Trojaner-Board - Wie Sytem Repair Software entfernen?

Vorneweg nochmal vielen Dank, dass du sir soviel Zeit für mein Problem nimmst!
Da malwarebytes gerade durchgelaufen war hier das logfile:

Code:

Malwarebytes Anti-Malware (Test) 1.70.0.1100

www.malwarebytes.org
 

Datenbank Version: v2013.03.01.08
 

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

Fabian :: GROOVEBOX [Administrator]
 

Schutz: Aktiviert
 

01.03.2013 19:21:55

MBAM-log-2013-03-01 (23-16-21).txt
 

Art des Suchlaufs: Vollständiger Suchlauf (C:\|H:\|)

Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM

Deaktivierte Suchlaufeinstellungen: P2P

Durchsuchte Objekte: 475484

Laufzeit: 3 Stunde(n), 11 Minute(n), 13 Sekunde(n)
 

Infizierte Speicherprozesse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte: 1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|oKJlROuTVCyA.exe (Trojan.FakeAV) -> Daten: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\oKJlROuTVCyA.exe -> Keine Aktion durchgeführt.
 

Infizierte Dateiobjekte der Registrierung: 15

HKCR\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32| (Trojan.0Access) -> Bösartig: (C:\RECYCLER\S-1-5-18\$fe2aebbfa0d613ea0e521ea64bf7ee9f\n.) Gut: (fastprox.dll) -> Keine Aktion durchgeführt.

HKCR\CLSID\{FBEB8A05-BEEE-4442-804E-409D6C4515E9}\InProcServer32| (Trojan.0Access) -> Bösartig: (C:\RECYCLER\S-1-5-21-1645522239-261478967-1417001333-1003\$fe2aebbfa0d613ea0e521ea64bf7ee9f\n.) Gut: (shell32.dll) -> Keine Aktion durchgeführt.

HKCU\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bösartig: (1) Gut: (0) -> Keine Aktion durchgeführt.

HKCU\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bösartig: (1) Gut: (0) -> Keine Aktion durchgeführt.

HKCU\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bösartig: (1) Gut: (0) -> Keine Aktion durchgeführt.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowControlPanel (PUM.Hijack.StartMenu) -> Bösartig: (0) Gut: (1) -> Keine Aktion durchgeführt.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowHelp (PUM.Hijack.StartMenu) -> Bösartig: (0) Gut: (1) -> Keine Aktion durchgeführt.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bösartig: (0) Gut: (1) -> Keine Aktion durchgeführt.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyDocs (PUM.Hijack.StartMenu) -> Bösartig: (0) Gut: (1) -> Keine Aktion durchgeführt.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowRun (PUM.Hijack.StartMenu) -> Bösartig: (0) Gut: (1) -> Keine Aktion durchgeführt.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bösartig: (0) Gut: (1) -> Keine Aktion durchgeführt.

HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bösartig: (1) Gut: (0) -> Keine Aktion durchgeführt.

HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bösartig: (1) Gut: (0) -> Keine Aktion durchgeführt.

HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bösartig: (1) Gut: (0) -> Keine Aktion durchgeführt.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr (PUM.Hijack.TaskManager) -> Bösartig: (1) Gut: (0) -> Keine Aktion durchgeführt.
 

Infizierte Verzeichnisse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien: 3

C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\oKJlROuTVCyA.exe (Trojan.FakeAV) -> Keine Aktion durchgeführt.

C:\RECYCLER\S-1-5-18\$fe2aebbfa0d613ea0e521ea64bf7ee9f\U\00000001.@ (Trojan.0Access) -> Keine Aktion durchgeführt.

C:\RECYCLER\S-1-5-21-1645522239-261478967-1417001333-1003\$fe2aebbfa0d613ea0e521ea64bf7ee9f\U\00000001.@ (Trojan.0Access) -> Keine Aktion durchgeführt.
 

(Ende)

Hier das logfile des defoggers

Code:

defogger_disable by jpshortstuff (23.02.10.1)

Log created at 23:26 on 01/03/2013 (Fabian)
 

Checking for autostart values...

HKCU\~\Run values retrieved.

HKLM\~\Run values retrieved.
 

Checking for services/drivers...

Unable to read sptd.sys

SPTD -> Disabled (Service running -> reboot required)
 
 

-=E.O.F=-

Dann Schritt2, das lofile des aswMBR:

Code:

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software

Run date: 2013-03-01 23:31:22

-----------------------------

23:31:22.984    OS Version: Windows 5.1.2600 Service Pack 3

23:31:22.984    Number of processors: 2 586 0xF06

23:31:22.984    ComputerName: GROOVEBOX  UserName: Fabian

23:31:24.546    Initialize success

23:35:20.546    AVAST engine defs: 13030100

23:35:31.375    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0

23:35:31.375    Disk 0 Vendor: TOSHIBA_ AH00 Size: 114473MB BusType: 3

23:35:31.375    Disk 1  \Device\Harddisk1\DR2 -> \Device\00000086

23:35:31.375    Disk 1 Vendor: (  Size: 114473MB BusType: 0

23:35:31.375    Disk 2  \Device\Harddisk2\DR3 -> \Device\00000087

23:35:31.375    Disk 2 Vendor: (  Size: 114473MB BusType: 0

23:35:31.390    Disk 0 MBR read successfully

23:35:31.406    Disk 0 MBR scan

23:35:31.453    Disk 0 Windows XP default MBR code

23:35:31.453    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS       114470 MB offset 63

23:35:31.468    Disk 0 scanning sectors +234436545

23:35:31.546    Disk 0 scanning C:\WINDOWS\system32\drivers

23:35:50.843    Service scanning

23:36:22.093    Modules scanning

23:36:31.046    Disk 0 trace - called modules:

23:36:31.078    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll iaStor.sys 

23:36:31.078    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89c338a0]

23:36:31.078    3 CLASSPNP.SYS[ba908fd7] -> nt!IofCallDriver -> \Device\00000080[0x8a581958]

23:36:31.078    5 ACPI.sys[ba77e620] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x8a034028]

23:36:31.968    AVAST engine scan C:\WINDOWS

23:36:38.453    AVAST engine scan C:\WINDOWS\system32

23:40:53.250    AVAST engine scan C:\WINDOWS\system32\drivers

23:41:14.687    AVAST engine scan C:\Dokumente und Einstellungen\Fabian

00:38:31.953    File: C:\Dokumente und Einstellungen\Fabian\Lokale Einstellungen\Temp\ku3h7pmy5grl.exe  **INFECTED** Win32:Sirefef-AUQ [Trj]

01:24:43.593    AVAST engine scan C:\Dokumente und Einstellungen\All Users

01:33:10.546    Scan finished successfully

01:54:25.734    Disk 0 MBR has been saved successfully to "C:\Dokumente und Einstellungen\Fabian\Desktop\MBR.dat"

01:54:25.734    The log file has been saved successfully to "C:\Dokumente und Einstellungen\Fabian\Desktop\aswMBR.txt"

Dann Schritt 3, TDSSKIlLER logfile:

Code:

01:55:06.0218 2892  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

01:55:06.0484 2892  ============================================================

01:55:06.0484 2892  Current date / time: 2013/03/02 01:55:06.0484

01:55:06.0484 2892  SystemInfo:

01:55:06.0484 2892  

01:55:06.0484 2892  OS Version: 5.1.2600 ServicePack: 3.0

01:55:06.0484 2892  Product type: Workstation

01:55:06.0484 2892  ComputerName: GROOVEBOX

01:55:06.0484 2892  UserName: Fabian

01:55:06.0484 2892  Windows directory: C:\WINDOWS

01:55:06.0484 2892  System windows directory: C:\WINDOWS

01:55:06.0484 2892  Processor architecture: Intel x86

01:55:06.0484 2892  Number of processors: 2

01:55:06.0484 2892  Page size: 0x1000

01:55:06.0484 2892  Boot type: Normal boot

01:55:06.0484 2892  ============================================================

01:55:08.0265 2892  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

01:55:08.0328 2892  ============================================================

01:55:08.0328 2892  \Device\Harddisk0\DR0:

01:55:08.0328 2892  MBR partitions:

