07FD1B85212CB29D3D75932B8C3FD210 . 2029568 . . [5.1.2600.6165] . . c:\windows\system32\ntkrnlpa.exe
[-] 2011-10-26 . ADD968B4D4A095407FD5B915F89BA8B5 . 2071680 . . [5.1.2600.6165] . . c:\windows\$hf_mig$\KB2633171\SP3QFE\ntkrnlpa.exe
[-] 2010-12-09 . 7B1CA0A6C042E4B90A18B49ED73CBA76 . 2071680 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe
[-] 2010-12-09 . 56371A8F18F7D9570A11B1C54D602A2A . 2029568 . . [5.1.2600.6055] . . c:\windows\$NtUninstallKB2633171$\ntkrnlpa.exe
[-] 2010-02-17 . FEDB0FDF1FE02ECC7A823A690175B876 . 2066048 . . [5.1.2600.3670] . . c:\windows\$hf_mig$\KB979683\SP2QFE\ntkrnlpa.exe
[-] 2010-02-16 . 4C56EC495229ABC2F62862A7E145A852 . 2019328 . . [5.1.2600.3670] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
[-] 2010-02-16 . 9F24D01B6027FED0423FD28F1055E3DD . 2069120 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3GDR\ntkrnlpa.exe
[-] 2010-02-16 . 1DFCBCFD1C9016C051BE6D7243459CCA . 2027008 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB2393802$\ntkrnlpa.exe
[-] 2010-02-16 . CEE28C8C47E52F185F9F8F3A2E31880C . 2069248 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[-] 2009-02-10 . 321917CFF934663C48C1E91A930E5D71 . 2068352 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe
[-] 2009-02-09 . 6A2980D9805A4285271FE50D91BC5C2A . 2018304 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe
[-] 2009-02-09 . 84C1C109552E9E276FF004E181B80C25 . 2065280 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntkrnlpa.exe
[-] 2009-02-09 . 1F9DA92672B8B5720C5FB1E87D8F249F . 2068480 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[-] 2008-04-14 . FEFB3BDA35CF469809B0C89AB6833AFC . 2026496 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[-] 2008-04-14 . E51980EF65CED4490A7395A06C08DA34 . 2068224 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[-] 2008-04-14 . E51980EF65CED4490A7395A06C08DA34 . 2068224 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ntkrnlpa.exe
[-] 2004-08-04 . F8D35488D41B19A306A454FFC0ED0336 . 2017792 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572_0$\ntkrnlpa.exe
.
[-] 2008-04-14 02:22 . 56AF4064996FA5BAC9C449B1514B4770 . 438272 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll
[-] 2008-04-14 02:22 . 56AF4064996FA5BAC9C449B1514B4770 . 438272 . . [5.1.2400.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ntmssvc.dll
[-] 2008-04-14 02:22 . 56AF4064996FA5BAC9C449B1514B4770 . 438272 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[-] 2004-08-04 12:00 . 428AA946A8D9F32DBB4260C8E6E13377 . 438272 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll
.
[-] 2008-04-14 . 1DFD8975D8C89214B98D9387C1125B49 . 186880 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll
[-] 2008-04-14 . 1DFD8975D8C89214B98D9387C1125B49 . 186880 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\upnphost.dll
[-] 2008-04-14 . 1DFD8975D8C89214B98D9387C1125B49 . 186880 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[-] 2004-08-04 . 09D4A2D7C5A8ABEC227D118765FAADDF . 185856 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\upnphost.dll
.
[-] 2008-04-14 . 9236E736EDB57BE7D1EF6274410E3BAC . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll
[-] 2008-04-14 . 9236E736EDB57BE7D1EF6274410E3BAC . 367616 . . [5.3.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\dsound.dll
[-] 2008-04-14 . 9236E736EDB57BE7D1EF6274410E3BAC . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
[-] 2004-08-04 . 7DB3393F98E4211F5CE8F003DE0615CF . 367616 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\dsound.dll
.
[-] 2008-04-14 . 36969CF86E51EC8ED202B40F2FA80AA6 . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll
[-] 2008-04-14 . 36969CF86E51EC8ED202B40F2FA80AA6 . 1689088 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\d3d9.dll
[-] 2008-04-14 . 36969CF86E51EC8ED202B40F2FA80AA6 . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll
[-] 2004-08-04 . 20AE7889467887B869F30308EEED9A2A . 1689088 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\d3d9.dll
.
[-] 2008-04-14 . 4A37188B83B00DD9CFBA049687AD0DAF . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll
[-] 2008-04-14 . 4A37188B83B00DD9CFBA049687AD0DAF . 279552 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ddraw.dll
[-] 2008-04-14 . 4A37188B83B00DD9CFBA049687AD0DAF . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll
[-] 2004-08-04 . CAC545A56482DE01640E6B791DE19944 . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll
.
[-] 2008-04-14 02:22 . 5D7F5A46975D2E59A6FECB6C231D200F . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll
[-] 2008-04-14 02:22 . 5D7F5A46975D2E59A6FECB6C231D200F . 84992 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\olepro32.dll
[-] 2008-04-14 02:22 . 5D7F5A46975D2E59A6FECB6C231D200F . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll
[-] 2004-08-04 12:00 . 1404D3DD4ED4F5E2A938B43794049A81 . 83456 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\olepro32.dll
.
[-] 2008-04-14 . C47FD93010649AC0D79022D9B69ADBE4 . 41984 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll
[-] 2008-04-14 . C47FD93010649AC0D79022D9B69ADBE4 . 41984 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\perfctrs.dll
[-] 2008-04-14 . C47FD93010649AC0D79022D9B69ADBE4 . 41984 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll
[-] 2004-08-04 . 007BFD01772B5202C5CE4F208A2F3F46 . 41984 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll
.
[-] 2008-04-14 . F86000634319F71535BCE6B06995EE99 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\version.dll
[-] 2008-04-14 . F86000634319F71535BCE6B06995EE99 . 18944 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\version.dll
[-] 2008-04-14 . F86000634319F71535BCE6B06995EE99 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll
[-] 2004-08-04 . 4EF2FDC0A085C8339ED4D9C59CE8FC60 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\version.dll
.
[-] 2008-04-14 . 3BFE49B4CDFAC83B0F3C79412895A179 . 93184 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\iexplore.exe
[-] 2008-04-14 . 3BFE49B4CDFAC83B0F3C79412895A179 . 93184 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\iexplore.exe
[-] 2004-08-04 . B39A6AF04A431E317C85BF061719E705 . 93184 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\iexplore.exe
.
.
[-] 2011-10-26 . 8B4FC0BCA12CABFDE8C2E49B1B9A65E6 . 2195072 . . [5.1.2600.6165] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[-] 2011-10-26 . 8B4FC0BCA12CABFDE8C2E49B1B9A65E6 . 2195072 . . [5.1.2600.6165] . . c:\windows\system32\dllcache\ntoskrnl.exe
[-] 2011-10-26 . 63907C9E2D9EEA3ADA8263F0A8D79797 . 2151424 . . [5.1.2600.6165] . . c:\windows\system32\ntoskrnl.exe
[-] 2011-10-26 . 43BA9F58FD87BBF57F958C06241F2C9C . 2195072 . . [5.1.2600.6165] . . c:\windows\$hf_mig$\KB2633171\SP3QFE\ntoskrnl.exe
[-] 2010-12-09 . 2A5A8BE47E1F8E55520FB4031E21D129 . 2195072 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe
[-] 2010-12-09 . DAC0BE266F11618A2B9A6EC4D1F255ED . 2151424 . . [5.1.2600.6055] . . c:\windows\$NtUninstallKB2633171$\ntoskrnl.exe
[-] 2010-02-17 . 786F98EFD090AD93F03E3BD95FB68714 . 2192256 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3GDR\ntoskrnl.exe
[-] 2010-02-16 . 22FB992849C75B08F3A9BFB19B87935D . 2139648 . . [5.1.2600.3670] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
[-] 2010-02-16 . B76CEA13602DC99EE0E655E4798C24AA . 2189184 . . [5.1.2600.3670] . . c:\windows\$hf_mig$\KB979683\SP2QFE\ntoskrnl.exe
[-] 2010-02-16 . E1BD0FAFF2C1D0A825CBA97DCF0DDDAE . 2148864 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB2393802$\ntoskrnl.exe
[-] 2010-02-16 . 4456016C2FF1A8CCCAC8309C9B76E2F5 . 2192384 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[-] 2009-02-10 . D3453310FC92736E674FFDC6E3F455B7 . 2191488 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[-] 2009-02-09 . AA84FFABC07AD44176598F6E253EF5EE . 2138624 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe
[-] 2009-02-09 . E22124EC3A33F40755DCD2F4B1BE8A87 . 2188416 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntoskrnl.exe
[-] 2009-02-09 . FEE1600B76B196D9993CD468DA7524F7 . 2191360 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe
[-] 2008-04-14 . 354C9291513BCE4D0ED6B0C6A15470F8 . 2191360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe
[-] 2008-04-14 . 354C9291513BCE4D0ED6B0C6A15470F8 . 2191360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ntoskrnl.exe
[-] 2008-04-14 . 88077F757C6C793C33408D878B6E0F76 . 2147840 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[-] 2004-08-04 . C3EC5DD56E3EB15D80AF9FCEE030CABD . 2150912 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572_0$\ntoskrnl.exe
.
[-] 2008-04-14 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\srsvc.dll
[-] 2008-04-14 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2004-08-04 . 015F302C4CF961F20C3F98F3A7CA7917 . 171008 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll
.
[-] 2008-04-14 . 7B353059E665F8B7AD2BBEAEF597CF45 . 177152 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\w32time.dll
[-] 2008-04-14 . 7B353059E665F8B7AD2BBEAEF597CF45 . 177152 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\w32time.dll
[-] 2008-04-14 . 7B353059E665F8B7AD2BBEAEF597CF45 . 177152 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll
[-] 2004-08-04 . C6D874CD2A5B83CD11CDEBD28A638584 . 176640 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\w32time.dll
.
[-] 2008-04-14 . BC2C5985611C5356B24AEB370953DED9 . 334336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wiaservc.dll
[-] 2008-04-14 . BC2C5985611C5356B24AEB370953DED9 . 334336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\wiaservc.dll
[-] 2008-04-14 . BC2C5985611C5356B24AEB370953DED9 . 334336 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll
[-] 2004-08-04 . 7E751068ADA60FC77638622E86A7CD9E . 333824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wiaservc.dll
.
[-] 2008-04-14 . 2CF969B9BF1EF069075DCDCE309FAAE1 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\midimap.dll
[-] 2008-04-14 . 2CF969B9BF1EF069075DCDCE309FAAE1 . 18944 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\midimap.dll
[-] 2008-04-14 . 2CF969B9BF1EF069075DCDCE309FAAE1 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\midimap.dll
[-] 2004-08-04 . 32641AE4D340C1AC2D9B3A3BD71F5C47 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\midimap.dll
.
[-] 2008-04-14 . 469FED8597896DB77B49384BE90E2E0A . 7680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rasadhlp.dll
[-] 2008-04-14 . 469FED8597896DB77B49384BE90E2E0A . 7680 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\rasadhlp.dll
[-] 2008-04-14 . 469FED8597896DB77B49384BE90E2E0A . 7680 . . [5.1.2600.5512] . . c:\windows\system32\rasadhlp.dll
[-] 2004-08-04 . 84028E2EBE7A25494766673A5FF4B304 . 8192 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\rasadhlp.dll
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}]
2012-01-11 14:29        241872        ----a-w-        c:\programme\Softonic\softonic\1.5.11.5\bh\softonic.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{5018CFD2-804D-4C99-9F81-25EAEA2769DE}"= "c:\programme\Softonic\softonic\1.5.11.5\softonicTlbr.dll" [2012-01-11 250064]
.
[HKEY_CLASSES_ROOT\clsid\{5018cfd2-804d-4c99-9f81-25eaea2769de}]
[HKEY_CLASSES_ROOT\Softonic.dskBnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[HKEY_CLASSES_ROOT\Softonic.dskBnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Pando Media Booster"="c:\programme\Pando Networks\Media Booster\PMB.exe" [2011-10-30 3077528]
"Steam"="c:\programme\Steam\Steam.exe" [2012-03-09 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-10-25 98304]
"UIExec"="c:\programme\1&1 Surf-Stick\UIExec.exe" [2010-09-30 139088]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2011-03-28 281768]
"RTHDCPL"="RTHDCPL.EXE" [2011-04-14 20053608]
"FixCamera"="c:\windows\FixCamera.exe" [2007-02-12 20480]
"tsnp2std"="c:\windows\tsnp2std.exe" [2007-05-12 270336]
"snp2std"="c:\windows\vsnp2std.exe" [2007-05-10 344064]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\
Magic-i Visual Effects.lnk - c:\programme\Hama\Hama Webcam Suite\Magic-i Visual Effects\Magic-i Visual Effects.exe [N/A]
Windows Search.lnk - c:\programme\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programme\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\persistentroutes]
"178.63.49.78,255.255.255.255,192.168.178.22,1"=""
"203.85.93.210,255.255.255.255,192.168.178.22,1"=""
"176.9.9.227,255.255.255.255,192.168.178.22,1"=""
"80.84.58.203,255.255.255.255,192.168.178.22,1"=""
"188.138.106.112,255.255.255.255,192.168.178.22,1"=""
"199.27.135.167,255.255.255.255,192.168.178.22,1"=""
"199.27.134.167,255.255.255.255,192.168.178.22,1"=""
"79.110.87.198,255.255.255.255,192.168.178.22,1"=""
"94.102.0.108,255.255.255.255,192.168.178.22,1"=""
"203.85.0.92,255.255.255.255,192.168.178.22,1"=""
"188.72.213.65,255.255.255.255,192.168.178.22,1"=""
"176.227.199.194,255.255.255.255,192.168.178.22,1"=""
"188.72.201.254,255.255.255.255,192.168.178.22,1"=""
"184.22.200.176,255.255.255.255,192.168.178.22,1"=""
"46.252.196.1,255.255.255.255,192.168.178.22,1"=""
"80.190.202.43,255.255.255.255,192.168.178.22,1"=""
"173.245.60.150,255.255.255.255,192.168.178.22,1"=""
"85.153.48.2,255.255.255.255,192.168.178.22,1"=""
"184.173.197.241,255.255.255.255,192.168.178.22,1"=""
"80.190.202.44,255.255.255.255,192.168.178.22,1"=""
"91.227.4.115,255.255.255.255,192.168.178.22,1"=""
"31.170.162.61,255.255.255.255,192.168.178.22,1"=""
"199.27.134.58,255.255.255.255,192.168.178.22,1"=""
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages        REG_MULTI_SZ          msv1_0 nwprovau
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\World of Warcraft\\Launcher.exe"=
"c:\\World of Warcraft\\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe"=
"c:\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Programme\\Steam\\steam.exe"=
"c:\\Programme\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Programme\\StarCraft II\\StarCraft II.exe"=
"c:\\Programme\\StarCraft II\\Versions\\Base19679\\SC2.exe"=
"c:\\Programme\\Metin2\\metin2.exe"=
"c:\\Programme\\Metin2\\metin2client.bin"=
"c:\\Programme\\Skype\\Phone\\Skype.exe"=
"c:\\Programme\\StarCraft II\\Versions\\Base21029\\SC2.exe"=
"c:\\Programme\\Steam\\SteamApps\\common\\total war shogun 2\\Shogun2.exe"=
"c:\\Programme\\Steam\\SteamApps\\common\\total war shogun 2\\data\\encyclopedia\\how_to_play.html"=
"c:\\Programme\\Steam\\SteamApps\\common\\total war shogun 2\\benchmarks\\benchmark_current_settings.bat"=
"c:\\Programme\\Steam\\SteamApps\\common\\total war shogun 2\\benchmarks\\benchmark_specify_properties.bat"=
"c:\\Programme\\Steam\\SteamApps\\common\\empire total war\\Empire.exe"=
"c:\\Dokumente und Einstellungen\\Leon\\Eigene Dateien\\Eigene Musik\\gh\\client\\metin2client.bin"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"6881:TCP"= 6881:TCP:Blizzard Downloader: 6881
"58346:TCP"= 58346:TCP:Pando Media Booster
"58346:UDP"= 58346:UDP:Pando Media Booster
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"3389:TCP"= 3389:TCP:Remote Desktop
"65533:TCP"= 65533:TCP:Services
"52344:TCP"= 52344:TCP:Services
.
R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [07.05.2011 19:50 136360]
R2 dgdersvc;Device Error Recovery Service;c:\windows\system32\dgdersvc.exe [25.05.2010 08:44 95568]
R2 UI Assistant Service;UI Assistant Service;c:\programme\1&1 Surf-Stick\AssistantServices.exe [07.05.2011 19:35 253264]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [25.05.2010 08:44 18136]
R3 xpsec;IPSEC-Treiber;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.03.2010 14:16 130384]
S2 gupdate;Google Update-Dienst (gupdate);c:\programme\Google\Update\GoogleUpdate.exe /svc --> c:\programme\Google\Update\GoogleUpdate.exe  [?]
S2 ICQ Service;ICQ Service;c:\programme\ICQ6Toolbar\ICQ Service.exe --> c:\programme\ICQ6Toolbar\ICQ Service.exe [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [07.05.2011 19:51 1691480]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\drivers\ArcSoftKsUFilter.sys [24.10.2011 11:27 13184]
S3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\system32\DRIVERS\fwlanusb.sys --> c:\windows\system32\DRIVERS\fwlanusb.sys [?]
S3 gupdatem;Google Update-Dienst (gupdatem);c:\programme\Google\Update\GoogleUpdate.exe /medsvc --> c:\programme\Google\Update\GoogleUpdate.exe  [?]
S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [07.05.2011 19:35 9216]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [08.05.2011 18:40 96488]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [08.05.2011 18:40 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [08.05.2011 18:40 121576]
S3 wbymj4iz.sys;wbymj4iz.sys;\??\c:\windows\system32\drivers\wbymj4iz.sys --> c:\windows\system32\drivers\wbymj4iz.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.03.2010 14:16 753504]
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - xcpip
.
Inhalt des "geplante Tasks" Ordners
.
2012-04-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-1844823847-839522115-1003Core.job
- c:\dokumente und einstellungen\Leon\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe [2011-07-10 09:47]
.
2012-04-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-1844823847-839522115-1003UA.job
- c:\dokumente und einstellungen\Leon\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe [2011-07-10 09:47]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.softonic.com/MON00016/tb_v1?SearchSource=10&cc=
IE: Free YouTube to MP3 Converter - c:\dokumente und einstellungen\Leon\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\programme\ICQ7.5\ICQ.exe
LSP: xfire_lsp_9028.dll
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\dokumente und einstellungen\Leon\Anwendungsdaten\Mozilla\Firefox\Profiles\hz1cr4u4.default\
FF - prefs.js: browser.search.selectedEngine - Search the web (Softonic)
FF - prefs.js: browser.startup.homepage - hxxp://search.softonic.com/MON00016/tb_v1?SearchSource=13&cc=
FF - prefs.js: keyword.URL - hxxp://search.softonic.com/MON00016/tb_v1?SearchSource=2&cc=&q=
FF - prefs.js: network.proxy.type - 0
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: security.csp.enable - false
FF - user.js: extentions.y2layers.installId - 8411ae7c-65c6-4407-bb26-96958bf79f5e
FF - user.js: extentions.y2layers.defaultEnableAppsList - DropDownDeals,BestVideoDownloader,EzLooker,TwitTube,TopRelatedTopics,Buzzdock,
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: security.csp.enable - false
FF - user.js: extensions.softonic_i.hmpg - true
FF - user.js: extensions.softonic_i.hmpgUrl - hxxp://search.softonic.com/MON00016/tb_v1?SearchSource=13&cc=
FF - user.js: extensions.softonic_i.dfltSrch - true
FF - user.js: extensions.softonic_i.srchPrvdr - Search the web (Softonic)
FF - user.js: extensions.softonic_i.keyWordUrl - hxxp://search.softonic.com/MON00016/tb_v1?SearchSource=2&cc=&q=
FF - user.js: extensions.softonic_i.dnsErr - true
FF - user.js: extensions.softonic_i.newTab - true
FF - user.js: extensions.softonic_i.newTabUrl - hxxp://search.softonic.com/MON00016/tb_v1?SearchSource=15&cc=
FF - user.js: extensions.softonic_i.tlbrSrchUrl - hxxp://search.softonic.com/MON00016/tb_v1?SearchSource=1&cc=&q=
FF - user.js: extensions.softonic_i.id - bcf4e128000000000000000e2e9099bf
FF - user.js: extensions.softonic_i.instlDay - 15366
FF - user.js: extensions.softonic_i.vrsn - 1.5.11.5
FF - user.js: extensions.softonic_i.vrsni - 1.5.11.5
FF - user.js: extensions.softonic_i.vrsnTs - 1.5.11.516:25
FF - user.js: extensions.softonic_i.prtnrId - softonic
FF - user.js: extensions.softonic_i.prdct - softonic
FF - user.js: extensions.softonic_i.aflt - SD
FF - user.js: extensions.softonic_i.smplGrp - eng7
FF - user.js: extensions.softonic_i.tlbrId - de12JANdefault_chrome
FF - user.js: extensions.softonic_i.instlRef - MON00016
FF - user.js: extensions.softonic_i.dfltLng - de
FF - user.js: extensions.softonic_i.excTlbr - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-EA Core - c:\programme\Electronic Arts\EADM\Core.exe
HKCU-Run-KiesTrayAgent - c:\program files\Samsung\Kies\/\KiesTrayAgent.exe
HKLM-Run-AVMWlanClient - c:\programme\avmwlanstick\FRITZWLANMini.exe
HKLM-Run-ArcSoft Connection Service - c:\programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACDaemon.exe
AddRemove-EADM - c:\programme\Electronic Arts\EADM\Uninstall.exe
AddRemove-EVEREST Home Edition_is1 - c:\programme\Lavalys\EVEREST Home Edition\unins000.exe
AddRemove-FarmingSimulator2009GoldDE_is1 - c:\programme\Landwirtschafts-Simulator 2009 Gold\unins000.exe
AddRemove-FastStone Capture - c:\programme\FastStone Capture\uninst.exe
AddRemove-Fraps - c:\fraps\uninstall.exe
AddRemove-Free Audio CD Burner_is1 - c:\programme\DVDVideoSoft\Free Audio CD Burner\unins000.exe
AddRemove-Free Audio Converter_is1 - c:\programme\DVDVideoSoft\Free Audio Converter\unins000.exe
AddRemove-Guitar Explorer 1.0 - c:\programme\Guitar Explorer\uninstall.exe
AddRemove-ICQToolbar - c:\programme\ICQ6Toolbar\ICQUnToolbar.exe
AddRemove-InterActual Player - c:\program files\InterActual\InterActual Player\inuninst.exe
AddRemove-IrfanView - c:\programme\IrfanView\iv_uninstall.exe
AddRemove-M2Fish - c:\dokumente und einstellungen\Leon\Desktop\M2Fish\uninst.exe
AddRemove-Microsoft Help Viewer 1.0 - c:\programme\Microsoft Help Viewer\v1.0\Microsoft Help Viewer 1.0\install.exe
AddRemove-Microsoft Help Viewer 1.0 Language Pack - DEU - c:\programme\Microsoft Help Viewer\v1.0\Microsoft Help Viewer 1.0 Language Pack - DEU\install.exe
AddRemove-Microsoft Visual Basic 2010 Express - DEU - c:\programme\Microsoft Visual Studio 10.0\Microsoft Visual Basic 2010 Express - DEU\setup.exe
AddRemove-ProPilot Europa - c:\windows\IsUn0407.exe
AddRemove-TeamViewer 6 - c:\programme\TeamViewer\Version6\uninstall.exe
AddRemove-Uninstall_is1 - c:\programme\Gemeinsame Dateien\DVDVideoSoft\unins000.exe
AddRemove-VLC classic - c:\programme\Vlcclassic\uninstall.exe
AddRemove-WinGimp-2.0_is1 - c:\programme\GIMP-2.0\setup\unins000.exe
AddRemove-Wizard101(DE)_is1 - c:\programme\Wizard101(DE)\unins000.exe
AddRemove-Xfire - c:\programme\Xfire\uninst.exe
AddRemove-{520C1D80-935C-42B9-9340-E883849D804F}_is1 - c:\programme\DriverTuner\unins000.exe
AddRemove-{86693815-D500-4887-B6EF-B5F0BFA97736}_is1 - c:\programme\MoonMt2 2012\unins000.exe
AddRemove-{C3BBA5F6-83A0-4B12-A70E-6F391D659BA2}_is1 - c:\programme\Chirurgie-Simulator\unins000.exe
AddRemove-{D0795B21-0CDA-4a92-AB9E-6E92D8111E44} - c:\program files\Samsung\USB Drivers\Uninstall.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-12_Symbian_USB_Download_Driver - c:\program files\Samsung\USB Drivers\12_Symbian_USB_Download_Driver\Uninstall.exe
AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\program files\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-{E3723A04-A894-4036-A78E-282E18F43C0A}_is1 - c:\programme\Tinypic\unins000.exe
AddRemove-Metin2 Singapore - c:\programme\Metin2 Singapore\Uninstal.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2012-04-17 20:04
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1085031214-1844823847-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:cc,1b,47,bc,8f,ca,63,bd,ed,2f,15,ce,53,f4,28,70,b1,b9,a9,f3,65,
  b6,a6,5e,94,0e,50,3c,80,ac,b8,95,a2,a3,f7,c4,fa,aa,ae,1d,af,39,38,02,ac,7b,\
"rkeysecu"=hex:2b,ac,4b,f7,8d,6b,a3,74,c1,0b,4a,27,f1,e4,ce,b5
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'winlogon.exe'(596)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'lsass.exe'(652)
c:\windows\system32\xfire_lsp_9028.dll
.
- - - - - - - > 'explorer.exe'(4836)
c:\programme\Windows Desktop Search\deskbar.dll
c:\programme\Windows Desktop Search\de-de\dbres.dll.mui
c:\programme\Windows Desktop Search\dbres.dll
c:\programme\Windows Desktop Search\wordwheel.dll
c:\programme\Windows Desktop Search\de-de\msnlExtRes.dll.mui
c:\programme\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\programme\Avira\AntiVir Desktop\avguard.exe
c:\programme\Avira\AntiVir Desktop\avshadow.exe
c:\programme\Java\jre6\bin\jqs.exe
c:\windows\system32\SearchIndexer.exe
c:\programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\windows\RTHDCPL.EXE
c:\programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-04-17  20:10:28 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-04-17 18:10
.
Vor Suchlauf: 2.709.196.800 Bytes frei
Nach Suchlauf: 4.840.321.024 Bytes frei
.
WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 22DA8E18778BA5430A4CC35B7CB058BC
--- --- ---

markusg 17.04.2012 19:18
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten

Leon3221 17.04.2012 19:31
So habe das Programm gestartet hat auch was gefunden habe dan cure eingestellt und musste halt PC neu starten um es zu ,,Heilen,, habe das grade noch einmal laufen lassen und nichts mehr gefunden also der tdsskiller war das jetzt alles also ist mein pc clean `?

markusg 17.04.2012 19:33
hab ich irgendwas von cure geschrieben? steht da nicht skip, lies richtig, oder willst du deinen pc beschädigen.
wo sind die logs, poste sie, sie sind auf c: als tdss-killer-datum-.txt gespeichert

Leon3221 17.04.2012 19:38
Okay das Problem ist ich habe es 2 mal laufen lassen und habe jetzt 2 verschiedene logs aber werde beide posten :


20:28:38.0234 1936 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
20:28:38.0390 1936 ============================================================
20:28:38.0390 1936 Current date / time: 2012/04/17 20:28:38.0390
20:28:38.0390 1936 SystemInfo:
20:28:38.0390 1936
20:28:38.0390 1936 OS Version: 5.1.2600 ServicePack: 3.0
20:28:38.0390 1936 Product type: Workstation
20:28:38.0390 1936 ComputerName: LEON3221
20:28:38.0390 1936 UserName: Leon
20:28:38.0390 1936 Windows directory: C:\WINDOWS
20:28:38.0390 1936 System windows directory: C:\WINDOWS
20:28:38.0390 1936 Processor architecture: Intel x86
20:28:38.0390 1936 Number of processors: 2
20:28:38.0390 1936 Page size: 0x1000
20:28:38.0390 1936 Boot type: Normal boot
20:28:38.0390 1936 ============================================================
20:28:39.0437 1936 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:28:39.0484 1936 \Device\Harddisk0\DR0:
20:28:39.0484 1936 MBR used
20:28:39.0484 1936 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC34F28D
20:28:39.0562 1936 Initialize success
20:28:39.0562 1936 ============================================================
20:28:41.0125 2196 ============================================================
20:28:41.0125 2196 Scan started
20:28:41.0125 2196 Mode: Manual;
20:28:41.0125 2196 ============================================================
20:28:41.0546 2196 Abiosdsk - ok
20:28:41.0562 2196 abp480n5 - ok
20:28:41.0593 2196 ACDaemon - ok
20:28:41.0671 2196 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:28:41.0687 2196 ACPI - ok
20:28:41.0750 2196 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
20:28:41.0750 2196 ACPIEC - ok
20:28:41.0781 2196 adpu160m - ok
20:28:41.0843 2196 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
20:28:41.0890 2196 aec - ok
20:28:41.0968 2196 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\WINDOWS\system32\drivers\Afc.sys
20:28:41.0968 2196 Afc - ok
20:28:42.0046 2196 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
20:28:42.0062 2196 AFD - ok
20:28:42.0093 2196 Aha154x - ok
20:28:42.0140 2196 aic78u2 - ok
20:28:42.0171 2196 aic78xx - ok
20:28:42.0234 2196 Alerter (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
20:28:42.0234 2196 Alerter - ok
20:28:42.0281 2196 ALG (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
20:28:42.0281 2196 ALG - ok
20:28:42.0312 2196 AliIde - ok
20:28:42.0406 2196 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
20:28:42.0515 2196 Ambfilt - ok
20:28:42.0578 2196 AmdPPM (033448d435e65c4bd72e70521fd05c76) C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
20:28:42.0593 2196 AmdPPM - ok
20:28:42.0625 2196 amsint - ok
20:28:42.0703 2196 AntiVirSchedulerService (c27d46b06d340293670450fce9dfb166) C:\Programme\Avira\AntiVir Desktop\sched.exe
20:28:42.0703 2196 AntiVirSchedulerService - ok
20:28:42.0718 2196 AntiVirService (72d90e56563165984224493069c69ed4) C:\Programme\Avira\AntiVir Desktop\avguard.exe
20:28:42.0718 2196 AntiVirService - ok
20:28:42.0765 2196 AppMgmt (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
20:28:42.0812 2196 AppMgmt - ok
20:28:42.0859 2196 ArcSoftKsUFilter (bf8470e29873dd3f725f18709928c85f) C:\WINDOWS\system32\DRIVERS\ArcSoftKsUFilter.sys
20:28:42.0859 2196 ArcSoftKsUFilter - ok
20:28:42.0890 2196 asc - ok
20:28:42.0937 2196 asc3350p - ok
20:28:42.0968 2196 asc3550 - ok
20:28:43.0078 2196 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:28:43.0093 2196 aspnet_state - ok
20:28:43.0156 2196 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:28:43.0156 2196 AsyncMac - ok
20:28:43.0203 2196 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:28:43.0203 2196 atapi - ok
20:28:43.0218 2196 Atdisk - ok
20:28:43.0296 2196 Ati HotKey Poller (bf4690ff029aaec1266f32bb3e9633e8) C:\WINDOWS\system32\Ati2evxx.exe
20:28:43.0312 2196 Ati HotKey Poller - ok
20:28:43.0390 2196 ATI Smart (fb796f8fe747225756b870e9564a469c) C:\WINDOWS\system32\ati2sgag.exe
20:28:43.0406 2196 ATI Smart - ok
20:28:43.0625 2196 ati2mtag (f27a0b0d1373d36d866f29b434b7aa92) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
20:28:43.0828 2196 ati2mtag - ok
20:28:43.0921 2196 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:28:43.0937 2196 Atmarpc - ok
20:28:43.0984 2196 AudioSrv (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
20:28:43.0984 2196 AudioSrv - ok
20:28:44.0046 2196 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:28:44.0062 2196 audstub - ok
20:28:44.0125 2196 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Programme\Avira\AntiVir Desktop\avgio.sys
20:28:44.0125 2196 avgio - ok
20:28:44.0171 2196 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
20:28:44.0187 2196 avgntflt - ok
20:28:44.0203 2196 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
20:28:44.0218 2196 avipbb - ok
20:28:44.0250 2196 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:28:44.0265 2196 Beep - ok
20:28:44.0312 2196 BITS (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
20:28:44.0328 2196 BITS - ok
20:28:44.0390 2196 Browser (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
20:28:44.0390 2196 Browser - ok
20:28:44.0390 2196 catchme - ok
20:28:44.0437 2196 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:28:44.0437 2196 cbidf2k - ok
20:28:44.0500 2196 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
20:28:44.0500 2196 CCDECODE - ok
20:28:44.0531 2196 cd20xrnt - ok
20:28:44.0593 2196 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:28:44.0593 2196 Cdaudio - ok
20:28:44.0640 2196 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
20:28:44.0656 2196 Cdfs - ok
20:28:44.0671 2196 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:28:44.0687 2196 Cdrom - ok
20:28:44.0734 2196 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
20:28:44.0734 2196 cercsr6 - ok
20:28:44.0765 2196 Changer - ok
20:28:44.0812 2196 CiSvc (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
20:28:44.0812 2196 CiSvc - ok
20:28:44.0859 2196 ClipSrv (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
20:28:44.0859 2196 ClipSrv - ok
20:28:44.0921 2196 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:28:44.0953 2196 clr_optimization_v2.0.50727_32 - ok
20:28:45.0000 2196 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:28:45.0062 2196 clr_optimization_v4.0.30319_32 - ok
20:28:45.0093 2196 CmdIde - ok
20:28:45.0093 2196 COMSysApp - ok
20:28:45.0109 2196 Cpqarray - ok
20:28:45.0171 2196 CryptSvc (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
20:28:45.0171 2196 CryptSvc - ok
20:28:45.0187 2196 dac2w2k - ok
20:28:45.0203 2196 dac960nt - ok
20:28:45.0234 2196 DcomLaunch (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
20:28:45.0250 2196 DcomLaunch - ok
20:28:45.0296 2196 dgderdrv (d0d4f3ca1d3a4400e1f40f36a800cd12) C:\WINDOWS\system32\drivers\dgderdrv.sys
20:28:45.0312 2196 dgderdrv - ok
20:28:45.0359 2196 dgdersvc (1f7baca7d1dd1b3d73b4c3934148fad3) C:\WINDOWS\system32\dgdersvc.exe
20:28:45.0359 2196 dgdersvc - ok
20:28:45.0421 2196 Dhcp (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
20:28:45.0421 2196 Dhcp - ok
20:28:45.0453 2196 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
20:28:45.0453 2196 Disk - ok
20:28:45.0468 2196 dmadmin - ok
20:28:45.0531 2196 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
20:28:45.0578 2196 dmboot - ok
20:28:45.0625 2196 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
20:28:45.0640 2196 dmio - ok
20:28:45.0671 2196 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:28:45.0671 2196 dmload - ok
20:28:45.0718 2196 dmserver (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
20:28:45.0718 2196 dmserver - ok
20:28:45.0750 2196 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
20:28:45.0765 2196 DMusic - ok
20:28:45.0796 2196 Dnscache (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
20:28:45.0796 2196 Dnscache - ok
20:28:45.0843 2196 Dot3svc (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
20:28:45.0859 2196 Dot3svc - ok
20:28:45.0906 2196 dpti2o - ok
20:28:45.0937 2196 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
20:28:45.0937 2196 drmkaud - ok
20:28:45.0968 2196 EagleNT - ok
20:28:45.0984 2196 EapHost (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
20:28:46.0000 2196 EapHost - ok
20:28:46.0046 2196 ERSvc (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
20:28:46.0046 2196 ERSvc - ok
20:28:46.0078 2196 Eventlog (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
20:28:46.0093 2196 Eventlog - ok
20:28:46.0140 2196 EventSystem (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
20:28:46.0140 2196 EventSystem - ok
20:28:46.0203 2196 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
20:28:46.0218 2196 Fastfat - ok
20:28:46.0250 2196 FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:28:46.0265 2196 FastUserSwitchingCompatibility - ok
20:28:46.0281 2196 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
20:28:46.0296 2196 Fdc - ok
20:28:46.0312 2196 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
20:28:46.0328 2196 Fips - ok
20:28:46.0343 2196 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
20:28:46.0359 2196 Flpydisk - ok
20:28:46.0406 2196 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
20:28:46.0421 2196 FltMgr - ok
20:28:46.0484 2196 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:28:46.0500 2196 FontCache3.0.0.0 - ok
20:28:46.0531 2196 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:28:46.0531 2196 Fs_Rec - ok
20:28:46.0562 2196 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:28:46.0562 2196 Ftdisk - ok
20:28:46.0578 2196 FWLANUSB - ok
20:28:46.0609 2196 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:28:46.0609 2196 Gpc - ok
20:28:46.0640 2196 gupdate - ok
20:28:46.0656 2196 gupdatem - ok
20:28:46.0687 2196 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:28:46.0703 2196 HDAudBus - ok
20:28:46.0750 2196 helpsvc (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:28:46.0750 2196 helpsvc - ok
20:28:46.0765 2196 HidServ - ok
20:28:46.0796 2196 hkmsvc (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
20:28:46.0812 2196 hkmsvc - ok
20:28:46.0828 2196 hpn - ok
20:28:46.0875 2196 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
20:28:46.0875 2196 HTTP - ok
20:28:46.0906 2196 HTTPFilter (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
20:28:46.0906 2196 HTTPFilter - ok
20:28:46.0937 2196 i2omgmt - ok
20:28:46.0984 2196 i2omp - ok
20:28:47.0046 2196 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:28:47.0046 2196 i8042prt - ok
20:28:47.0093 2196 ICQ Service - ok
20:28:47.0156 2196 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:28:47.0250 2196 idsvc - ok
20:28:47.0265 2196 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:28:47.0281 2196 Imapi - ok
20:28:47.0312 2196 ImapiService (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
20:28:47.0328 2196 ImapiService - ok
20:28:47.0343 2196 ini910u - ok
20:28:47.0562 2196 IntcAzAudAddService (4716f7ee8fb7fd02596ece1ec70aff53) C:\WINDOWS\system32\drivers\RtkHDAud.sys
20:28:47.0750 2196 IntcAzAudAddService - ok
20:28:47.0796 2196 IntelIde - ok
20:28:47.0843 2196 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
20:28:47.0859 2196 Ip6Fw - ok
20:28:47.0937 2196 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:28:47.0937 2196 IpFilterDriver - ok
20:28:47.0984 2196 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:28:47.0984 2196 IpInIp - ok
20:28:48.0031 2196 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:28:48.0046 2196 IpNat - ok
20:28:48.0078 2196 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:28:48.0078 2196 IPSec - ok
20:28:48.0140 2196 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:28:48.0140 2196 IRENUM - ok
20:28:48.0171 2196 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:28:48.0187 2196 isapnp - ok
20:28:48.0312 2196 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Programme\Java\jre6\bin\jqs.exe
20:28:48.0312 2196 JavaQuickStarterService - ok
20:28:48.0343 2196 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:28:48.0343 2196 Kbdclass - ok
20:28:48.0375 2196 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
20:28:48.0390 2196 kmixer - ok
20:28:48.0468 2196 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
20:28:48.0468 2196 KSecDD - ok
20:28:48.0546 2196 lanmanserver (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
20:28:48.0546 2196 lanmanserver - ok
20:28:48.0609 2196 lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
20:28:48.0609 2196 lanmanworkstation - ok
20:28:48.0625 2196 lbrtfdc - ok
20:28:48.0656 2196 LmHosts (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
20:28:48.0656 2196 LmHosts - ok
20:28:48.0703 2196 massfilter (09721f2c56681a83c93ecdfab8b102a9) C:\WINDOWS\system32\drivers\massfilter.sys
20:28:48.0703 2196 massfilter - ok
20:28:48.0859 2196 Messenger (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
20:28:48.0890 2196 Messenger - ok
20:28:49.0187 2196 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:28:49.0203 2196 mnmdd - ok
20:28:49.0281 2196 mnmsrvc (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
20:28:49.0296 2196 mnmsrvc - ok
20:28:49.0343 2196 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
20:28:49.0359 2196 Modem - ok
20:28:49.0437 2196 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
20:28:49.0500 2196 Monfilt - ok
20:28:49.0546 2196 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:28:49.0546 2196 Mouclass - ok
20:28:49.0578 2196 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
20:28:49.0593 2196 MountMgr - ok
20:28:49.0609 2196 mraid35x - ok
20:28:49.0640 2196 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:28:49.0656 2196 MRxDAV - ok
20:28:49.0703 2196 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:28:49.0734 2196 MRxSmb - ok
20:28:49.0781 2196 MSDTC (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
20:28:49.0781 2196 MSDTC - ok
20:28:49.0859 2196 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
20:28:49.0859 2196 Msfs - ok
20:28:49.0875 2196 MSIServer - ok
20:28:49.0937 2196 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:28:49.0953 2196 MSKSSRV - ok
20:28:50.0000 2196 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:28:50.0000 2196 MSPCLOCK - ok
20:28:50.0046 2196 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
20:28:50.0046 2196 MSPQM - ok
20:28:50.0109 2196 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:28:50.0125 2196 mssmbios - ok
20:28:50.0203 2196 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
20:28:50.0203 2196 MSTEE - ok
20:28:50.0265 2196 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
20:28:50.0281 2196 Mup - ok
20:28:50.0328 2196 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
20:28:50.0343 2196 NABTSFEC - ok
20:28:50.0390 2196 napagent (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