01:55:08.0328 2892  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF93782

01:55:08.0328 2892  ============================================================

01:55:08.0484 2892  C: <-> \Device\Harddisk0\DR0\Partition1

01:55:08.0484 2892  ============================================================

01:55:08.0484 2892  Initialize success

01:55:08.0484 2892  ============================================================

01:55:36.0921 2100  ============================================================

01:55:36.0921 2100  Scan started

01:55:36.0921 2100  Mode: Manual; TDLFS; 

01:55:36.0921 2100  ============================================================

01:55:38.0281 2100  ================ Scan system memory ========================

01:55:38.0281 2100  System memory - ok

01:55:38.0281 2100  ================ Scan services =============================

01:55:38.0500 2100  [ 914A9709FC3BF419AD2F85547F2A4832 ] 61883           C:\WINDOWS\system32\DRIVERS\61883.sys

01:55:38.0500 2100  61883 - ok

01:55:38.0500 2100  Abiosdsk - ok

01:55:38.0515 2100  abp480n5 - ok

01:55:38.0531 2100  [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys

01:55:38.0546 2100  ACPI - ok

01:55:38.0578 2100  [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC          C:\WINDOWS\system32\DRIVERS\ACPIEC.sys

01:55:38.0578 2100  ACPIEC - ok

01:55:38.0578 2100  adpu160m - ok

01:55:38.0625 2100  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys

01:55:38.0625 2100  aec - ok

01:55:38.0671 2100  [ 12DAFD934641DCF61E446313BC261EC2 ] AegisP          C:\WINDOWS\system32\DRIVERS\AegisP.sys

01:55:38.0671 2100  AegisP - ok

01:55:38.0703 2100  [ 4D43E74F2A1239D53929B82600F1971C ] AFD             C:\WINDOWS\System32\drivers\afd.sys

01:55:38.0718 2100  AFD - ok

01:55:38.0718 2100  Aha154x - ok

01:55:38.0718 2100  aic78u2 - ok

01:55:38.0734 2100  aic78xx - ok

01:55:38.0765 2100  [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter         C:\WINDOWS\system32\alrsvc.dll

01:55:38.0796 2100  Alerter - ok

01:55:38.0812 2100  [ 190CD73D4984F94D823F9444980513E5 ] ALG             C:\WINDOWS\System32\alg.exe

01:55:38.0812 2100  ALG - ok

01:55:38.0828 2100  AliIde - ok

01:55:38.0828 2100  amsint - ok

01:55:38.0937 2100  [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe

01:55:38.0937 2100  AntiVirSchedulerService - ok

01:55:38.0968 2100  [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService  C:\Programme\Avira\AntiVir Desktop\avguard.exe

01:55:38.0968 2100  AntiVirService - ok

01:55:39.0000 2100  [ D45960BE52C3C610D361977057F98C54 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll

01:55:39.0015 2100  AppMgmt - ok

01:55:39.0046 2100  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys

01:55:39.0062 2100  Arp1394 - ok

01:55:39.0093 2100  [ 4F9CBBF95E8F7A0D4C0EDCFE3B78102E ] ASAPIW2K        C:\WINDOWS\system32\Drivers\ASAPIW2K.sys

01:55:39.0109 2100  ASAPIW2K - ok

01:55:39.0109 2100  asc - ok

01:55:39.0109 2100  asc3350p - ok

01:55:39.0109 2100  asc3550 - ok

01:55:39.0265 2100  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

01:55:39.0312 2100  aspnet_state - ok

01:55:39.0375 2100  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys

01:55:39.0375 2100  AsyncMac - ok

01:55:39.0406 2100  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys

01:55:39.0406 2100  atapi - ok

01:55:39.0421 2100  Atdisk - ok

01:55:39.0453 2100  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys

01:55:39.0453 2100  Atmarpc - ok

01:55:39.0484 2100  [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll

01:55:39.0484 2100  AudioSrv - ok

01:55:39.0531 2100  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys

01:55:39.0531 2100  audstub - ok

01:55:39.0593 2100  [ 99288F6FF063CFB9B3F1D3238C9208AB ] automap         C:\WINDOWS\system32\DRIVERS\automap.sys

01:55:39.0593 2100  automap - ok

01:55:39.0609 2100  [ F8E6956A614F15A0860474C5E2A7DE6B ] Avc             C:\WINDOWS\system32\DRIVERS\avc.sys

01:55:39.0625 2100  Avc - ok

01:55:39.0625 2100  [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys

01:55:39.0625 2100  avgntflt - ok

01:55:39.0671 2100  [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys

01:55:39.0671 2100  avipbb - ok

01:55:39.0687 2100  [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys

01:55:39.0703 2100  avkmgr - ok

01:55:39.0750 2100  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys

01:55:39.0750 2100  Beep - ok

01:55:39.0812 2100  [ D6F603772A789BB3228F310D650B8BD1 ] BITS            C:\WINDOWS\system32\qmgr.dll

01:55:39.0828 2100  BITS - ok

01:55:39.0921 2100  [ 3F56903E124E820AEECE6D471583C6C1 ] Bonjour Service C:\Programme\Bonjour\mDNSResponder.exe

01:55:39.0921 2100  Bonjour Service - ok

01:55:39.0968 2100  [ B42057F06BBB98B31876C0B3F2B54E33 ] Browser         C:\WINDOWS\System32\browser.dll

01:55:39.0968 2100  Browser - ok

01:55:40.0000 2100  [ B279426E3C0C344893ED78A613A73BDE ] BthEnum         C:\WINDOWS\system32\DRIVERS\BthEnum.sys

01:55:40.0000 2100  BthEnum - ok

01:55:40.0046 2100  [ FCA6F069597B62D42495191ACE3FC6C1 ] BTHMODEM        C:\WINDOWS\system32\DRIVERS\bthmodem.sys

01:55:40.0046 2100  BTHMODEM - ok

01:55:40.0078 2100  [ 80602B8746D3738F5886CE3D67EF06B6 ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys

01:55:40.0078 2100  BthPan - ok

01:55:40.0140 2100  [ 592E1CEDBE314D0EF184DC6F46141E76 ] BTHPORT         C:\WINDOWS\system32\Drivers\BTHport.sys

01:55:40.0140 2100  BTHPORT - ok

01:55:40.0187 2100  [ 26C601EF7525E31379744ABFC6F35A1B ] BthServ         C:\WINDOWS\System32\bthserv.dll

01:55:40.0187 2100  BthServ - ok

01:55:40.0203 2100  [ 61364CD71EF63B0F038B7E9DF00F1EFA ] BTHUSB          C:\WINDOWS\system32\Drivers\BTHUSB.sys

01:55:40.0203 2100  BTHUSB - ok

01:55:40.0250 2100  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys

01:55:40.0250 2100  cbidf2k - ok

01:55:40.0281 2100  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

01:55:40.0281 2100  CCDECODE - ok

01:55:40.0281 2100  cd20xrnt - ok

01:55:40.0328 2100  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys

01:55:40.0328 2100  Cdaudio - ok

01:55:40.0390 2100  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys

01:55:40.0390 2100  Cdfs - ok

01:55:40.0406 2100  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys

01:55:40.0406 2100  Cdrom - ok

01:55:40.0421 2100  Changer - ok

01:55:40.0421 2100  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc           C:\WINDOWS\system32\cisvc.exe

01:55:40.0437 2100  CiSvc - ok

01:55:40.0515 2100  [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe

01:55:40.0531 2100  ClipSrv - ok

01:55:40.0625 2100  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

01:55:40.0656 2100  clr_optimization_v2.0.50727_32 - ok

01:55:40.0703 2100  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

01:55:40.0875 2100  clr_optimization_v4.0.30319_32 - ok

01:55:40.0921 2100  [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys

01:55:40.0921 2100  CmBatt - ok

01:55:40.0921 2100  CmdIde - ok

01:55:40.0937 2100  [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys

01:55:40.0937 2100  Compbatt - ok

01:55:40.0953 2100  COMSysApp - ok

01:55:40.0953 2100  Cpqarray - ok

01:55:41.0000 2100  [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll

01:55:41.0015 2100  CryptSvc - ok

01:55:41.0015 2100  dac2w2k - ok

01:55:41.0015 2100  dac960nt - ok

01:55:41.0093 2100  [ D3D765E8455A961AE567B408F767D4F9 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll

01:55:41.0109 2100  DcomLaunch - ok

01:55:41.0125 2100  [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll

01:55:41.0125 2100  Dhcp - ok

01:55:41.0140 2100  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys

01:55:41.0140 2100  Disk - ok

01:55:41.0140 2100  dmadmin - ok

01:55:41.0187 2100  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys

01:55:41.0203 2100  dmboot - ok

01:55:41.0234 2100  [ F206E28ED74C491FD5D7C0A1119CE37F ] DMICall         C:\WINDOWS\system32\DRIVERS\DMICall.sys

01:55:41.0250 2100  DMICall - ok

01:55:41.0250 2100  [ 53720AB12B48719D00E327DA470A619A ] dmio            C:\WINDOWS\system32\drivers\dmio.sys

01:55:41.0281 2100  dmio - ok

01:55:41.0328 2100  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys

01:55:41.0328 2100  dmload - ok

01:55:41.0359 2100  [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver        C:\WINDOWS\System32\dmserver.dll

01:55:41.0359 2100  dmserver - ok

01:55:41.0390 2100  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys

01:55:41.0390 2100  DMusic - ok

01:55:41.0437 2100  [ 8C9ED3B2834AAE63081AB2DA831C6FE9 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll

01:55:41.0437 2100  Dnscache - ok

01:55:41.0468 2100  [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll

01:55:41.0468 2100  Dot3svc - ok

01:55:41.0468 2100  dpti2o - ok

01:55:41.0500 2100  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys

01:55:41.0515 2100  drmkaud - ok

01:55:41.0562 2100  [ D57A8FC800B501AC05B10D00F66D127A ] E100B           C:\WINDOWS\system32\DRIVERS\e100b325.sys

01:55:41.0578 2100  E100B - ok

01:55:41.0609 2100  [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost         C:\WINDOWS\System32\eapsvc.dll

01:55:41.0625 2100  EapHost - ok

01:55:41.0640 2100  [ 877C18558D70587AA7823A1A308AC96B ] ERSvc           C:\WINDOWS\System32\ersvc.dll

01:55:41.0656 2100  ERSvc - ok

01:55:41.0703 2100  [ F0A7D59AF279326528715B206669B86C ] Eventlog        C:\WINDOWS\system32\services.exe

01:55:41.0703 2100  Eventlog - ok

01:55:41.0718 2100  [ ADA7241C16F3F42C7F210539FAD5F3AA ] EventSystem     C:\WINDOWS\system32\es.dll

01:55:41.0734 2100  EventSystem - ok

01:55:41.0812 2100  [ 56DED3ADE453272E6A0AD582D945D1A4 ] EvtEng          C:\Programme\Intel\Wireless\Bin\EvtEng.exe

01:55:41.0812 2100  EvtEng - ok

01:55:41.0828 2100  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys

01:55:41.0828 2100  Fastfat - ok

01:55:41.0859 2100  [ 40602EBFBE06AA075C8E4560743F6883 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

01:55:41.0875 2100  FastUserSwitchingCompatibility - ok

01:55:41.0890 2100  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys

01:55:41.0890 2100  Fdc - ok

01:55:41.0937 2100  [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys

01:55:41.0937 2100  Fips - ok

01:55:42.0046 2100  [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

01:55:42.0109 2100  FLEXnet Licensing Service - ok

01:55:42.0125 2100  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys

01:55:42.0125 2100  Flpydisk - ok

01:55:42.0171 2100  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys

01:55:42.0171 2100  FltMgr - ok

01:55:42.0265 2100  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

01:55:42.0281 2100  FontCache3.0.0.0 - ok

01:55:42.0328 2100  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys

01:55:42.0328 2100  Fs_Rec - ok

01:55:42.0390 2100  [ 8F1955CE42E1484714B542F341647778 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys

01:55:42.0390 2100  Ftdisk - ok

01:55:42.0453 2100  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys

01:55:42.0453 2100  Gpc - ok

01:55:42.0500 2100  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

01:55:42.0500 2100  HDAudBus - ok

01:55:42.0546 2100  [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

01:55:42.0546 2100  helpsvc - ok

01:55:42.0593 2100  [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ         C:\WINDOWS\System32\hidserv.dll

01:55:42.0593 2100  HidServ - ok

01:55:42.0593 2100  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys

01:55:42.0593 2100  hidusb - ok

01:55:42.0640 2100  [ ED29F14101523A6E0E808107405D452C ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll

01:55:42.0640 2100  hkmsvc - ok

01:55:42.0656 2100  [ 86A41BAB21B31F8A1B8F5FB93106B63F ] hotcore3        C:\WINDOWS\system32\DRIVERS\hotcore3.sys

01:55:42.0656 2100  hotcore3 - ok

01:55:42.0671 2100  hpn - ok

01:55:42.0703 2100  [ 30CA91E657CEDE2F95359D6EF186F650 ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys

01:55:42.0703 2100  HPZid412 - ok

01:55:42.0718 2100  [ EFD31AFA752AA7C7BBB57BCBE2B01C78 ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

01:55:42.0718 2100  HPZipr12 - ok

01:55:42.0734 2100  [ 7AC43C38CA8FD7ED0B0A4466F753E06E ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys

01:55:42.0734 2100  HPZius12 - ok

01:55:42.0796 2100  [ ACC46DDA7FECE95A253AE88CEA172E12 ] HSFHWAZL        C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys

01:55:42.0796 2100  HSFHWAZL - ok

01:55:42.0906 2100  [ 53229DCF431D76434816CD29251168A0 ] HSF_DPV         C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys

01:55:42.0937 2100  HSF_DPV - ok

01:55:43.0000 2100  [ 31F949D452201F2F0AF0C88D7DB512CD ] HSXHWAZL        C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys

01:55:43.0000 2100  HSXHWAZL - ok

01:55:43.0062 2100  [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys

01:55:43.0078 2100  HTTP - ok

01:55:43.0125 2100  [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll

01:55:43.0125 2100  HTTPFilter - ok

01:55:43.0125 2100  i2omgmt - ok

01:55:43.0140 2100  i2omp - ok

01:55:43.0187 2100  [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys

01:55:43.0187 2100  i8042prt - ok

01:55:43.0265 2100  [ F79525634B192F5A18DE503568F94EF3 ] IAANTMON        C:\Programme\Intel\Intel Matrix Storage Manager\IAANTMon.exe

01:55:43.0281 2100  IAANTMON - ok

01:55:43.0390 2100  [ BAABB0301949774A66B955C65319635A ] iaStor          C:\WINDOWS\system32\DRIVERS\iaStor.sys

01:55:43.0390 2100  iaStor - ok

01:55:43.0453 2100  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe

01:55:43.0500 2100  IDriverT - ok

01:55:43.0578 2100  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

01:55:43.0671 2100  idsvc - ok

01:55:43.0718 2100  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys

01:55:43.0718 2100  Imapi - ok

01:55:43.0750 2100  [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService    C:\WINDOWS\system32\imapi.exe

01:55:43.0781 2100  ImapiService - ok

01:55:43.0781 2100  ini910u - ok

01:55:43.0796 2100  IntelIde - ok

01:55:43.0828 2100  [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys

01:55:43.0828 2100  intelppm - ok

01:55:43.0859 2100  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

01:55:43.0859 2100  Ip6Fw - ok

01:55:43.0875 2100  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

01:55:43.0890 2100  IpFilterDriver - ok

01:55:43.0890 2100  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys

01:55:43.0890 2100  IpInIp - ok

01:55:43.0921 2100  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys

01:55:43.0921 2100  IpNat - ok

01:55:43.0953 2100  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys

01:55:43.0953 2100  IPSec - ok

01:55:44.0000 2100  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys

01:55:44.0000 2100  IRENUM - ok

01:55:44.0046 2100  [ 6DFB88F64135C525433E87648BDA30DE ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys

01:55:44.0046 2100  isapnp - ok

01:55:44.0140 2100  [ 9AE07549A0D691A103FAF8946554BDB7 ] JavaQuickStarterService C:\Programme\Java\jre6\bin\jqs.exe

01:55:44.0140 2100  JavaQuickStarterService - ok

01:55:44.0187 2100  [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys

01:55:44.0187 2100  Kbdclass - ok

01:55:44.0250 2100  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys

01:55:44.0265 2100  kmixer - ok

01:55:44.0296 2100  [ 1705745D900DABF2D89F90EBADDC7517 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys

01:55:44.0296 2100  KSecDD - ok

01:55:44.0296 2100  [ D88846F9F4F27AE9BE584A6E5B6B8753 ] L8042Kbd        C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys

01:55:44.0296 2100  L8042Kbd - ok

01:55:44.0359 2100  [ BEA61FDA2103F6F51B14EB0872E8A050 ] L8042mou        C:\WINDOWS\system32\DRIVERS\L8042mou.Sys

01:55:44.0359 2100  L8042mou - ok

01:55:44.0406 2100  [ D6EB4916B203CBE525F8EFF5FD5AB16C ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll

01:55:44.0421 2100  LanmanServer - ok

01:55:44.0468 2100  [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

01:55:44.0484 2100  lanmanworkstation - ok

01:55:44.0531 2100  [ B7C19EC8B0DD7EFA58AD41FFEB8B8CDA ] Lbd             C:\WINDOWS\system32\DRIVERS\Lbd.sys

01:55:44.0531 2100  Lbd - ok

01:55:44.0531 2100  lbrtfdc - ok

01:55:44.0609 2100  [ 3AF6B73A3AD1FC37C5933441F66CEB91 ] LBTServ         C:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTServ.exe

01:55:44.0640 2100  LBTServ - ok

01:55:44.0687 2100  [ 7F9C7B28CF1C859E1C42619EEA946DC8 ] LHidFilt        C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys

01:55:44.0687 2100  LHidFilt - ok

01:55:44.0750 2100  [ 636714B7D43C8D0C80449123FD266920 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll

01:55:44.0750 2100  LmHosts - ok

01:55:44.0765 2100  [ AB33792A87285344F43B5CE23421BAB0 ] LMouFilt        C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys

01:55:44.0765 2100  LMouFilt - ok

01:55:44.0781 2100  [ CAB504E38FCED9A56D87D838E9BA13E9 ] LMouKE          C:\WINDOWS\system32\DRIVERS\LMouKE.Sys

01:55:44.0781 2100  LMouKE - ok

01:55:44.0828 2100  [ AF5B04BF94F3980CB067338562CEEDA6 ] MADFUMIDISPORT2010 C:\WINDOWS\system32\DRIVERS\MAudioMIDISPORT_DFU.sys

01:55:44.0828 2100  MADFUMIDISPORT2010 - ok

01:55:44.0828 2100  MagicTune - ok

01:55:44.0890 2100  [ 34933232C17FBBFE2E224E5C536A48CF ] MagixASIODrv    C:\Programme\Magix\Sequoia7\mxasio.sys

01:55:44.0906 2100  MagixASIODrv - ok

01:55:44.0968 2100  [ EA664E3AC4E285C831362971B3F6505F ] MAUSBMIDISPORT  C:\WINDOWS\system32\DRIVERS\MAudioMIDISPORT.sys

01:55:44.0968 2100  MAUSBMIDISPORT - ok

01:55:45.0015 2100  [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys

01:55:45.0015 2100  MBAMProtector - ok

01:55:45.0078 2100  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe

01:55:45.0093 2100  MBAMScheduler - ok

01:55:45.0203 2100  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe

01:55:45.0218 2100  MBAMService - ok

01:55:45.0265 2100  [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

01:55:45.0265 2100  mdmxsdk - ok

01:55:45.0281 2100  [ B7550A7107281D170CE85524B1488C98 ] Messenger       C:\WINDOWS\System32\msgsvc.dll

01:55:45.0281 2100  Messenger - ok

01:55:45.0390 2100  [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe

01:55:45.0421 2100  Microsoft Office Groove Audit Service - ok

01:55:45.0546 2100  [ 2511976346FE182EB0992F6D3685FACC ] MIDISPORTAudioDevMon C:\Programme\M-Audio\MIDISPORT\AudioDevMon.exe

01:55:45.0578 2100  MIDISPORTAudioDevMon - ok

01:55:45.0640 2100  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys

01:55:45.0640 2100  mnmdd - ok

01:55:45.0703 2100  [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe

01:55:45.0703 2100  mnmsrvc - ok

01:55:45.0734 2100  [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys

01:55:45.0734 2100  Modem - ok

01:55:45.0781 2100  [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys

01:55:45.0781 2100  Mouclass - ok

01:55:45.0796 2100  [ 66A6F73C74E1791464160A7065CE711A ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys

01:55:45.0796 2100  mouhid - ok

01:55:45.0812 2100  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys

01:55:45.0812 2100  MountMgr - ok

01:55:45.0906 2100  [ 5C5E45DDABEFBC9F564F1D5C83258B8F ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe

01:55:45.0937 2100  MozillaMaintenance - ok

01:55:45.0937 2100  mraid35x - ok

01:55:45.0968 2100  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys

01:55:45.0968 2100  MRxDAV - ok

01:55:46.0031 2100  [ D09B9F0B9960DD41E73127B7814C115F ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

01:55:46.0046 2100  MRxSmb - ok

01:55:46.0093 2100  [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC           C:\WINDOWS\system32\msdtc.exe

01:55:46.0109 2100  MSDTC - ok

01:55:46.0187 2100  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys

01:55:46.0187 2100  Msfs - ok

01:55:46.0187 2100  MSIServer - ok

01:55:46.0218 2100  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys

01:55:46.0218 2100  MSKSSRV - ok

01:55:46.0218 2100  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys

01:55:46.0218 2100  MSPCLOCK - ok

01:55:46.0234 2100  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys

01:55:46.0234 2100  MSPQM - ok

01:55:46.0265 2100  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys

01:55:46.0265 2100  mssmbios - ok

01:55:46.0296 2100  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys

01:55:46.0296 2100  MSTEE - ok

01:55:46.0312 2100  [ 2F625D11385B1A94360BFC70AAEFDEE1 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys

01:55:46.0328 2100  Mup - ok

01:55:46.0375 2100  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

01:55:46.0375 2100  NABTSFEC - ok

01:55:46.0453 2100  [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent        C:\WINDOWS\System32\qagentrt.dll

01:55:46.0500 2100  napagent - ok

01:55:46.0546 2100  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys

01:55:46.0546 2100  NDIS - ok

01:55:46.0578 2100  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys

01:55:46.0578 2100  NdisIP - ok

01:55:46.0609 2100  [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys

01:55:46.0609 2100  NdisTapi - ok

01:55:46.0625 2100  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys

01:55:46.0625 2100  Ndisuio - ok

01:55:46.0640 2100  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys

01:55:46.0640 2100  NdisWan - ok

01:55:46.0656 2100  [ 6215023940CFD3702B46ABC304E1D45A ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys

01:55:46.0656 2100  NDProxy - ok

01:55:46.0671 2100  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys

01:55:46.0671 2100  NetBIOS - ok

01:55:46.0703 2100  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys

01:55:46.0703 2100  NetBT - ok

01:55:46.0765 2100  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE          C:\WINDOWS\system32\netdde.exe

01:55:46.0796 2100  NetDDE - ok

01:55:46.0812 2100  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe

01:55:46.0812 2100  NetDDEdsdm - ok

01:55:46.0859 2100  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon        C:\WINDOWS\system32\lsass.exe

01:55:46.0859 2100  Netlogon - ok

01:55:46.0921 2100  [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman          C:\WINDOWS\System32\netman.dll