20:28:50.0437 2196 napagent - ok
20:28:50.0500 2196 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
20:28:50.0515 2196 NDIS - ok
20:28:50.0578 2196 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
20:28:50.0578 2196 NdisIP - ok
20:28:50.0640 2196 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:28:50.0640 2196 NdisTapi - ok
20:28:50.0671 2196 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:28:50.0671 2196 Ndisuio - ok
20:28:50.0703 2196 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:28:50.0703 2196 NdisWan - ok
20:28:50.0750 2196 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
20:28:50.0750 2196 NDProxy - ok
20:28:50.0781 2196 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
20:28:50.0796 2196 NetBIOS - ok
20:28:50.0828 2196 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
20:28:50.0828 2196 NetBT - ok
20:28:50.0906 2196 NetDDE (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
20:28:50.0921 2196 NetDDE - ok
20:28:50.0937 2196 NetDDEdsdm (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
20:28:50.0937 2196 NetDDEdsdm - ok
20:28:50.0968 2196 Netlogon (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:28:50.0968 2196 Netlogon - ok
20:28:51.0000 2196 Netman (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
20:28:51.0000 2196 Netman - ok
20:28:51.0078 2196 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:28:51.0093 2196 NetTcpPortSharing - ok
20:28:51.0140 2196 Nla (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
20:28:51.0140 2196 Nla - ok
20:28:51.0187 2196 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
20:28:51.0187 2196 Npfs - ok
20:28:51.0187 2196 npggsvc - ok
20:28:51.0218 2196 NPPTNT2 (9131fe60adfab595c8da53ad6a06aa31) C:\WINDOWS\system32\npptNT2.sys
20:28:51.0218 2196 NPPTNT2 - ok
20:28:51.0265 2196 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
20:28:51.0296 2196 Ntfs - ok
20:28:51.0328 2196 NtLmSsp (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:28:51.0328 2196 NtLmSsp - ok
20:28:51.0390 2196 NtmsSvc (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
20:28:51.0421 2196 NtmsSvc - ok
20:28:51.0484 2196 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:28:51.0484 2196 Null - ok
20:28:51.0531 2196 NWCWorkstation (c34a6a72dec2c317d67355dc18f87090) C:\WINDOWS\System32\nwwks.dll
20:28:51.0531 2196 NWCWorkstation - ok
20:28:51.0562 2196 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:28:51.0562 2196 NwlnkFlt - ok
20:28:51.0609 2196 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:28:51.0625 2196 NwlnkFwd - ok
20:28:51.0671 2196 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
20:28:51.0687 2196 NwlnkIpx - ok
20:28:51.0703 2196 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
20:28:51.0718 2196 NwlnkNb - ok
20:28:51.0750 2196 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
20:28:51.0750 2196 NwlnkSpx - ok
20:28:51.0812 2196 NWRDR (36b9b950e3d2e100970a48d8bad86740) C:\WINDOWS\system32\DRIVERS\nwrdr.sys
20:28:51.0828 2196 NWRDR - ok
20:28:51.0843 2196 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
20:28:51.0859 2196 Parport - ok
20:28:51.0875 2196 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
20:28:51.0890 2196 PartMgr - ok
20:28:51.0953 2196 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
20:28:51.0968 2196 ParVdm - ok
20:28:51.0984 2196 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
20:28:52.0000 2196 PCI - ok
20:28:52.0015 2196 PCIDump - ok
20:28:52.0078 2196 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
20:28:52.0078 2196 PCIIde - ok
20:28:52.0125 2196 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
20:28:52.0140 2196 Pcmcia - ok
20:28:52.0171 2196 PDCOMP - ok
20:28:52.0218 2196 PDFRAME - ok
20:28:52.0234 2196 PDRELI - ok
20:28:52.0265 2196 PDRFRAME - ok
20:28:52.0281 2196 perc2 - ok
20:28:52.0312 2196 perc2hib - ok
20:28:52.0390 2196 PlugPlay (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
20:28:52.0390 2196 PlugPlay - ok
20:28:52.0406 2196 PolicyAgent (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:28:52.0421 2196 PolicyAgent - ok
20:28:52.0453 2196 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:28:52.0453 2196 PptpMiniport - ok
20:28:52.0484 2196 Processor (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys
20:28:52.0484 2196 Processor - ok
20:28:52.0515 2196 ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:28:52.0515 2196 ProtectedStorage - ok
20:28:52.0546 2196 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
20:28:52.0546 2196 PSched - ok
20:28:52.0578 2196 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:28:52.0593 2196 Ptilink - ok
20:28:52.0625 2196 ql1080 - ok
20:28:52.0640 2196 Ql10wnt - ok
20:28:52.0671 2196 ql12160 - ok
20:28:52.0687 2196 ql1240 - ok
20:28:52.0687 2196 ql1280 - ok
20:28:52.0750 2196 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:28:52.0750 2196 RasAcd - ok
20:28:52.0812 2196 RasAuto (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
20:28:52.0812 2196 RasAuto - ok
20:28:52.0828 2196 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:28:52.0843 2196 Rasl2tp - ok
20:28:52.0890 2196 RasMan (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
20:28:52.0890 2196 RasMan - ok
20:28:52.0921 2196 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:28:52.0921 2196 RasPppoe - ok
20:28:52.0984 2196 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:28:52.0984 2196 Raspti - ok
20:28:53.0031 2196 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:28:53.0046 2196 Rdbss - ok
20:28:53.0078 2196 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:28:53.0078 2196 RDPCDD - ok
20:28:53.0109 2196 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:28:53.0156 2196 rdpdr - ok
20:28:53.0203 2196 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
20:28:53.0218 2196 RDPWD - ok
20:28:53.0265 2196 RDSessMgr (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
20:28:53.0265 2196 RDSessMgr - ok
20:28:53.0296 2196 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:28:53.0312 2196 redbook - ok
20:28:53.0375 2196 RemoteAccess (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
20:28:53.0375 2196 RemoteAccess - ok
20:28:53.0421 2196 RemoteRegistry (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
20:28:53.0437 2196 RemoteRegistry - ok
20:28:53.0468 2196 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
20:28:53.0468 2196 ROOTMODEM - ok
20:28:53.0500 2196 RpcLocator (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
20:28:53.0500 2196 RpcLocator - ok
20:28:53.0546 2196 RpcSs (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\System32\rpcss.dll
20:28:53.0546 2196 RpcSs - ok
20:28:53.0593 2196 RSVP (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
20:28:53.0593 2196 RSVP - ok
20:28:53.0625 2196 RTL8023xp (8e34400ffc7d647946d9c820678775af) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
20:28:53.0640 2196 RTL8023xp - ok
20:28:53.0687 2196 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
20:28:53.0703 2196 rtl8139 - ok
20:28:53.0734 2196 SamSs (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:28:53.0734 2196 SamSs - ok
20:28:53.0781 2196 SCardSvr (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
20:28:53.0781 2196 SCardSvr - ok
20:28:53.0828 2196 Schedule (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
20:28:53.0828 2196 Schedule - ok
20:28:53.0875 2196 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:28:53.0875 2196 Secdrv - ok
20:28:53.0906 2196 seclogon (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
20:28:53.0906 2196 seclogon - ok
20:28:53.0953 2196 SENS (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
20:28:53.0953 2196 SENS - ok
20:28:53.0984 2196 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
20:28:53.0984 2196 serenum - ok
20:28:54.0015 2196 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
20:28:54.0015 2196 Serial - ok
20:28:54.0093 2196 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
20:28:54.0093 2196 Sfloppy - ok
20:28:54.0140 2196 SharedAccess (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
20:28:54.0156 2196 SharedAccess - ok
20:28:54.0203 2196 ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:28:54.0203 2196 ShellHWDetection - ok
20:28:54.0234 2196 Simbad - ok
20:28:54.0296 2196 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
20:28:54.0312 2196 SLIP - ok
20:28:54.0609 2196 SNP2STD (97b19508eb11097eac08f0c195ee948d) C:\WINDOWS\system32\DRIVERS\snp2sxp.sys
20:28:54.0921 2196 SNP2STD - ok
20:28:54.0968 2196 Sparrow - ok
20:28:55.0000 2196 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
20:28:55.0015 2196 splitter - ok
20:28:55.0078 2196 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
20:28:55.0078 2196 Spooler - ok
20:28:55.0093 2196 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
20:28:55.0093 2196 sr - ok
20:28:55.0140 2196 srservice (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
20:28:55.0156 2196 srservice - ok
20:28:55.0218 2196 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
20:28:55.0234 2196 Srv - ok
20:28:55.0265 2196 ssadbus (406776fe3c2b66796bac1a7afb9ac8a1) C:\WINDOWS\system32\DRIVERS\ssadbus.sys
20:28:55.0281 2196 ssadbus - ok
20:28:55.0328 2196 ssadmdfl (b19532d015a5d295e2aa34bb521202cf) C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
20:28:55.0328 2196 ssadmdfl - ok
20:28:55.0375 2196 ssadmdm (2aebf9108e6f435458b9499c27394da4) C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
20:28:55.0390 2196 ssadmdm - ok
20:28:55.0453 2196 SSDPSRV (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
20:28:55.0453 2196 SSDPSRV - ok
20:28:55.0500 2196 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
20:28:55.0500 2196 ssmdrv - ok
20:28:55.0593 2196 stisvc (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
20:28:55.0593 2196 stisvc - ok
20:28:55.0656 2196 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
20:28:55.0671 2196 streamip - ok
20:28:55.0718 2196 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:28:55.0734 2196 swenum - ok
20:28:55.0750 2196 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
20:28:55.0750 2196 swmidi - ok
20:28:55.0796 2196 SwPrv - ok
20:28:55.0828 2196 symc810 - ok
20:28:55.0843 2196 symc8xx - ok
20:28:55.0875 2196 sym_hi - ok
20:28:55.0906 2196 sym_u3 - ok
20:28:55.0968 2196 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
20:28:55.0968 2196 sysaudio - ok
20:28:56.0015 2196 SysmonLog (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
20:28:56.0031 2196 SysmonLog - ok
20:28:56.0093 2196 TapiSrv (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
20:28:56.0093 2196 TapiSrv - ok
20:28:56.0171 2196 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:28:56.0187 2196 Tcpip - ok
20:28:56.0234 2196 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:28:56.0234 2196 TDPIPE - ok
20:28:56.0281 2196 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
20:28:56.0281 2196 TDTCP - ok
20:28:56.0312 2196 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:28:56.0328 2196 TermDD - ok
20:28:56.0375 2196 TermService (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
20:28:56.0375 2196 TermService - ok
20:28:56.0437 2196 Themes (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:28:56.0453 2196 Themes - ok
20:28:56.0484 2196 TlntSvr (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\system32\tlntsvr.exe
20:28:56.0484 2196 TlntSvr - ok
20:28:56.0500 2196 TosIde - ok
20:28:56.0531 2196 TrkWks (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
20:28:56.0531 2196 TrkWks - ok
20:28:56.0562 2196 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
20:28:56.0578 2196 Udfs - ok
20:28:56.0656 2196 UI Assistant Service (13bff97e926bf8d9c1230cecc371a0c0) C:\Programme\1&1 Surf-Stick\AssistantServices.exe
20:28:56.0656 2196 UI Assistant Service - ok
20:28:56.0671 2196 ultra - ok
20:28:56.0703 2196 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
20:28:56.0718 2196 Update - ok
20:28:56.0734 2196 upnphost (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
20:28:56.0750 2196 upnphost - ok
20:28:56.0781 2196 UPS (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
20:28:56.0796 2196 UPS - ok
20:28:56.0828 2196 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:28:56.0828 2196 usbccgp - ok
20:28:56.0859 2196 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:28:56.0859 2196 usbehci - ok
20:28:56.0875 2196 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:28:56.0890 2196 usbhub - ok
20:28:56.0921 2196 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
20:28:56.0921 2196 usbohci - ok
20:28:56.0953 2196 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:28:56.0953 2196 usbstor - ok
20:28:56.0984 2196 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
20:28:56.0984 2196 VgaSave - ok
20:28:57.0015 2196 ViaIde - ok
20:28:57.0062 2196 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
20:28:57.0062 2196 VolSnap - ok
20:28:57.0109 2196 VSS (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
20:28:57.0125 2196 VSS - ok
20:28:57.0171 2196 W32Time (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
20:28:57.0171 2196 W32Time - ok
20:28:57.0218 2196 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:28:57.0234 2196 Wanarp - ok
20:28:57.0265 2196 wbymj4iz.sys - ok
20:28:57.0296 2196 WDICA - ok
20:28:57.0359 2196 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
20:28:57.0359 2196 wdmaud - ok
20:28:57.0390 2196 WebClient (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
20:28:57.0406 2196 WebClient - ok
20:28:57.0453 2196 winmgmt (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
20:28:57.0453 2196 winmgmt - ok
20:28:57.0515 2196 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\mspmsnsv.dll
20:28:57.0531 2196 WmdmPmSN - ok
20:28:57.0593 2196 Wmi (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
20:28:57.0625 2196 Wmi - ok
20:28:57.0703 2196 WmiApSrv (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:28:57.0703 2196 WmiApSrv - ok
20:28:57.0812 2196 WMPNetworkSvc (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
20:28:57.0906 2196 WMPNetworkSvc - ok
20:28:57.0984 2196 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
20:28:57.0984 2196 WpdUsb - ok
20:28:58.0171 2196 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:28:58.0187 2196 WPFFontCache_v0400 - ok
20:28:58.0218 2196 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:28:58.0218 2196 WS2IFSL - ok
20:28:58.0250 2196 wscsvc (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
20:28:58.0250 2196 wscsvc - ok
20:28:58.0265 2196 WSearch - ok
20:28:58.0328 2196 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
20:28:58.0328 2196 WSTCODEC - ok
20:28:58.0375 2196 wuauserv (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
20:28:58.0390 2196 wuauserv - ok
20:28:58.0437 2196 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:28:58.0437 2196 WudfPf - ok
20:28:58.0500 2196 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:28:58.0515 2196 WudfRd - ok
20:28:58.0593 2196 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
20:28:58.0593 2196 WudfSvc - ok
20:28:58.0640 2196 WZCSVC (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
20:28:58.0656 2196 WZCSVC - ok
20:28:58.0687 2196 xmlprov (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
20:28:58.0703 2196 xmlprov - ok
20:28:58.0734 2196 xpsec - ok
20:28:58.0812 2196 yukonwxp (4322c32ced8c4772e039616dcbf01d3f) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
20:28:58.0828 2196 yukonwxp - ok
20:28:58.0906 2196 ZTEusbmdm6k (616b411bfc0e9f535a436759f19b79d8) C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys
20:28:58.0906 2196 ZTEusbmdm6k - ok
20:28:58.0953 2196 ZTEusbnmea (616b411bfc0e9f535a436759f19b79d8) C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys
20:28:58.0953 2196 ZTEusbnmea - ok
20:28:59.0000 2196 ZTEusbser6k (616b411bfc0e9f535a436759f19b79d8) C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys
20:28:59.0000 2196 ZTEusbser6k - ok
20:28:59.0031 2196 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
20:28:59.0125 2196 \Device\Harddisk0\DR0 - ok
20:28:59.0125 2196 Boot (0x1200) (52f8e7d5a3c4541149f103f5aa567709) \Device\Harddisk0\DR0\Partition0
20:28:59.0125 2196 \Device\Harddisk0\DR0\Partition0 - ok
20:28:59.0125 2196 ============================================================
20:28:59.0125 2196 Scan finished
20:28:59.0125 2196 ============================================================
20:28:59.0140 2356 Detected object count: 0
20:28:59.0140 2356 Actual detected object count: 0
20:29:03.0968 2524 ============================================================
20:29:03.0968 2524 Scan started
20:29:03.0968 2524 Mode: Manual;
20:29:03.0968 2524 ============================================================
20:29:04.0109 2524 Abiosdsk - ok
20:29:04.0125 2524 abp480n5 - ok
20:29:04.0171 2524 ACDaemon - ok
20:29:04.0218 2524 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:29:04.0218 2524 ACPI - ok
20:29:04.0250 2524 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
20:29:04.0250 2524 ACPIEC - ok
20:29:04.0281 2524 adpu160m - ok
20:29:04.0296 2524 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
20:29:04.0296 2524 aec - ok
20:29:04.0343 2524 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\WINDOWS\system32\drivers\Afc.sys
20:29:04.0343 2524 Afc - ok
20:29:04.0390 2524 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
20:29:04.0390 2524 AFD - ok
20:29:04.0421 2524 Aha154x - ok
20:29:04.0437 2524 aic78u2 - ok
20:29:04.0468 2524 aic78xx - ok
20:29:04.0531 2524 Alerter (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
20:29:04.0531 2524 Alerter - ok
20:29:04.0578 2524 ALG (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
20:29:04.0578 2524 ALG - ok
20:29:04.0593 2524 AliIde - ok
20:29:04.0671 2524 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
20:29:04.0687 2524 Ambfilt - ok
20:29:04.0796 2524 AmdPPM (033448d435e65c4bd72e70521fd05c76) C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
20:29:04.0796 2524 AmdPPM - ok
20:29:04.0812 2524 amsint - ok
20:29:04.0890 2524 AntiVirSchedulerService (c27d46b06d340293670450fce9dfb166) C:\Programme\Avira\AntiVir Desktop\sched.exe
20:29:04.0890 2524 AntiVirSchedulerService - ok
20:29:04.0906 2524 AntiVirService (72d90e56563165984224493069c69ed4) C:\Programme\Avira\AntiVir Desktop\avguard.exe
20:29:04.0906 2524 AntiVirService - ok
20:29:04.0968 2524 AppMgmt (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
20:29:04.0968 2524 AppMgmt - ok
20:29:05.0031 2524 ArcSoftKsUFilter (bf8470e29873dd3f725f18709928c85f) C:\WINDOWS\system32\DRIVERS\ArcSoftKsUFilter.sys
20:29:05.0031 2524 ArcSoftKsUFilter - ok
20:29:05.0062 2524 asc - ok
20:29:05.0109 2524 asc3350p - ok
20:29:05.0156 2524 asc3550 - ok
20:29:05.0234 2524 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:29:05.0250 2524 aspnet_state - ok
20:29:05.0281 2524 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:29:05.0281 2524 AsyncMac - ok
20:29:05.0328 2524 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:29:05.0328 2524 atapi - ok
20:29:05.0343 2524 Atdisk - ok
20:29:05.0406 2524 Ati HotKey Poller (bf4690ff029aaec1266f32bb3e9633e8) C:\WINDOWS\system32\Ati2evxx.exe
20:29:05.0421 2524 Ati HotKey Poller - ok
20:29:05.0468 2524 ATI Smart (fb796f8fe747225756b870e9564a469c) C:\WINDOWS\system32\ati2sgag.exe
20:29:05.0468 2524 ATI Smart - ok
20:29:05.0671 2524 ati2mtag (f27a0b0d1373d36d866f29b434b7aa92) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
20:29:05.0734 2524 ati2mtag - ok
20:29:05.0843 2524 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:29:05.0843 2524 Atmarpc - ok
20:29:05.0906 2524 AudioSrv (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
20:29:05.0906 2524 AudioSrv - ok
20:29:05.0937 2524 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:29:05.0937 2524 audstub - ok
20:29:06.0000 2524 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Programme\Avira\AntiVir Desktop\avgio.sys
20:29:06.0000 2524 avgio - ok
20:29:06.0015 2524 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
20:29:06.0015 2524 avgntflt - ok
20:29:06.0046 2524 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
20:29:06.0046 2524 avipbb - ok
20:29:06.0093 2524 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:29:06.0093 2524 Beep - ok
20:29:06.0156 2524 BITS (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
20:29:06.0156 2524 BITS - ok
20:29:06.0187 2524 Browser (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
20:29:06.0187 2524 Browser - ok
20:29:06.0187 2524 catchme - ok
20:29:06.0218 2524 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:29:06.0218 2524 cbidf2k - ok
20:29:06.0281 2524 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
20:29:06.0281 2524 CCDECODE - ok
20:29:06.0312 2524 cd20xrnt - ok
20:29:06.0359 2524 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:29:06.0359 2524 Cdaudio - ok
20:29:06.0406 2524 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
20:29:06.0406 2524 Cdfs - ok
20:29:06.0421 2524 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:29:06.0437 2524 Cdrom - ok
20:29:06.0468 2524 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
20:29:06.0468 2524 cercsr6 - ok
20:29:06.0500 2524 Changer - ok
20:29:06.0562 2524 CiSvc (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
20:29:06.0562 2524 CiSvc - ok
20:29:06.0593 2524 ClipSrv (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
20:29:06.0593 2524 ClipSrv - ok
20:29:06.0671 2524 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:29:06.0671 2524 clr_optimization_v2.0.50727_32 - ok
20:29:06.0734 2524 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:29:06.0734 2524 clr_optimization_v4.0.30319_32 - ok
20:29:06.0750 2524 CmdIde - ok
20:29:06.0765 2524 COMSysApp - ok
20:29:06.0781 2524 Cpqarray - ok
20:29:06.0812 2524 CryptSvc (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
20:29:06.0812 2524 CryptSvc - ok
20:29:06.0843 2524 dac2w2k - ok
20:29:06.0875 2524 dac960nt - ok
20:29:06.0937 2524 DcomLaunch (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
20:29:06.0937 2524 DcomLaunch - ok
20:29:06.0968 2524 dgderdrv (d0d4f3ca1d3a4400e1f40f36a800cd12) C:\WINDOWS\system32\drivers\dgderdrv.sys
20:29:06.0968 2524 dgderdrv - ok
20:29:07.0000 2524 dgdersvc (1f7baca7d1dd1b3d73b4c3934148fad3) C:\WINDOWS\system32\dgdersvc.exe
20:29:07.0000 2524 dgdersvc - ok
20:29:07.0031 2524 Dhcp (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
20:29:07.0031 2524 Dhcp - ok
20:29:07.0046 2524 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
20:29:07.0046 2524 Disk - ok
20:29:07.0078 2524 dmadmin - ok
20:29:07.0125 2524 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
20:29:07.0140 2524 dmboot - ok
20:29:07.0171 2524 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
20:29:07.0171 2524 dmio - ok
20:29:07.0203 2524 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:29:07.0203 2524 dmload - ok
20:29:07.0250 2524 dmserver (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
20:29:07.0250 2524 dmserver - ok
20:29:07.0296 2524 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
20:29:07.0296 2524 DMusic - ok
20:29:07.0328 2524 Dnscache (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
20:29:07.0343 2524 Dnscache - ok
20:29:07.0390 2524 Dot3svc (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
20:29:07.0390 2524 Dot3svc - ok
20:29:07.0406 2524 dpti2o - ok
20:29:07.0437 2524 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
20:29:07.0437 2524 drmkaud - ok
20:29:07.0437 2524 EagleNT - ok
20:29:07.0500 2524 EapHost (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
20:29:07.0500 2524 EapHost - ok
20:29:07.0546 2524 ERSvc (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
20:29:07.0546 2524 ERSvc - ok
20:29:07.0609 2524 Eventlog (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
20:29:07.0609 2524 Eventlog - ok
20:29:07.0656 2524 EventSystem (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
20:29:07.0656 2524 EventSystem - ok
20:29:07.0718 2524 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
20:29:07.0718 2524 Fastfat - ok
20:29:07.0765 2524 FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:29:07.0781 2524 FastUserSwitchingCompatibility - ok
20:29:07.0828 2524 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
20:29:07.0828 2524 Fdc - ok
20:29:07.0859 2524 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
20:29:07.0859 2524 Fips - ok
20:29:07.0875 2524 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
20:29:07.0875 2524 Flpydisk - ok
20:29:07.0937 2524 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
20:29:07.0937 2524 FltMgr - ok
20:29:08.0015 2524 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:29:08.0015 2524 FontCache3.0.0.0 - ok
20:29:08.0062 2524 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:29:08.0062 2524 Fs_Rec - ok
20:29:08.0093 2524 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:29:08.0093 2524 Ftdisk - ok
20:29:08.0109 2524 FWLANUSB - ok
20:29:08.0187 2524 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:29:08.0187 2524 Gpc - ok
20:29:08.0218 2524 gupdate - ok
20:29:08.0218 2524 gupdatem - ok
20:29:08.0281 2524 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:29:08.0281 2524 HDAudBus - ok
20:29:08.0375 2524 helpsvc (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:29:08.0375 2524 helpsvc - ok
20:29:08.0375 2524 HidServ - ok
20:29:08.0421 2524 hkmsvc (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
20:29:08.0421 2524 hkmsvc - ok
20:29:08.0437 2524 hpn - ok
20:29:08.0500 2524 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
20:29:08.0500 2524 HTTP - ok
20:29:08.0562 2524 HTTPFilter (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
20:29:08.0562 2524 HTTPFilter - ok
20:29:08.0562 2524 i2omgmt - ok
20:29:08.0593 2524 i2omp - ok
20:29:08.0656 2524 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:29:08.0656 2524 i8042prt - ok
20:29:08.0703 2524 ICQ Service - ok
20:29:08.0781 2524 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:29:08.0796 2524 idsvc - ok
20:29:08.0812 2524 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:29:08.0812 2524 Imapi - ok
20:29:08.0859 2524 ImapiService (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
20:29:08.0859 2524 ImapiService - ok
20:29:08.0875 2524 ini910u - ok
20:29:09.0062 2524 IntcAzAudAddService (4716f7ee8fb7fd02596ece1ec70aff53) C:\WINDOWS\system32\drivers\RtkHDAud.sys
20:29:09.0109 2524 IntcAzAudAddService - ok
20:29:09.0140 2524 IntelIde - ok
20:29:09.0187 2524 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
20:29:09.0187 2524 Ip6Fw - ok
20:29:09.0265 2524 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:29:09.0265 2524 IpFilterDriver - ok
20:29:09.0296 2524 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:29:09.0296 2524 IpInIp - ok
20:29:09.0312 2524 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:29:09.0312 2524 IpNat - ok
20:29:09.0343 2524 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:29:09.0343 2524 IPSec - ok
20:29:09.0390 2524 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:29:09.0390 2524 IRENUM - ok
20:29:09.0421 2524 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:29:09.0421 2524 isapnp - ok
20:29:09.0531 2524 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Programme\Java\jre6\bin\jqs.exe
20:29:09.0546 2524 JavaQuickStarterService - ok
20:29:09.0578 2524 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:29:09.0578 2524 Kbdclass - ok
20:29:09.0609 2524 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
20:29:09.0609 2524 kmixer - ok
20:29:09.0656 2524 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
20:29:09.0656 2524 KSecDD - ok
20:29:09.0703 2524 lanmanserver (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
20:29:09.0703 2524 lanmanserver - ok
20:29:09.0796 2524 lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
20:29:09.0796 2524 lanmanworkstation - ok
20:29:09.0812 2524 lbrtfdc - ok
20:29:09.0875 2524 LmHosts (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
20:29:09.0875 2524 LmHosts - ok
20:29:09.0890 2524 massfilter (09721f2c56681a83c93ecdfab8b102a9) C:\WINDOWS\system32\drivers\massfilter.sys
20:29:09.0890 2524 massfilter - ok
20:29:09.0921 2524 Messenger (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
20:29:09.0937 2524 Messenger - ok
20:29:09.0984 2524 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:29:09.0984 2524 mnmdd - ok
20:29:10.0015 2524 mnmsrvc (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
20:29:10.0015 2524 mnmsrvc - ok
20:29:10.0046 2524 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
20:29:10.0046 2524 Modem - ok
20:29:10.0109 2524 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
20:29:10.0125 2524 Monfilt - ok
20:29:10.0156 2524 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:29:10.0156 2524 Mouclass - ok
20:29:10.0187 2524 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
20:29:10.0187 2524 MountMgr - ok
20:29:10.0203 2524 mraid35x - ok
20:29:10.0234 2524 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:29:10.0234 2524 MRxDAV - ok
20:29:10.0296 2524 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:29:10.0296 2524 MRxSmb - ok
20:29:10.0343 2524 MSDTC (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
20:29:10.0343 2524 MSDTC - ok
20:29:10.0375 2524 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
20:29:10.0375 2524 Msfs - ok
20:29:10.0406 2524 MSIServer - ok
20:29:10.0453 2524 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:29:10.0453 2524 MSKSSRV - ok
20:29:10.0500 2524 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:29:10.0500 2524 MSPCLOCK - ok
20:29:10.0546 2524 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
20:29:10.0546 2524 MSPQM - ok
20:29:10.0578 2524 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:29:10.0578 2524 mssmbios - ok
20:29:10.0625 2524 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
20:29:10.0625 2524 MSTEE - ok
20:29:10.0703 2524 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
20:29:10.0703 2524 Mup - ok
20:29:10.0734 2524 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
20:29:10.0734 2524 NABTSFEC - ok
20:29:10.0781 2524 napagent (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
20:29:10.0796 2524 napagent - ok
20:29:10.0812 2524 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
20:29:10.0828 2524 NDIS - ok
20:29:10.0859 2524 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
20:29:10.0859 2524 NdisIP - ok
20:29:10.0906 2524 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:29:10.0906 2524 NdisTapi - ok
20:29:10.0937 2524 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:29:10.0937 2524 Ndisuio - ok
20:29:10.0953 2524 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:29:10.0953 2524 NdisWan - ok
20:29:11.0000 2524 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
20:29:11.0000 2524 NDProxy - ok
20:29:11.0031 2524 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
20:29:11.0031 2524 NetBIOS - ok
20:29:11.0062 2524 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
20:29:11.0062 2524 NetBT - ok
20:29:11.0109 2524 NetDDE (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
20:29:11.0109 2524 NetDDE - ok