01:55:46.0921 2100  Netman - ok

01:55:46.0953 2100  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

01:55:47.0015 2100  NetTcpPortSharing - ok

01:55:47.0031 2100  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys

01:55:47.0031 2100  NIC1394 - ok

01:55:47.0343 2100  [ BD7A1D7BEF2C0FDE73F7B87971ED9D2F ] NIHardwareService C:\Programme\Gemeinsame Dateien\Native Instruments\Hardware\NIHardwareService.exe

01:55:47.0609 2100  NIHardwareService - ok

01:55:47.0656 2100  [ ACD8BD448A74F344D46FCAF21BAB92AF ] Nla             C:\WINDOWS\System32\mswsock.dll

01:55:47.0671 2100  Nla - ok

01:55:47.0687 2100  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys

01:55:47.0687 2100  Npfs - ok

01:55:47.0703 2100  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys

01:55:47.0718 2100  Ntfs - ok

01:55:47.0734 2100  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe

01:55:47.0734 2100  NtLmSsp - ok

01:55:47.0781 2100  [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll

01:55:47.0796 2100  NtmsSvc - ok

01:55:47.0859 2100  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys

01:55:47.0859 2100  Null - ok

01:55:48.0062 2100  [ F2F17913C200BD340FA356BA7FF493F8 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

01:55:48.0140 2100  nv - ok

01:55:48.0187 2100  [ 00B90B60F41AB765616527946D7AEE00 ] NvnUsbAudio     C:\WINDOWS\system32\DRIVERS\nvnusbaudio.sys

01:55:48.0187 2100  NvnUsbAudio - ok

01:55:48.0234 2100  [ 162542FA7FDAEBBEC625937F18E49AC9 ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe

01:55:48.0234 2100  NVSvc - ok

01:55:48.0265 2100  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

01:55:48.0265 2100  NwlnkFlt - ok

01:55:48.0296 2100  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

01:55:48.0296 2100  NwlnkFwd - ok

01:55:48.0531 2100  [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv          C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE

01:55:48.0578 2100  odserv - ok

01:55:48.0625 2100  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys

01:55:48.0625 2100  ohci1394 - ok

01:55:48.0671 2100  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE

01:55:48.0687 2100  ose - ok

01:55:48.0734 2100  [ F84785660305B9B903FB3BCA8BA29837 ] Parport         C:\WINDOWS\system32\drivers\Parport.sys

01:55:48.0750 2100  Parport - ok

01:55:48.0750 2100  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys

01:55:48.0750 2100  PartMgr - ok

01:55:48.0796 2100  [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys

01:55:48.0796 2100  ParVdm - ok

01:55:48.0812 2100  [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys

01:55:48.0812 2100  PCI - ok

01:55:48.0812 2100  PCIDump - ok

01:55:48.0843 2100  [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys

01:55:48.0843 2100  PCIIde - ok

01:55:48.0859 2100  [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia          C:\WINDOWS\system32\DRIVERS\pcmcia.sys

01:55:48.0875 2100  Pcmcia - ok

01:55:48.0875 2100  PDCOMP - ok

01:55:48.0875 2100  PDFRAME - ok

01:55:48.0890 2100  PDRELI - ok

01:55:48.0890 2100  PDRFRAME - ok

01:55:48.0890 2100  perc2 - ok

01:55:48.0906 2100  perc2hib - ok

01:55:48.0921 2100  [ F0A7D59AF279326528715B206669B86C ] PlugPlay        C:\WINDOWS\system32\services.exe

01:55:48.0937 2100  PlugPlay - ok

01:55:48.0984 2100  [ D31F88C5F19EEFA366A415D6BC5F2ABC ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe

01:55:48.0984 2100  Pml Driver HPZ12 - ok

01:55:49.0000 2100  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe

01:55:49.0000 2100  PolicyAgent - ok

01:55:49.0015 2100  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys

01:55:49.0015 2100  PptpMiniport - ok

01:55:49.0031 2100  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

01:55:49.0031 2100  ProtectedStorage - ok

01:55:49.0062 2100  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys

01:55:49.0062 2100  PSched - ok

01:55:49.0093 2100  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys

01:55:49.0109 2100  Ptilink - ok

01:55:49.0109 2100  ql1080 - ok

01:55:49.0109 2100  Ql10wnt - ok

01:55:49.0125 2100  ql12160 - ok

01:55:49.0125 2100  ql1240 - ok

01:55:49.0140 2100  ql1280 - ok

01:55:49.0187 2100  [ F2B3E0E54817BECDEDBC095B25DAA248 ] R5U870FLx86     C:\WINDOWS\system32\Drivers\R5U870FLx86.sys

01:55:49.0187 2100  R5U870FLx86 - ok

01:55:49.0203 2100  [ 5F598E844E7A465932507314444BD97A ] R5U870FUx86     C:\WINDOWS\system32\Drivers\R5U870FUx86.sys

01:55:49.0203 2100  R5U870FUx86 - ok

01:55:49.0234 2100  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys

01:55:49.0234 2100  RasAcd - ok

01:55:49.0250 2100  [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto         C:\WINDOWS\System32\rasauto.dll

01:55:49.0265 2100  RasAuto - ok

01:55:49.0312 2100  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

01:55:49.0312 2100  Rasl2tp - ok

01:55:49.0390 2100  [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan          C:\WINDOWS\System32\rasmans.dll

01:55:49.0406 2100  RasMan - ok

01:55:49.0406 2100  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys

01:55:49.0406 2100  RasPppoe - ok

01:55:49.0437 2100  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys

01:55:49.0437 2100  Raspti - ok

01:55:49.0453 2100  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys

01:55:49.0468 2100  Rdbss - ok

01:55:49.0468 2100  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

01:55:49.0468 2100  RDPCDD - ok

01:55:49.0531 2100  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys

01:55:49.0546 2100  rdpdr - ok

01:55:49.0578 2100  [ 6728E45B66F93C08F11DE2E316FC70DD ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys

01:55:49.0578 2100  RDPWD - ok

01:55:49.0625 2100  [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe

01:55:49.0625 2100  RDSessMgr - ok

01:55:49.0656 2100  [ ED761D453856F795A7FE056E42C36365 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys

01:55:49.0656 2100  redbook - ok

01:55:49.0687 2100  [ 1B2857EF12D79A9F9ADBA14B0637CBF8 ] RegSrvc         C:\Programme\Intel\Wireless\Bin\RegSrvc.exe

01:55:49.0687 2100  RegSrvc - ok

01:55:49.0734 2100  [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll

01:55:49.0734 2100  RemoteAccess - ok

01:55:49.0765 2100  [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll

01:55:49.0765 2100  RemoteRegistry - ok

01:55:49.0812 2100  [ 851C30DF2807FCFA21E4C681A7D6440E ] RFCOMM          C:\WINDOWS\system32\DRIVERS\rfcomm.sys

01:55:49.0812 2100  RFCOMM - ok

01:55:49.0843 2100  [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator      C:\WINDOWS\system32\locator.exe

01:55:49.0843 2100  RpcLocator - ok

01:55:49.0906 2100  [ D3D765E8455A961AE567B408F767D4F9 ] RpcSs           C:\WINDOWS\system32\rpcss.dll

01:55:49.0906 2100  RpcSs - ok

01:55:49.0953 2100  [ A8FC9F03FED117F87665DC198B0F9C9E ] rrau0001        C:\WINDOWS\system32\Drivers\rrau0001.sys

01:55:49.0953 2100  rrau0001 - ok

01:55:50.0000 2100  [ FF960D10239EADBC9524F40C5BC81D3D ] rrau0002        C:\WINDOWS\system32\Drivers\rrau0002.sys

01:55:50.0000 2100  rrau0002 - ok

01:55:50.0015 2100  [ 44575C35C818043810219E8D1998DCD0 ] rrwd0001        C:\WINDOWS\system32\Drivers\rrwd0001.sys

01:55:50.0015 2100  rrwd0001 - ok

01:55:50.0046 2100  [ 35E9AFF01BB451D4101DA15C74418AAF ] rrwd0002        C:\WINDOWS\system32\Drivers\rrwd0002.sys