20:29:11.0125 2524 NetDDEdsdm (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
20:29:11.0125 2524 NetDDEdsdm - ok
20:29:11.0171 2524 Netlogon (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:29:11.0171 2524 Netlogon - ok
20:29:11.0203 2524 Netman (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
20:29:11.0203 2524 Netman - ok
20:29:11.0265 2524 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:29:11.0265 2524 NetTcpPortSharing - ok
20:29:11.0296 2524 Nla (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
20:29:11.0312 2524 Nla - ok
20:29:11.0343 2524 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
20:29:11.0343 2524 Npfs - ok
20:29:11.0359 2524 npggsvc - ok
20:29:11.0390 2524 NPPTNT2 (9131fe60adfab595c8da53ad6a06aa31) C:\WINDOWS\system32\npptNT2.sys
20:29:11.0390 2524 NPPTNT2 - ok
20:29:11.0421 2524 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
20:29:11.0437 2524 Ntfs - ok
20:29:11.0468 2524 NtLmSsp (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:29:11.0468 2524 NtLmSsp - ok
20:29:11.0500 2524 NtmsSvc (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
20:29:11.0500 2524 NtmsSvc - ok
20:29:11.0546 2524 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:29:11.0546 2524 Null - ok
20:29:11.0593 2524 NWCWorkstation (c34a6a72dec2c317d67355dc18f87090) C:\WINDOWS\System32\nwwks.dll
20:29:11.0593 2524 NWCWorkstation - ok
20:29:11.0625 2524 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:29:11.0625 2524 NwlnkFlt - ok
20:29:11.0656 2524 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:29:11.0656 2524 NwlnkFwd - ok
20:29:11.0718 2524 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
20:29:11.0718 2524 NwlnkIpx - ok
20:29:11.0734 2524 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
20:29:11.0734 2524 NwlnkNb - ok
20:29:11.0765 2524 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
20:29:11.0781 2524 NwlnkSpx - ok
20:29:11.0828 2524 NWRDR (36b9b950e3d2e100970a48d8bad86740) C:\WINDOWS\system32\DRIVERS\nwrdr.sys
20:29:11.0828 2524 NWRDR - ok
20:29:11.0843 2524 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
20:29:11.0859 2524 Parport - ok
20:29:11.0875 2524 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
20:29:11.0875 2524 PartMgr - ok
20:29:11.0921 2524 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
20:29:11.0921 2524 ParVdm - ok
20:29:11.0968 2524 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
20:29:11.0968 2524 PCI - ok
20:29:12.0000 2524 PCIDump - ok
20:29:12.0046 2524 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
20:29:12.0046 2524 PCIIde - ok
20:29:12.0109 2524 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
20:29:12.0109 2524 Pcmcia - ok
20:29:12.0140 2524 PDCOMP - ok
20:29:12.0203 2524 PDFRAME - ok
20:29:12.0218 2524 PDRELI - ok
20:29:12.0234 2524 PDRFRAME - ok
20:29:12.0281 2524 perc2 - ok
20:29:12.0312 2524 perc2hib - ok
20:29:12.0359 2524 PlugPlay (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
20:29:12.0375 2524 PlugPlay - ok
20:29:12.0390 2524 PolicyAgent (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:29:12.0390 2524 PolicyAgent - ok
20:29:12.0421 2524 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:29:12.0421 2524 PptpMiniport - ok
20:29:12.0453 2524 Processor (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys
20:29:12.0453 2524 Processor - ok
20:29:12.0468 2524 ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:29:12.0468 2524 ProtectedStorage - ok
20:29:12.0515 2524 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
20:29:12.0515 2524 PSched - ok
20:29:12.0546 2524 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:29:12.0546 2524 Ptilink - ok
20:29:12.0578 2524 ql1080 - ok
20:29:12.0625 2524 Ql10wnt - ok
20:29:12.0656 2524 ql12160 - ok
20:29:12.0671 2524 ql1240 - ok
20:29:12.0718 2524 ql1280 - ok
20:29:12.0750 2524 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:29:12.0750 2524 RasAcd - ok
20:29:12.0812 2524 RasAuto (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
20:29:12.0812 2524 RasAuto - ok
20:29:12.0843 2524 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:29:12.0843 2524 Rasl2tp - ok
20:29:12.0906 2524 RasMan (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
20:29:12.0906 2524 RasMan - ok
20:29:12.0937 2524 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:29:12.0937 2524 RasPppoe - ok
20:29:12.0984 2524 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:29:12.0984 2524 Raspti - ok
20:29:13.0015 2524 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:29:13.0015 2524 Rdbss - ok
20:29:13.0062 2524 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:29:13.0062 2524 RDPCDD - ok
20:29:13.0093 2524 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:29:13.0093 2524 rdpdr - ok
20:29:13.0140 2524 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
20:29:13.0140 2524 RDPWD - ok
20:29:13.0187 2524 RDSessMgr (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
20:29:13.0187 2524 RDSessMgr - ok
20:29:13.0218 2524 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:29:13.0218 2524 redbook - ok
20:29:13.0250 2524 RemoteAccess (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
20:29:13.0250 2524 RemoteAccess - ok
20:29:13.0281 2524 RemoteRegistry (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
20:29:13.0296 2524 RemoteRegistry - ok
20:29:13.0343 2524 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
20:29:13.0343 2524 ROOTMODEM - ok
20:29:13.0390 2524 RpcLocator (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
20:29:13.0390 2524 RpcLocator - ok
20:29:13.0453 2524 RpcSs (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\System32\rpcss.dll
20:29:13.0468 2524 RpcSs - ok
20:29:13.0500 2524 RSVP (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
20:29:13.0500 2524 RSVP - ok
20:29:13.0546 2524 RTL8023xp (8e34400ffc7d647946d9c820678775af) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
20:29:13.0546 2524 RTL8023xp - ok
20:29:13.0609 2524 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
20:29:13.0609 2524 rtl8139 - ok
20:29:13.0656 2524 SamSs (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:29:13.0656 2524 SamSs - ok
20:29:13.0687 2524 SCardSvr (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
20:29:13.0687 2524 SCardSvr - ok
20:29:13.0765 2524 Schedule (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
20:29:13.0781 2524 Schedule - ok
20:29:13.0828 2524 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:29:13.0828 2524 Secdrv - ok
20:29:13.0875 2524 seclogon (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
20:29:13.0875 2524 seclogon - ok
20:29:13.0906 2524 SENS (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
20:29:13.0906 2524 SENS - ok
20:29:13.0937 2524 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
20:29:13.0937 2524 serenum - ok
20:29:13.0968 2524 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
20:29:13.0968 2524 Serial - ok
20:29:14.0015 2524 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
20:29:14.0015 2524 Sfloppy - ok
20:29:14.0046 2524 SharedAccess (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
20:29:14.0062 2524 SharedAccess - ok
20:29:14.0109 2524 ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:29:14.0109 2524 ShellHWDetection - ok
20:29:14.0140 2524 Simbad - ok
20:29:14.0187 2524 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
20:29:14.0187 2524 SLIP - ok
20:29:14.0484 2524 SNP2STD (97b19508eb11097eac08f0c195ee948d) C:\WINDOWS\system32\DRIVERS\snp2sxp.sys
20:29:14.0578 2524 SNP2STD - ok
20:29:14.0609 2524 Sparrow - ok
20:29:14.0671 2524 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
20:29:14.0671 2524 splitter - ok
20:29:14.0734 2524 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
20:29:14.0734 2524 Spooler - ok
20:29:14.0765 2524 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
20:29:14.0765 2524 sr - ok
20:29:14.0796 2524 srservice (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
20:29:14.0812 2524 srservice - ok
20:29:14.0843 2524 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
20:29:14.0843 2524 Srv - ok
20:29:14.0875 2524 ssadbus (406776fe3c2b66796bac1a7afb9ac8a1) C:\WINDOWS\system32\DRIVERS\ssadbus.sys
20:29:14.0875 2524 ssadbus - ok
20:29:14.0921 2524 ssadmdfl (b19532d015a5d295e2aa34bb521202cf) C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
20:29:14.0921 2524 ssadmdfl - ok
20:29:14.0953 2524 ssadmdm (2aebf9108e6f435458b9499c27394da4) C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
20:29:14.0953 2524 ssadmdm - ok
20:29:15.0015 2524 SSDPSRV (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
20:29:15.0015 2524 SSDPSRV - ok
20:29:15.0062 2524 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
20:29:15.0062 2524 ssmdrv - ok
20:29:15.0109 2524 stisvc (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
20:29:15.0125 2524 stisvc - ok
20:29:15.0171 2524 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
20:29:15.0171 2524 streamip - ok
20:29:15.0234 2524 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:29:15.0234 2524 swenum - ok
20:29:15.0265 2524 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
20:29:15.0265 2524 swmidi - ok
20:29:15.0281 2524 SwPrv - ok
20:29:15.0312 2524 symc810 - ok
20:29:15.0343 2524 symc8xx - ok
20:29:15.0359 2524 sym_hi - ok
20:29:15.0390 2524 sym_u3 - ok
20:29:15.0421 2524 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
20:29:15.0421 2524 sysaudio - ok
20:29:15.0453 2524 SysmonLog (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
20:29:15.0453 2524 SysmonLog - ok
20:29:15.0500 2524 TapiSrv (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
20:29:15.0500 2524 TapiSrv - ok
20:29:15.0562 2524 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:29:15.0562 2524 Tcpip - ok
20:29:15.0609 2524 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:29:15.0609 2524 TDPIPE - ok
20:29:15.0656 2524 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
20:29:15.0656 2524 TDTCP - ok
20:29:15.0687 2524 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:29:15.0687 2524 TermDD - ok
20:29:15.0734 2524 TermService (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
20:29:15.0734 2524 TermService - ok
20:29:15.0781 2524 Themes (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:29:15.0796 2524 Themes - ok
20:29:15.0828 2524 TlntSvr (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\system32\tlntsvr.exe
20:29:15.0828 2524 TlntSvr - ok
20:29:15.0859 2524 TosIde - ok
20:29:15.0921 2524 TrkWks (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
20:29:15.0921 2524 TrkWks - ok
20:29:15.0953 2524 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
20:29:15.0953 2524 Udfs - ok
20:29:16.0031 2524 UI Assistant Service (13bff97e926bf8d9c1230cecc371a0c0) C:\Programme\1&1 Surf-Stick\AssistantServices.exe
20:29:16.0031 2524 UI Assistant Service - ok
20:29:16.0062 2524 ultra - ok
20:29:16.0109 2524 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
20:29:16.0109 2524 Update - ok
20:29:16.0140 2524 upnphost (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
20:29:16.0140 2524 upnphost - ok
20:29:16.0187 2524 UPS (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
20:29:16.0187 2524 UPS - ok
20:29:16.0218 2524 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:29:16.0218 2524 usbccgp - ok
20:29:16.0265 2524 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:29:16.0265 2524 usbehci - ok
20:29:16.0296 2524 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:29:16.0296 2524 usbhub - ok
20:29:16.0328 2524 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
20:29:16.0328 2524 usbohci - ok
20:29:16.0359 2524 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:29:16.0359 2524 usbstor - ok
20:29:16.0390 2524 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
20:29:16.0390 2524 VgaSave - ok
20:29:16.0406 2524 ViaIde - ok
20:29:16.0453 2524 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
20:29:16.0453 2524 VolSnap - ok
20:29:16.0484 2524 VSS (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
20:29:16.0484 2524 VSS - ok
20:29:16.0531 2524 W32Time (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
20:29:16.0546 2524 W32Time - ok
20:29:16.0578 2524 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:29:16.0578 2524 Wanarp - ok
20:29:16.0593 2524 wbymj4iz.sys - ok
20:29:16.0625 2524 WDICA - ok
20:29:16.0656 2524 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
20:29:16.0656 2524 wdmaud - ok
20:29:16.0703 2524 WebClient (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
20:29:16.0703 2524 WebClient - ok
20:29:16.0781 2524 winmgmt (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
20:29:16.0781 2524 winmgmt - ok
20:29:16.0843 2524 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\mspmsnsv.dll
20:29:16.0843 2524 WmdmPmSN - ok
20:29:16.0906 2524 Wmi (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
20:29:16.0906 2524 Wmi - ok
20:29:16.0953 2524 WmiApSrv (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:29:16.0953 2524 WmiApSrv - ok
20:29:17.0062 2524 WMPNetworkSvc (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
20:29:17.0078 2524 WMPNetworkSvc - ok
20:29:17.0109 2524 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
20:29:17.0109 2524 WpdUsb - ok
20:29:17.0234 2524 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:29:17.0234 2524 WPFFontCache_v0400 - ok
20:29:17.0281 2524 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:29:17.0281 2524 WS2IFSL - ok
20:29:17.0312 2524 wscsvc (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
20:29:17.0328 2524 wscsvc - ok
20:29:17.0343 2524 WSearch - ok
20:29:17.0390 2524 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
20:29:17.0390 2524 WSTCODEC - ok
20:29:17.0453 2524 wuauserv (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
20:29:17.0453 2524 wuauserv - ok
20:29:17.0484 2524 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:29:17.0484 2524 WudfPf - ok
20:29:17.0515 2524 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:29:17.0515 2524 WudfRd - ok
20:29:17.0562 2524 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
20:29:17.0562 2524 WudfSvc - ok
20:29:17.0625 2524 WZCSVC (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
20:29:17.0625 2524 WZCSVC - ok
20:29:17.0656 2524 xmlprov (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
20:29:17.0671 2524 xmlprov - ok
20:29:17.0671 2524 xpsec - ok
20:29:17.0703 2524 yukonwxp (4322c32ced8c4772e039616dcbf01d3f) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
20:29:17.0718 2524 yukonwxp - ok
20:29:17.0750 2524 ZTEusbmdm6k (616b411bfc0e9f535a436759f19b79d8) C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys
20:29:17.0750 2524 ZTEusbmdm6k - ok
20:29:17.0765 2524 ZTEusbnmea (616b411bfc0e9f535a436759f19b79d8) C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys
20:29:17.0765 2524 ZTEusbnmea - ok
20:29:17.0812 2524 ZTEusbser6k (616b411bfc0e9f535a436759f19b79d8) C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys
20:29:17.0812 2524 ZTEusbser6k - ok
20:29:17.0828 2524 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
20:29:17.0921 2524 \Device\Harddisk0\DR0 - ok
20:29:17.0921 2524 Boot (0x1200) (52f8e7d5a3c4541149f103f5aa567709) \Device\Harddisk0\DR0\Partition0
20:29:17.0921 2524 \Device\Harddisk0\DR0\Partition0 - ok
20:29:17.0937 2524 ============================================================
20:29:17.0937 2524 Scan finished
20:29:17.0937 2524 ============================================================
20:29:17.0937 2488 Detected object count: 0
20:29:17.0937 2488 Actual detected object count: 0
20:29:46.0437 2096 Deinitialize success