01:55:50.0046 2100  rrwd0002 - ok

01:55:50.0093 2100  [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP            C:\WINDOWS\system32\rsvp.exe

01:55:50.0125 2100  RSVP - ok

01:55:50.0203 2100  [ 6C5155CC0E805C7BE6028BFF7AC14524 ] S24EventMonitor C:\Programme\Intel\Wireless\Bin\S24EvMon.exe

01:55:50.0218 2100  S24EventMonitor - ok

01:55:50.0234 2100  [ 1CC074E0D48383D4E9BFFC6A26C2A58A ] s24trans        C:\WINDOWS\system32\DRIVERS\s24trans.sys

01:55:50.0234 2100  s24trans - ok

01:55:50.0250 2100  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs           C:\WINDOWS\system32\lsass.exe

01:55:50.0250 2100  SamSs - ok

01:55:50.0312 2100  [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe

01:55:50.0312 2100  SCardSvr - ok

01:55:50.0437 2100  [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule        C:\WINDOWS\system32\schedsvc.dll

01:55:50.0437 2100  Schedule - ok

01:55:50.0468 2100  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys

01:55:50.0468 2100  Secdrv - ok

01:55:50.0500 2100  [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon        C:\WINDOWS\System32\seclogon.dll

01:55:50.0500 2100  seclogon - ok

01:55:50.0515 2100  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS            C:\WINDOWS\system32\sens.dll

01:55:50.0531 2100  SENS - ok

01:55:50.0546 2100  [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial          C:\WINDOWS\system32\drivers\Serial.sys

01:55:50.0562 2100  Serial - ok

01:55:50.0609 2100  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys

01:55:50.0609 2100  Sfloppy - ok

01:55:50.0625 2100  [ 40602EBFBE06AA075C8E4560743F6883 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

01:55:50.0625 2100  ShellHWDetection - ok

01:55:50.0625 2100  Simbad - ok

01:55:50.0703 2100  [ 0A0A0183711EFB04F9BCC32BB44471F2 ] SkypeUpdate     C:\Programme\Skype\Updater\Updater.exe

01:55:50.0703 2100  SkypeUpdate - ok

01:55:50.0718 2100  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys

01:55:50.0734 2100  SLIP - ok

01:55:50.0750 2100  [ 1A992C8136C015453E82041C35B299DA ] SNC             C:\WINDOWS\system32\DRIVERS\SonyNC.sys

01:55:50.0750 2100  SNC - ok

01:55:50.0796 2100  [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1        C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS

01:55:50.0796 2100  SONYPVU1 - ok

01:55:50.0796 2100  Sparrow - ok

01:55:50.0812 2100  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys

01:55:50.0828 2100  splitter - ok

01:55:50.0875 2100  [ 39356A9CDB6753A6D13A4072A9F5A4BB ] Spooler         C:\WINDOWS\system32\spoolsv.exe

01:55:50.0875 2100  Spooler - ok

01:55:50.0953 2100  [ CDDDEC541BC3C96F91ECB48759673505 ] sptd            C:\WINDOWS\System32\Drivers\sptd.sys

01:55:50.0968 2100  sptd - ok

01:55:51.0000 2100  [ 50FA898F8C032796D3B1B9951BB5A90F ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys

01:55:51.0000 2100  sr - ok

01:55:51.0031 2100  [ FE77A85495065F3AD59C5C65B6C54182 ] srservice       C:\WINDOWS\system32\srsvc.dll

01:55:51.0046 2100  srservice - ok

01:55:51.0109 2100  [ 30EFED0C77D59AE0CACB0B5C756767ED ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys

01:55:51.0109 2100  Srv - ok

01:55:51.0125 2100  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll

01:55:51.0140 2100  SSDPSRV - ok

01:55:51.0187 2100  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\WINDOWS\system32\DRIVERS\ssmdrv.sys

01:55:51.0187 2100  ssmdrv - ok

01:55:51.0296 2100  [ 719286ECEE2241B5C2F0799D61CFC3A2 ] STacSV          C:\Programme\SigmaTel\C-Major Audio\WDM\StacSV.exe

01:55:51.0296 2100  STacSV - ok

01:55:51.0468 2100  [ 784B73BD9D1C0FBA6CA96E8976F4B0E6 ] STHDA           C:\WINDOWS\system32\drivers\sthda.sys

01:55:51.0500 2100  STHDA - ok

01:55:51.0562 2100  [ BC2C5985611C5356B24AEB370953DED9 ] stisvc          C:\WINDOWS\system32\wiaservc.dll

01:55:51.0578 2100  stisvc - ok

01:55:51.0593 2100  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys

01:55:51.0593 2100  streamip - ok

01:55:51.0640 2100  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys

01:55:51.0640 2100  swenum - ok

01:55:51.0656 2100  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys

01:55:51.0671 2100  swmidi - ok

01:55:51.0671 2100  SwPrv - ok

01:55:51.0671 2100  symc810 - ok

01:55:51.0687 2100  symc8xx - ok

01:55:51.0687 2100  sym_hi - ok

01:55:51.0687 2100  sym_u3 - ok

01:55:51.0718 2100  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys

01:55:51.0718 2100  sysaudio - ok

01:55:51.0750 2100  [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe

01:55:51.0750 2100  SysmonLog - ok

01:55:51.0781 2100  [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll

01:55:51.0781 2100  TapiSrv - ok

01:55:51.0812 2100  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys

01:55:51.0828 2100  Tcpip - ok

01:55:51.0859 2100  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys

01:55:51.0859 2100  TDPIPE - ok

01:55:51.0859 2100  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys

01:55:51.0875 2100  TDTCP - ok

01:55:51.0921 2100  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys

01:55:51.0921 2100  TermDD - ok

01:55:51.0953 2100  [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService     C:\WINDOWS\System32\termsrv.dll

01:55:51.0953 2100  TermService - ok

01:55:51.0984 2100  [ 40602EBFBE06AA075C8E4560743F6883 ] Themes          C:\WINDOWS\System32\shsvcs.dll

01:55:51.0984 2100  Themes - ok

01:55:52.0031 2100  [ 26587CE8E6C6F16B8B4E7E2C16FA00BF ] ti21sony        C:\WINDOWS\system32\drivers\ti21sony.sys

01:55:52.0031 2100  ti21sony - ok

01:55:52.0078 2100  [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe

01:55:52.0109 2100  TlntSvr - ok

01:55:52.0109 2100  TosIde - ok

01:55:52.0140 2100  [ 626504572B175867F30F3215C04B3E2F ] TrkWks          C:\WINDOWS\system32\trkwks.dll

01:55:52.0156 2100  TrkWks - ok

01:55:52.0187 2100  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys

01:55:52.0187 2100  Udfs - ok

01:55:52.0187 2100  ultra - ok

01:55:52.0250 2100  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys

01:55:52.0265 2100  Update - ok

01:55:52.0296 2100  [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost        C:\WINDOWS\System32\upnphost.dll

01:55:52.0296 2100  upnphost - ok

01:55:52.0406 2100  [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS             C:\WINDOWS\System32\ups.exe

01:55:52.0421 2100  UPS - ok

01:55:52.0468 2100  [ E919708DB44ED8543A7C017953148330 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys

01:55:52.0468 2100  usbaudio - ok

01:55:52.0500 2100  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys

01:55:52.0500 2100  usbccgp - ok

01:55:52.0546 2100  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys

01:55:52.0546 2100  usbehci - ok

01:55:52.0562 2100  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys

01:55:52.0562 2100  usbhub - ok

01:55:52.0625 2100  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys

01:55:52.0625 2100  usbprint - ok

01:55:52.0640 2100  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys

01:55:52.0656 2100  usbscan - ok

01:55:52.0687 2100  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

01:55:52.0687 2100  USBSTOR - ok

01:55:52.0718 2100  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys

01:55:52.0718 2100  usbuhci - ok

01:55:52.0750 2100  [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys

01:55:52.0750 2100  usbvideo - ok

01:55:52.0796 2100  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys

01:55:52.0812 2100  VgaSave - ok

01:55:52.0812 2100  ViaIde - ok

01:55:52.0828 2100  [ A5A712F4E880874A477AF790B5186E1D ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys

01:55:52.0828 2100  VolSnap - ok

01:55:52.0859 2100  [ 68F106273BE29E7B7EF8266977268E78 ] VSS             C:\WINDOWS\System32\vssvc.exe

01:55:52.0875 2100  VSS - ok

01:55:53.0000 2100  [ 277D5021E95147F0A80A992DEF679122 ] VUAgent         C:\Programme\Sony\VAIO Update 5\VUAgent.exe

01:55:53.0046 2100  VUAgent - ok

01:55:53.0078 2100  [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time         C:\WINDOWS\system32\w32time.dll

01:55:53.0093 2100  W32Time - ok

01:55:53.0203 2100  [ B1F126E7E28877106D60E6FF3998D033 ] w39n51          C:\WINDOWS\system32\DRIVERS\w39n51.sys

01:55:53.0234 2100  w39n51 - ok

01:55:53.0250 2100  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys

01:55:53.0265 2100  Wanarp - ok

01:55:53.0484 2100  [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000        C:\WINDOWS\system32\DRIVERS\Wdf01000.sys

01:55:53.0500 2100  Wdf01000 - ok

01:55:53.0500 2100  WDICA - ok

01:55:53.0515 2100  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys

01:55:53.0515 2100  wdmaud - ok

01:55:53.0578 2100  [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient       C:\WINDOWS\System32\webclnt.dll

01:55:53.0578 2100  WebClient - ok

01:55:53.0640 2100  [ 6D2350BB6E77E800FC4BE4E5B7A2E89A ] winachsf        C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys

01:55:53.0656 2100  winachsf - ok

01:55:53.0734 2100  [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll

01:55:53.0750 2100  winmgmt - ok

01:55:53.0781 2100  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll

01:55:53.0781 2100  WmdmPmSN - ok

01:55:53.0843 2100  [ 57FA31A965D8FC3172641A93618FBE9E ] Wmi             C:\WINDOWS\System32\advapi32.dll

01:55:53.0859 2100  Wmi - ok

01:55:53.0875 2100  [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe

01:55:53.0890 2100  WmiApSrv - ok

01:55:54.0000 2100  [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc   C:\Programme\Windows Media Player\WMPNetwk.exe

01:55:54.0093 2100  WMPNetworkSvc - ok

01:55:54.0125 2100  [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys

01:55:54.0125 2100  WpdUsb - ok

01:55:54.0250 2100  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

01:55:54.0312 2100  WPFFontCache_v0400 - ok

01:55:54.0375 2100  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

01:55:54.0375 2100  WSTCODEC - ok

01:55:54.0421 2100  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll

01:55:54.0437 2100  wuauserv - ok

01:55:54.0453 2100  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys

01:55:54.0468 2100  WudfPf - ok

01:55:54.0500 2100  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys

01:55:54.0500 2100  WudfRd - ok

01:55:54.0531 2100  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll

01:55:54.0531 2100  WudfSvc - ok

01:55:54.0609 2100  [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll

01:55:54.0625 2100  WZCSVC - ok

01:55:54.0671 2100  [ 5A7FF9A18FF6D7E0527FE3ABF9204EF8 ] XAudio          C:\WINDOWS\system32\DRIVERS\xaudio.sys

01:55:54.0671 2100  XAudio - ok

01:55:54.0703 2100  [ 28DC5D626E036A75A572556F0A6EB1F6 ] XAudioService   C:\WINDOWS\system32\DRIVERS\xaudio.exe

01:55:54.0718 2100  XAudioService - ok

01:55:54.0750 2100  [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll

01:55:54.0750 2100  xmlprov - ok

01:55:54.0765 2100  ================ Scan global ===============================

01:55:54.0812 2100  [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll

01:55:54.0843 2100  [ 4CD408F799D4A72B0DE1F1116A77A48E ] C:\WINDOWS\system32\winsrv.dll

01:55:54.0859 2100  [ 4CD408F799D4A72B0DE1F1116A77A48E ] C:\WINDOWS\system32\winsrv.dll

01:55:54.0890 2100  [ F0A7D59AF279326528715B206669B86C ] C:\WINDOWS\system32\services.exe

01:55:54.0890 2100  [Global] - ok

01:55:54.0906 2100  ================ Scan MBR ==================================

01:55:54.0921 2100  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0

01:55:55.0468 2100  \Device\Harddisk0\DR0 - ok

01:55:55.0468 2100  ================ Scan VBR ==================================

01:55:55.0468 2100  [ D92DB117BEDF87ABA95D4DD020D0ABDE ] \Device\Harddisk0\DR0\Partition1

01:55:55.0484 2100  \Device\Harddisk0\DR0\Partition1 - ok

01:55:55.0484 2100  ============================================================

01:55:55.0484 2100  Scan finished

01:55:55.0484 2100  ============================================================

01:55:55.0484 3804  Detected object count: 0

01:55:55.0484 3804  Actual detected object count: 0

01:56:38.0171 0356  Deinitialize success

Und Schritt 4 die beiden logfiles von DDS:

dds.txt

Code:

DDS (Ver_2012-11-20.01) - NTFS_x86 

Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 1.6.0_22

Run by Fabian at 1:58:33 on 2013-03-02

#Option MBR scan  is disabled.

.

============== Running Processes ================

.

C:\Programme\Avira\AntiVir Desktop\avguard.exe

C:\Programme\Avira\AntiVir Desktop\avshadow.exe

C:\Programme\Intel\Wireless\Bin\EvtEng.exe

C:\Programme\Intel\Wireless\Bin\S24EvMon.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Programme\Avira\AntiVir Desktop\sched.exe

C:\Programme\Bonjour\mDNSResponder.exe

C:\Programme\Java\jre6\bin\jqs.exe

C:\Programme\M-Audio\MIDISPORT\AudioDevMon.exe

C:\Programme\Gemeinsame Dateien\Native Instruments\Hardware\NIHardwareService.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Programme\Intel\Wireless\Bin\RegSrvc.exe

C:\Programme\SigmaTel\C-Major Audio\WDM\StacSV.exe

C:\Programme\Intel\Intel Matrix Storage Manager\IAANTMon.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Programme\Intel\Intel Matrix Storage Manager\iaanotif.exe

C:\Programme\Avira\AntiVir Desktop\avgnt.exe

C:\WINDOWS\system32\rundll32.exe

C:\programme\real\realplayer\update\realsched.exe

C:\WINDOWS\system32\ctfmon.exe

c:\programme\real\realplayer\RealPlay.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k bthsvcs

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

.

============== Pseudo HJT Report ===============

.

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\programme\gemeinsame dateien\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\dokumente und einstellungen\all users\anwendungsdaten\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\programme\microsoft office\office12\GrooveShellExtensions.dll

BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\programme\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\programme\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\programme\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\programme\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - c:\programme\yontoo\YontooIEClient.dll

TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\programme\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll

TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\programme\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll

EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - c:\programme\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll

uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe

uRun: [Winsplit] c:\programme\winsplit revolution\WinSplit.exe

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [IAAnotif] c:\programme\intel\intel matrix storage manager\iaanotif.exe

mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k

mRun: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE

mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

mRun: [avgnt] "c:\programme\avira\antivir desktop\avgnt.exe" /min

mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

mRun: [TkBellExe] "c:\programme\real\realplayer\update\realsched.exe"  -osboot

mRun: [oKJlROuTVCyA.exe] c:\dokumente und einstellungen\all users\anwendungsdaten\oKJlROuTVCyA.exe

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

dRunOnce: [nltide_2] regsvr32 /s /n /i:U shell32

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

uPolicies-Explorer: NoDriveAutoRun = dword:0

uPolicies-Explorer: HonorAutorunSetting = dword:0

mPolicies-Explorer: NoDriveAutoRun = dword:0

mPolicies-Explorer: HonorAutorunSetting = dword:0

mPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-System: DisableTaskMgr = dword:1

mPolicies-Explorer: NoDriveTypeAutoRun = dword:145

IE: An vorhandenes PDF anfügen - c:\programme\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - c:\programme\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - c:\programme\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Auswahl in Adobe PDF konvertieren - c:\programme\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Auswahl in vorhandene PDF-Datei konvertieren - c:\programme\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: In Adobe PDF konvertieren - c:\programme\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Verknüpfungsziel in Adobe PDF konvertieren - c:\programme\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - c:\programme\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\programme\microsoft office\office12\ONBttnIE.dll