Leon3221 17.04.2012 19:39
Das andere und Danke nochmal das du mir bis jetzt so gut geholfen hast:) !



20:22:43.0859 6020 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
20:22:44.0531 6020 ============================================================
20:22:44.0531 6020 Current date / time: 2012/04/17 20:22:44.0531
20:22:44.0531 6020 SystemInfo:
20:22:44.0531 6020
20:22:44.0531 6020 OS Version: 5.1.2600 ServicePack: 3.0
20:22:44.0531 6020 Product type: Workstation
20:22:44.0531 6020 ComputerName: LEON3221
20:22:44.0531 6020 UserName: Leon
20:22:44.0531 6020 Windows directory: C:\WINDOWS
20:22:44.0531 6020 System windows directory: C:\WINDOWS
20:22:44.0531 6020 Processor architecture: Intel x86
20:22:44.0531 6020 Number of processors: 2
20:22:44.0531 6020 Page size: 0x1000
20:22:44.0531 6020 Boot type: Normal boot
20:22:44.0531 6020 ============================================================
20:22:47.0984 6020 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:22:48.0062 6020 \Device\Harddisk0\DR0:
20:22:48.0062 6020 MBR used
20:22:48.0062 6020 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC34F28D
20:22:48.0156 6020 Initialize success
20:22:48.0156 6020 ============================================================
20:22:49.0859 5696 ============================================================
20:22:49.0859 5696 Scan started
20:22:49.0859 5696 Mode: Manual;
20:22:49.0859 5696 ============================================================
20:22:50.0343 5696 Abiosdsk - ok
20:22:50.0359 5696 abp480n5 - ok
20:22:50.0390 5696 ACDaemon - ok
20:22:50.0437 5696 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:22:50.0437 5696 ACPI - ok
20:22:50.0500 5696 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
20:22:50.0500 5696 ACPIEC - ok
20:22:50.0531 5696 adpu160m - ok
20:22:50.0562 5696 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
20:22:50.0562 5696 aec - ok
20:22:50.0640 5696 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\WINDOWS\system32\drivers\Afc.sys
20:22:50.0640 5696 Afc - ok
20:22:50.0687 5696 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
20:22:50.0703 5696 AFD - ok
20:22:50.0750 5696 Aha154x - ok
20:22:50.0781 5696 aic78u2 - ok
20:22:50.0796 5696 aic78xx - ok
20:22:50.0875 5696 Alerter (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
20:22:50.0875 5696 Alerter - ok
20:22:50.0921 5696 ALG (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
20:22:50.0921 5696 ALG - ok
20:22:50.0937 5696 AliIde - ok
20:22:51.0046 5696 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
20:22:51.0093 5696 Ambfilt - ok
20:22:51.0203 5696 AmdPPM (033448d435e65c4bd72e70521fd05c76) C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
20:22:51.0203 5696 AmdPPM - ok
20:22:51.0218 5696 amsint - ok
20:22:51.0296 5696 AntiVirSchedulerService (c27d46b06d340293670450fce9dfb166) C:\Programme\Avira\AntiVir Desktop\sched.exe
20:22:51.0296 5696 AntiVirSchedulerService - ok
20:22:51.0312 5696 AntiVirService (72d90e56563165984224493069c69ed4) C:\Programme\Avira\AntiVir Desktop\avguard.exe
20:22:51.0312 5696 AntiVirService - ok
20:22:51.0375 5696 AppMgmt (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
20:22:51.0375 5696 AppMgmt - ok
20:22:51.0437 5696 ArcSoftKsUFilter (bf8470e29873dd3f725f18709928c85f) C:\WINDOWS\system32\DRIVERS\ArcSoftKsUFilter.sys
20:22:51.0437 5696 ArcSoftKsUFilter - ok
20:22:51.0468 5696 asc - ok
20:22:51.0515 5696 asc3350p - ok
20:22:51.0562 5696 asc3550 - ok
20:22:51.0640 5696 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:22:51.0640 5696 aspnet_state - ok
20:22:51.0703 5696 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:22:51.0703 5696 AsyncMac - ok
20:22:51.0750 5696 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:22:51.0750 5696 atapi - ok
20:22:51.0765 5696 Atdisk - ok
20:22:51.0843 5696 Ati HotKey Poller (bf4690ff029aaec1266f32bb3e9633e8) C:\WINDOWS\system32\Ati2evxx.exe
20:22:51.0859 5696 Ati HotKey Poller - ok
20:22:51.0937 5696 ATI Smart (fb796f8fe747225756b870e9564a469c) C:\WINDOWS\system32\ati2sgag.exe
20:22:51.0937 5696 ATI Smart - ok
20:22:52.0171 5696 ati2mtag (f27a0b0d1373d36d866f29b434b7aa92) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
20:22:52.0328 5696 ati2mtag - ok
20:22:52.0390 5696 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:22:52.0390 5696 Atmarpc - ok
20:22:52.0453 5696 AudioSrv (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
20:22:52.0453 5696 AudioSrv - ok
20:22:52.0484 5696 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:22:52.0484 5696 audstub - ok
20:22:52.0546 5696 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Programme\Avira\AntiVir Desktop\avgio.sys
20:22:52.0562 5696 avgio - ok
20:22:52.0593 5696 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
20:22:52.0609 5696 avgntflt - ok
20:22:52.0640 5696 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
20:22:52.0640 5696 avipbb - ok
20:22:52.0703 5696 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:22:52.0703 5696 Beep - ok
20:22:52.0750 5696 BITS (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
20:22:52.0765 5696 BITS - ok
20:22:52.0859 5696 Browser (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
20:22:52.0859 5696 Browser - ok
20:22:52.0859 5696 catchme - ok
20:22:52.0906 5696 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:22:52.0906 5696 cbidf2k - ok
20:22:52.0953 5696 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
20:22:52.0953 5696 CCDECODE - ok
20:22:53.0000 5696 cd20xrnt - ok
20:22:53.0031 5696 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:22:53.0062 5696 Cdaudio - ok
20:22:53.0109 5696 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
20:22:53.0140 5696 Cdfs - ok
20:22:53.0218 5696 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:22:53.0218 5696 Cdrom - ok
20:22:53.0265 5696 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
20:22:53.0281 5696 cercsr6 - ok
20:22:53.0312 5696 Changer - ok
20:22:53.0375 5696 CiSvc (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
20:22:53.0375 5696 CiSvc - ok
20:22:53.0421 5696 ClipSrv (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
20:22:53.0421 5696 ClipSrv - ok
20:22:53.0500 5696 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:22:53.0500 5696 clr_optimization_v2.0.50727_32 - ok
20:22:53.0546 5696 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:22:53.0546 5696 clr_optimization_v4.0.30319_32 - ok
20:22:53.0578 5696 CmdIde - ok
20:22:53.0609 5696 COMSysApp - ok
20:22:53.0671 5696 Cpqarray - ok
20:22:53.0718 5696 CryptSvc (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
20:22:53.0718 5696 CryptSvc - ok
20:22:53.0750 5696 dac2w2k - ok
20:22:53.0765 5696 dac960nt - ok
20:22:53.0843 5696 DcomLaunch (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
20:22:53.0859 5696 DcomLaunch - ok
20:22:53.0906 5696 dgderdrv (d0d4f3ca1d3a4400e1f40f36a800cd12) C:\WINDOWS\system32\drivers\dgderdrv.sys
20:22:53.0906 5696 dgderdrv - ok
20:22:53.0953 5696 dgdersvc (1f7baca7d1dd1b3d73b4c3934148fad3) C:\WINDOWS\system32\dgdersvc.exe
20:22:53.0953 5696 dgdersvc - ok
20:22:54.0000 5696 Dhcp (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
20:22:54.0000 5696 Dhcp - ok
20:22:54.0031 5696 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
20:22:54.0031 5696 Disk - ok
20:22:54.0046 5696 dmadmin - ok
20:22:54.0125 5696 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
20:22:54.0156 5696 dmboot - ok
20:22:54.0234 5696 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
20:22:54.0265 5696 dmio - ok
20:22:54.0296 5696 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:22:54.0312 5696 dmload - ok
20:22:54.0359 5696 dmserver (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
20:22:54.0359 5696 dmserver - ok
20:22:54.0390 5696 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
20:22:54.0390 5696 DMusic - ok
20:22:54.0437 5696 Dnscache (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
20:22:54.0437 5696 Dnscache - ok
20:22:54.0484 5696 Dot3svc (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
20:22:54.0484 5696 Dot3svc - ok
20:22:54.0500 5696 dpti2o - ok
20:22:54.0515 5696 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
20:22:54.0515 5696 drmkaud - ok
20:22:54.0562 5696 EagleNT - ok
20:22:54.0609 5696 EapHost (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
20:22:54.0609 5696 EapHost - ok
20:22:54.0656 5696 ERSvc (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
20:22:54.0656 5696 ERSvc - ok
20:22:54.0718 5696 Eventlog (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
20:22:54.0718 5696 Eventlog - ok
20:22:54.0750 5696 EventSystem (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
20:22:54.0765 5696 EventSystem - ok
20:22:54.0812 5696 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
20:22:54.0843 5696 Fastfat - ok
20:22:54.0921 5696 FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:22:54.0921 5696 FastUserSwitchingCompatibility - ok
20:22:54.0968 5696 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
20:22:54.0968 5696 Fdc - ok
20:22:54.0984 5696 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
20:22:55.0015 5696 Fips - ok
20:22:55.0046 5696 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
20:22:55.0062 5696 Flpydisk - ok
20:22:55.0125 5696 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
20:22:55.0125 5696 FltMgr - ok
20:22:55.0218 5696 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:22:55.0218 5696 FontCache3.0.0.0 - ok
20:22:55.0250 5696 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:22:55.0343 5696 Fs_Rec - ok
20:22:55.0375 5696 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:22:55.0375 5696 Ftdisk - ok
20:22:55.0390 5696 FWLANUSB - ok
20:22:55.0421 5696 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:22:55.0421 5696 Gpc - ok
20:22:55.0453 5696 gupdate - ok
20:22:55.0453 5696 gupdatem - ok
20:22:55.0531 5696 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:22:55.0531 5696 HDAudBus - ok
20:22:55.0593 5696 helpsvc (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:22:55.0593 5696 helpsvc - ok
20:22:55.0609 5696 HidServ - ok
20:22:55.0671 5696 hkmsvc (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
20:22:55.0671 5696 hkmsvc - ok
20:22:55.0703 5696 hpn - ok
20:22:55.0765 5696 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
20:22:55.0781 5696 HTTP - ok
20:22:55.0828 5696 HTTPFilter (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
20:22:55.0828 5696 HTTPFilter - ok
20:22:55.0859 5696 i2omgmt - ok
20:22:55.0906 5696 i2omp - ok
20:22:55.0968 5696 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:22:55.0968 5696 i8042prt - ok
20:22:56.0000 5696 ICQ Service - ok
20:22:56.0109 5696 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:22:56.0234 5696 idsvc - ok
20:22:56.0500 5696 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:22:56.0531 5696 Imapi - ok
20:22:56.0703 5696 ImapiService (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
20:22:56.0703 5696 ImapiService - ok
20:22:56.0718 5696 ini910u - ok
20:22:56.0921 5696 IntcAzAudAddService (4716f7ee8fb7fd02596ece1ec70aff53) C:\WINDOWS\system32\drivers\RtkHDAud.sys
20:22:57.0046 5696 IntcAzAudAddService - ok
20:22:57.0093 5696 IntelIde - ok
20:22:57.0156 5696 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
20:22:57.0156 5696 Ip6Fw - ok
20:22:57.0218 5696 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:22:57.0234 5696 IpFilterDriver - ok
20:22:57.0265 5696 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:22:57.0265 5696 IpInIp - ok
20:22:57.0296 5696 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:22:57.0296 5696 IpNat - ok
20:22:57.0328 5696 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:22:57.0328 5696 IPSec - ok
20:22:57.0359 5696 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:22:57.0359 5696 IRENUM - ok
20:22:57.0390 5696 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:22:57.0406 5696 isapnp - ok
20:22:57.0531 5696 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Programme\Java\jre6\bin\jqs.exe
20:22:57.0531 5696 JavaQuickStarterService - ok
20:22:57.0578 5696 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:22:57.0578 5696 Kbdclass - ok
20:22:57.0609 5696 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
20:22:57.0609 5696 kmixer - ok
20:22:57.0656 5696 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
20:22:57.0671 5696 KSecDD - ok
20:22:57.0734 5696 lanmanserver (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
20:22:57.0734 5696 lanmanserver - ok
20:22:57.0781 5696 lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
20:22:57.0796 5696 lanmanworkstation - ok
20:22:57.0796 5696 lbrtfdc - ok
20:22:57.0843 5696 LmHosts (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
20:22:57.0843 5696 LmHosts - ok
20:22:57.0875 5696 massfilter (09721f2c56681a83c93ecdfab8b102a9) C:\WINDOWS\system32\drivers\massfilter.sys
20:22:57.0875 5696 massfilter - ok
20:22:57.0921 5696 Messenger (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
20:22:57.0921 5696 Messenger - ok
20:22:57.0984 5696 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:22:58.0000 5696 mnmdd - ok
20:22:58.0031 5696 mnmsrvc (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
20:22:58.0031 5696 mnmsrvc - ok
20:22:58.0046 5696 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
20:22:58.0062 5696 Modem - ok
20:22:58.0140 5696 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
20:22:58.0187 5696 Monfilt - ok
20:22:58.0234 5696 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:22:58.0234 5696 Mouclass - ok
20:22:58.0250 5696 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
20:22:58.0265 5696 MountMgr - ok
20:22:58.0296 5696 mraid35x - ok
20:22:58.0343 5696 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:22:58.0343 5696 MRxDAV - ok
20:22:58.0406 5696 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:22:58.0421 5696 MRxSmb - ok
20:22:58.0578 5696 MSDTC (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
20:22:58.0578 5696 MSDTC - ok
20:22:58.0609 5696 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
20:22:58.0609 5696 Msfs - ok
20:22:58.0625 5696 MSIServer - ok
20:22:58.0656 5696 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:22:58.0656 5696 MSKSSRV - ok
20:22:58.0703 5696 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:22:58.0703 5696 MSPCLOCK - ok
20:22:58.0750 5696 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
20:22:58.0750 5696 MSPQM - ok
20:22:58.0781 5696 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:22:58.0781 5696 mssmbios - ok
20:22:58.0828 5696 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
20:22:58.0828 5696 MSTEE - ok
20:22:58.0890 5696 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
20:22:58.0921 5696 Mup - ok
20:22:58.0984 5696 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
20:22:58.0984 5696 NABTSFEC - ok
20:22:59.0031 5696 napagent (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
20:22:59.0046 5696 napagent - ok
20:22:59.0109 5696 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
20:22:59.0109 5696 NDIS - ok
20:22:59.0187 5696 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
20:22:59.0187 5696 NdisIP - ok
20:22:59.0234 5696 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:22:59.0234 5696 NdisTapi - ok
20:22:59.0265 5696 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:22:59.0265 5696 Ndisuio - ok
20:22:59.0281 5696 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:22:59.0281 5696 NdisWan - ok
20:22:59.0328 5696 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
20:22:59.0328 5696 NDProxy - ok
20:22:59.0359 5696 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
20:22:59.0359 5696 NetBIOS - ok
20:22:59.0406 5696 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
20:22:59.0406 5696 NetBT - ok
20:22:59.0468 5696 NetDDE (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
20:22:59.0468 5696 NetDDE - ok
20:22:59.0468 5696 NetDDEdsdm (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
20:22:59.0468 5696 NetDDEdsdm - ok
20:22:59.0531 5696 Netlogon (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:22:59.0531 5696 Netlogon - ok
20:22:59.0593 5696 Netman (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
20:22:59.0609 5696 Netman - ok
20:22:59.0671 5696 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:22:59.0671 5696 NetTcpPortSharing - ok
20:22:59.0734 5696 Nla (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
20:22:59.0750 5696 Nla - ok
20:22:59.0781 5696 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
20:22:59.0812 5696 Npfs - ok
20:22:59.0843 5696 npggsvc - ok
20:22:59.0921 5696 NPPTNT2 (9131fe60adfab595c8da53ad6a06aa31) C:\WINDOWS\system32\npptNT2.sys
20:22:59.0921 5696 NPPTNT2 - ok
20:22:59.0968 5696 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
20:22:59.0984 5696 Ntfs - ok
20:23:00.0031 5696 NtLmSsp (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:23:00.0031 5696 NtLmSsp - ok
20:23:00.0078 5696 NtmsSvc (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
20:23:00.0078 5696 NtmsSvc - ok
20:23:00.0109 5696 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:23:00.0109 5696 Null - ok
20:23:00.0140 5696 NWCWorkstation (c34a6a72dec2c317d67355dc18f87090) C:\WINDOWS\System32\nwwks.dll
20:23:00.0156 5696 NWCWorkstation - ok
20:23:00.0187 5696 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:23:00.0187 5696 NwlnkFlt - ok
20:23:00.0234 5696 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:23:00.0234 5696 NwlnkFwd - ok
20:23:00.0281 5696 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
20:23:00.0281 5696 NwlnkIpx - ok
20:23:00.0312 5696 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
20:23:00.0312 5696 NwlnkNb - ok
20:23:00.0343 5696 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
20:23:00.0343 5696 NwlnkSpx - ok
20:23:00.0390 5696 NWRDR (36b9b950e3d2e100970a48d8bad86740) C:\WINDOWS\system32\DRIVERS\nwrdr.sys
20:23:00.0390 5696 NWRDR - ok
20:23:00.0421 5696 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
20:23:00.0421 5696 Parport - ok
20:23:00.0437 5696 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
20:23:00.0453 5696 PartMgr - ok
20:23:00.0500 5696 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
20:23:00.0500 5696 ParVdm - ok
20:23:00.0531 5696 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
20:23:00.0531 5696 PCI - ok
20:23:00.0546 5696 PCIDump - ok
20:23:00.0671 5696 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
20:23:00.0671 5696 PCIIde - ok
20:23:00.0718 5696 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
20:23:00.0718 5696 Pcmcia - ok
20:23:00.0750 5696 PDCOMP - ok
20:23:00.0765 5696 PDFRAME - ok
20:23:00.0781 5696 PDRELI - ok
20:23:00.0796 5696 PDRFRAME - ok
20:23:00.0828 5696 perc2 - ok
20:23:00.0859 5696 perc2hib - ok
20:23:00.0921 5696 PlugPlay (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
20:23:00.0921 5696 PlugPlay - ok
20:23:00.0937 5696 PolicyAgent (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:23:00.0937 5696 PolicyAgent - ok
20:23:00.0984 5696 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:23:00.0984 5696 PptpMiniport - ok
20:23:01.0000 5696 Processor (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys
20:23:01.0000 5696 Processor - ok
20:23:01.0031 5696 ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:23:01.0031 5696 ProtectedStorage - ok
20:23:01.0062 5696 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
20:23:01.0062 5696 PSched - ok
20:23:01.0093 5696 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:23:01.0093 5696 Ptilink - ok
20:23:01.0125 5696 ql1080 - ok
20:23:01.0140 5696 Ql10wnt - ok
20:23:01.0171 5696 ql12160 - ok
20:23:01.0203 5696 ql1240 - ok
20:23:01.0234 5696 ql1280 - ok
20:23:01.0265 5696 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:23:01.0265 5696 RasAcd - ok
20:23:01.0328 5696 RasAuto (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
20:23:01.0328 5696 RasAuto - ok
20:23:01.0359 5696 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:23:01.0359 5696 Rasl2tp - ok
20:23:01.0406 5696 RasMan (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
20:23:01.0406 5696 RasMan - ok
20:23:01.0406 5696 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:23:01.0421 5696 RasPppoe - ok
20:23:01.0453 5696 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:23:01.0453 5696 Raspti - ok
20:23:01.0468 5696 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:23:01.0468 5696 Rdbss - ok
20:23:01.0484 5696 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:23:01.0484 5696 RDPCDD - ok
20:23:01.0515 5696 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:23:01.0515 5696 rdpdr - ok
20:23:01.0578 5696 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
20:23:01.0593 5696 RDPWD - ok
20:23:01.0656 5696 RDSessMgr (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
20:23:01.0687 5696 RDSessMgr - ok
20:23:01.0718 5696 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:23:01.0718 5696 redbook - ok
20:23:01.0750 5696 RemoteAccess (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
20:23:01.0765 5696 RemoteAccess - ok
20:23:01.0781 5696 RemoteRegistry (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
20:23:01.0796 5696 RemoteRegistry - ok
20:23:01.0843 5696 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
20:23:01.0843 5696 ROOTMODEM - ok
20:23:01.0875 5696 RpcLocator (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
20:23:01.0875 5696 RpcLocator - ok
20:23:01.0921 5696 RpcSs (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\System32\rpcss.dll
20:23:01.0921 5696 RpcSs - ok
20:23:01.0937 5696 RSVP (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
20:23:01.0937 5696 RSVP - ok
20:23:01.0984 5696 RTL8023xp (8e34400ffc7d647946d9c820678775af) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
20:23:01.0984 5696 RTL8023xp - ok
20:23:02.0015 5696 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
20:23:02.0031 5696 rtl8139 - ok
20:23:02.0078 5696 SamSs (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:23:02.0078 5696 SamSs - ok
20:23:02.0140 5696 SCardSvr (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
20:23:02.0140 5696 SCardSvr - ok
20:23:02.0187 5696 Schedule (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
20:23:02.0203 5696 Schedule - ok
20:23:02.0265 5696 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:23:02.0265 5696 Secdrv - ok
20:23:02.0312 5696 seclogon (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
20:23:02.0312 5696 seclogon - ok
20:23:02.0343 5696 SENS (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
20:23:02.0343 5696 SENS - ok
20:23:02.0375 5696 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
20:23:02.0375 5696 serenum - ok
20:23:02.0406 5696 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
20:23:02.0406 5696 Serial - ok
20:23:02.0468 5696 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
20:23:02.0468 5696 Sfloppy - ok
20:23:02.0515 5696 SharedAccess (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
20:23:02.0515 5696 SharedAccess - ok
20:23:02.0578 5696 ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:23:02.0578 5696 ShellHWDetection - ok
20:23:02.0578 5696 Simbad - ok
20:23:02.0625 5696 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
20:23:02.0625 5696 SLIP - ok
20:23:03.0000 5696 SNP2STD (97b19508eb11097eac08f0c195ee948d) C:\WINDOWS\system32\DRIVERS\snp2sxp.sys
20:23:03.0234 5696 SNP2STD - ok
20:23:03.0281 5696 Sparrow - ok
20:23:03.0328 5696 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
20:23:03.0328 5696 splitter - ok
20:23:03.0406 5696 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
20:23:03.0406 5696 Spooler - ok
20:23:03.0421 5696 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
20:23:03.0421 5696 sr - ok
20:23:03.0484 5696 srservice (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
20:23:03.0500 5696 srservice - ok
20:23:03.0546 5696 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
20:23:03.0562 5696 Srv - ok
20:23:03.0609 5696 ssadbus (406776fe3c2b66796bac1a7afb9ac8a1) C:\WINDOWS\system32\DRIVERS\ssadbus.sys
20:23:03.0609 5696 ssadbus - ok
20:23:03.0656 5696 ssadmdfl (b19532d015a5d295e2aa34bb521202cf) C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
20:23:03.0656 5696 ssadmdfl - ok
20:23:03.0687 5696 ssadmdm (2aebf9108e6f435458b9499c27394da4) C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
20:23:03.0703 5696 ssadmdm - ok
20:23:03.0734 5696 SSDPSRV (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
20:23:03.0734 5696 SSDPSRV - ok
20:23:03.0843 5696 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
20:23:03.0843 5696 ssmdrv - ok
20:23:03.0890 5696 stisvc (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
20:23:03.0890 5696 stisvc - ok
20:23:03.0921 5696 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
20:23:03.0937 5696 streamip - ok
20:23:03.0968 5696 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:23:03.0968 5696 swenum - ok
20:23:04.0000 5696 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
20:23:04.0000 5696 swmidi - ok
20:23:04.0015 5696 SwPrv - ok
20:23:04.0031 5696 symc810 - ok
20:23:04.0062 5696 symc8xx - ok
20:23:04.0062 5696 sym_hi - ok
20:23:04.0125 5696 sym_u3 - ok
20:23:04.0156 5696 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
20:23:04.0156 5696 sysaudio - ok
20:23:04.0187 5696 SysmonLog (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
20:23:04.0187 5696 SysmonLog - ok
20:23:04.0234 5696 TapiSrv (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
20:23:04.0250 5696 TapiSrv - ok
20:23:04.0312 5696 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:23:04.0312 5696 Tcpip - ok
20:23:04.0359 5696 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:23:04.0375 5696 TDPIPE - ok
20:23:04.0406 5696 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
20:23:04.0421 5696 TDTCP - ok
20:23:04.0453 5696 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:23:04.0453 5696 TermDD - ok
20:23:04.0515 5696 TermService (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
20:23:04.0515 5696 TermService - ok
20:23:04.0578 5696 Themes (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:23:04.0578 5696 Themes - ok
20:23:04.0625 5696 TlntSvr (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\system32\tlntsvr.exe
20:23:04.0625 5696 TlntSvr - ok
20:23:04.0640 5696 TosIde - ok
20:23:04.0687 5696 TrkWks (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
20:23:04.0687 5696 TrkWks - ok
20:23:04.0718 5696 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
20:23:04.0718 5696 Udfs - ok
20:23:04.0828 5696 UI Assistant Service (13bff97e926bf8d9c1230cecc371a0c0) C:\Programme\1&1 Surf-Stick\AssistantServices.exe
20:23:04.0890 5696 UI Assistant Service - ok
20:23:04.0921 5696 ultra - ok
20:23:04.0968 5696 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
20:23:04.0968 5696 Update - ok
20:23:04.0984 5696 upnphost (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
20:23:05.0000 5696 upnphost - ok
20:23:05.0015 5696 UPS (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
20:23:05.0015 5696 UPS - ok
20:23:05.0062 5696 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:23:05.0062 5696 usbccgp - ok
20:23:05.0093 5696 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:23:05.0093 5696 usbehci - ok
20:23:05.0125 5696 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:23:05.0140 5696 usbhub - ok
20:23:05.0156 5696 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
20:23:05.0156 5696 usbohci - ok
20:23:05.0171 5696 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:23:05.0187 5696 usbstor - ok
20:23:05.0203 5696 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
20:23:05.0203 5696 VgaSave - ok
20:23:05.0218 5696 ViaIde - ok
20:23:05.0250 5696 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
20:23:05.0250 5696 VolSnap - ok
20:23:05.0281 5696 VSS (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
20:23:05.0281 5696 VSS - ok
20:23:05.0328 5696 W32Time (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
20:23:05.0328 5696 W32Time - ok
20:23:05.0375 5696 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:23:05.0375 5696 Wanarp - ok
20:23:05.0390 5696 wbymj4iz.sys - ok
20:23:05.0437 5696 WDICA - ok
20:23:05.0468 5696 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
20:23:05.0468 5696 wdmaud - ok
20:23:05.0500 5696 WebClient (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
20:23:05.0500 5696 WebClient - ok
20:23:05.0546 5696 winmgmt (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
20:23:05.0562 5696 winmgmt - ok
20:23:05.0609 5696 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\mspmsnsv.dll
20:23:05.0609 5696 WmdmPmSN - ok
20:23:05.0687 5696 Wmi (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
20:23:05.0703 5696 Wmi - ok
20:23:05.0750 5696 WmiApSrv (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:23:05.0765 5696 WmiApSrv - ok
20:23:05.0843 5696 WMPNetworkSvc (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
20:23:05.0937 5696 WMPNetworkSvc - ok
20:23:06.0015 5696 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
20:23:06.0015 5696 WpdUsb - ok
20:23:06.0125 5696 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:23:06.0171 5696 WPFFontCache_v0400 - ok
20:23:06.0203 5696 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:23:06.0234 5696 WS2IFSL - ok
20:23:06.0250 5696 wscsvc (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
20:23:06.0250 5696 wscsvc - ok
20:23:06.0265 5696 WSearch - ok
20:23:06.0312 5696 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
20:23:06.0312 5696 WSTCODEC - ok
20:23:06.0359 5696 wuauserv (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
20:23:06.0359 5696 wuauserv - ok
20:23:06.0406 5696 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:23:06.0406 5696 WudfPf - ok
20:23:06.0421 5696 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:23:06.0421 5696 WudfRd - ok
20:23:06.0453 5696 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
20:23:06.0453 5696 WudfSvc - ok
20:23:06.0500 5696 WZCSVC (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
20:23:06.0515 5696 WZCSVC - ok
20:23:06.0546 5696 xmlprov (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
20:23:06.0546 5696 xmlprov - ok
20:23:06.0578 5696 xpsec - ok
20:23:06.0625 5696 yukonwxp (4322c32ced8c4772e039616dcbf01d3f) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
20:23:06.0640 5696 yukonwxp - ok
20:23:06.0703 5696 ZTEusbmdm6k (616b411bfc0e9f535a436759f19b79d8) C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys
20:23:06.0703 5696 ZTEusbmdm6k - ok
20:23:06.0734 5696 ZTEusbnmea (616b411bfc0e9f535a436759f19b79d8) C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys
20:23:06.0734 5696 ZTEusbnmea - ok
20:23:06.0781 5696 ZTEusbser6k (616b411bfc0e9f535a436759f19b79d8) C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys
20:23:06.0781 5696 ZTEusbser6k - ok
20:23:06.0812 5696 MBR (0x1B8) (eeadaf356113e54427e990a5bcad82b5) \Device\Harddisk0\DR0
20:23:06.0812 5696 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - infected
20:23:06.0812 5696 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Sinowal.b (0)
20:23:06.0812 5696 Boot (0x1200) (52f8e7d5a3c4541149f103f5aa567709) \Device\Harddisk0\DR0\Partition0
20:23:06.0812 5696 \Device\Harddisk0\DR0\Partition0 - ok
20:23:06.0812 5696 ============================================================
20:23:06.0812 5696 Scan finished
20:23:06.0812 5696 ============================================================
20:23:06.0828 5588 Detected object count: 1
20:23:06.0828 5588 Actual detected object count: 1
20:24:29.0062 5588 \Device\Harddisk0\DR0\# - copied to quarantine
20:24:29.0078 5588 \Device\Harddisk0\DR0 - copied to quarantine
20:24:29.0093 5588 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - will be cured on reboot
20:24:29.0187 5588 \Device\Harddisk0\DR0 - ok
20:24:29.0187 5588 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - User select action: Cure
20:25:46.0578 5964 Deinitialize success

markusg 17.04.2012 20:20
nutzt du das gerät für onlinebanking einkäufe, sonstige zahlungsabwicklungen, oder ähnlich wichtiges, wie berufliches?

Leon3221 18.04.2012 05:34
Nein ich bin erst 15 ich Spiele nur ab und an und versau mir meinen PC...
Aber sag mal was war das den für ein Virus und ist dieser noch da ?

lg Leon

markusg 18.04.2012 10:08
dies war ein rootkit.
da solche rootkits enderungen am pc vor nehmen können, wie wir nicht mehr zurück verfolgen können, sollten wir das gerät neu aufsetzen:
der pc muss neu aufgesetzt und dann abgesichert werden
1. Datenrettung:2. Formatieren, Windows neu instalieren:3. PC absichern: http://www.trojaner-board.de/96344-a...-rechners.html
ich werde außerdem noch weitere punkte dazu posten.
4. alle Passwörter ändern!
5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen.

Leon3221 18.04.2012 17:11
Okay werde den PC neu aufsetzen kann es sein das meine Externe festplatte auch im arsch ist ? also das da der Rootkit auch drauf ist kann nähmlich sein das ich so doof war und die platte an den PC angeschlossen hatte als ich den Virus runter geldaden hatte ?

markusg 18.04.2012 17:14
nein, aber wir werden die platte, wenn das system abgesichert ist, prüfen

Leon3221 18.04.2012 17:21
okay wie Teste ich die einfach tdsskiller drauf und auslesen lassen ?

markusg 18.04.2012 17:33
nein.
aber mach dir jetzt keinen kopf darüber, wenn das system noch nicht mal neu aufgesetzt ist.
eines nach dem andern, also erst mal daten retten

Leon3221 18.04.2012 17:41
Okay danke mache ich

So bin an meinem Leptop. Mein PC Formatiert grade. :)
Habe grade mit avira und tdsskiller meine Externe Festplatte abgesucht sollte nicht drauf sein hat nicht angeschlagen.

Also Clean oder ?


Alle Zeitangaben in WEZ +1. Es ist jetzt 05:02 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131