IE: {7F9DB11C-E358-4ca6-A83D-ACC663939424} - {9999A076-A9E2-4C99-8A2B-632FC9429223}

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\programme\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{83E029AE-5B74-4D6A-AD72-6040330E6174} : DHCPNameServer = 192.168.1.1

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\programme\microsoft office\office12\GrooveSystemServices.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\programme\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\programme\gemeinsame dateien\skype\Skype4COM.dll

Notify: LBTWlgn - c:\programme\gemeinsame dateien\logitech\bluetooth\LBTWlgn.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\programme\microsoft office\office12\GrooveShellExtensions.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\dokumente und einstellungen\fabian\anwendungsdaten\mozilla\firefox\profiles\jtg2mjlz.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/

FF - component: c:\dokumente und einstellungen\all users\anwendungsdaten\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll

FF - component: c:\dokumente und einstellungen\all users\anwendungsdaten\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll

FF - component: c:\programme\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll

FF - plugin: c:\dokumente und einstellungen\all users\anwendungsdaten\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll

FF - plugin: c:\dokumente und einstellungen\all users\anwendungsdaten\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll

FF - plugin: c:\programme\adobe\reader 11.0\reader\air\nppdf32.dll

FF - plugin: c:\programme\amazon\mp3 downloader\npAmazonMP3DownloaderPlugin101753.dll

FF - plugin: c:\programme\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\programme\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_135.dll

.

---- FIREFOX POLICIES ----

FF - user.js: extentions.y2layers.installId - 78c19ad3-9e44-4c30-ac6e-6bdce489b7ba

FF - user.js: extentions.y2layers.defaultEnableAppsList - twittube,ezLooker,pagerage,buzzdock,toprelatedtopics

.

FF - user.js: extensions.autoDisableScopes - 14

.

============= SERVICES / DRIVERS ===============

.

R? automap;Automap MIDI Driver Service

R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86

R? MADFUMIDISPORT2010;Service for M-Audio MIDISPORT DFU

R? MagixASIODrv;MAGIX_ASIO_BoostDriver

R? MBAMProtector;MBAMProtector

R? MBAMScheduler;MBAMScheduler

R? MBAMService;MBAMService

R? NvnUsbAudio;Novation USB Audio Driver

R? rrau0001;rrau0001

R? rrau0002;rrau0002

R? rrwd0001;rrwd0001

R? rrwd0002;rrwd0002

R? SkypeUpdate;Skype Updater

R? VUAgent;VUAgent

R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0

S? AntiVirSchedulerService;Avira Planer

S? AntiVirService;Avira Echtzeit Scanner

S? avgntflt;avgntflt

S? avkmgr;avkmgr

S? hotcore3;hc3ServiceName

S? Lbd;Lbd

S? MAUSBMIDISPORT;Service for M-Audio MIDISPORT

S? MIDISPORTAudioDevMon;MIDISPORT Audio Device Monitor

S? NIHardwareService;NIHardwareService

S? R5U870FLx86;R5U870 UVC Lower Filter  

S? R5U870FUx86;R5U870 UVC Upper Filter  

S? ti21sony;ti21sony

.

=============== Created Last 30 ================

.

2013-03-01 18:18:20        --------        d-----w-        c:\dokumente und einstellungen\fabian\anwendungsdaten\Malwarebytes

2013-03-01 18:17:47        --------        d-----w-        c:\dokumente und einstellungen\all users\anwendungsdaten\Malwarebytes

2013-03-01 18:17:45        21104        ----a-w-        c:\windows\system32\drivers\mbam.sys

2013-03-01 18:17:45        --------        d-----w-        c:\programme\Malwarebytes' Anti-Malware

2013-02-14 14:47:43        --------        d--h--w-        c:\dokumente und einstellungen\fabian\anwendungsdaten\Winsplit Revolution

2013-02-14 14:47:30        --------        d--h--w-        c:\programme\WinSplit Revolution

.

==================== Find3M  ====================

.

2012-12-19 12:56:37        73656        ---ha-w-        c:\windows\system32\FlashPlayerCPLApp.cpl

2012-12-19 12:56:37        697272        ---ha-w-        c:\windows\system32\FlashPlayerApp.exe

.

============= FINISH:  1:59:07,06 ===============

und attach.txt

Code:

.

==== Installed Programs ======================

.

Adobe Acrobat 8 Professional - English, Français, Deutsch

Adobe After Effects CS3

Adobe After Effects CS3 Presets

Adobe After Effects CS3 Third Party Content

Adobe Anchor Service CS3

Adobe Asset Services CS3

Adobe Bridge CS3

Adobe Bridge Start Meeting

Adobe BridgeTalk Plugin CS3

Adobe Camera Raw 4.0

Adobe CMaps

Adobe Color - Photoshop Specific

Adobe Color Common Settings

Adobe Color EU Recommended Settings

Adobe Color JA Extra Settings

Adobe Color NA Extra Settings

Adobe Creative Suite 3 Master Collection

Adobe Creative Suite 3 Master Collection hinzufügen oder entfernen

Adobe Default Language CS3

Adobe Device Central CS3

Adobe ExtendScript Toolkit 2

Adobe Extension Manager CS3

Adobe Flash Player 11 Plugin

Adobe Flash Player 9 ActiveX

Adobe Fonts All

Adobe Help Viewer CS3

Adobe InDesign CS3 Icon Handler

Adobe Linguistics CS3

Adobe MotionPicture Color Files

Adobe PDF Library Files

Adobe Photoshop CS3

Adobe Premiere Pro CS3

Adobe Premiere Pro CS3 Functional Content

Adobe Premiere Pro CS3 Third Party Content

Adobe Reader XI - Deutsch

Adobe Setup

Adobe SING CS3

Adobe Stock Photos CS3

Adobe Type Support

Adobe Update Manager CS3

Adobe Version Cue CS3 Client

Adobe Video Profiles

Adobe WAS CS3

Adobe WinSoft Linguistics Plugin

Adobe XMP DVA Panels CS3

Adobe XMP Panels CS3

AHV content for Acrobat and Flash

AiO_Scan_CDA

AiOSoftwareNPI

Amazon MP3-Downloader 1.0.17

Apple Application Support

Apple Software Update

Applied Acoustics Lounge Lizard EP VSTi DXi v3.0

Arturia minimoog V v1.6

ASAPI

AudioEase Altiverb VST RTAS v6.12

Automap ReWire 1.0

Avira Free Antivirus

BioTrace+ for NeXus-4  V2010A  DE

Bonjour

BufferChm

CDDRV_Installer

Citavi

Destinations

DeviceManagementQFolder

Dropbox

EDIROL FA-101 Driver

EDIROL FA-66 Driver

eSupportQFolder

F300

F300_Help

FabFilter Pro-C VST RTAS v1.0.1

FabFilter Timeless VST RTAS v1.01

FabFilter Twin VST RTAS v1.21

FabFilter Volcano v1.20 VST

Fax_CDA

FILSHtray Version 0.11

FilterLab 2.0

FreeMind

HDAUDIO SoftV92 Data Fax Modem with SmartCP

High-Definition Video Playback 10

High Definition Audio Driver Package - KB835221

Hotfix für Windows XP (KB942288-v3)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB960043)

Hotfix for Windows XP (KB954550-v5)

HP Imaging Device Functions 7.0

HP Photosmart, Officejet and Deskjet 7.0.A

HP Software Update

HP Solution Center 7.0

HPPhotoSmartExpress

HPProductAssistant

InstantShareDevicesMFC

Intel(R) PRO Network Connections Drivers

Intel(R) PROSet/Wireless Software

Intel® Matrix Storage Manager

Java Auto Updater

Java(TM) 6 Update 22

JDownloader

KhalInstallWrapper

Korg Legacy Collection v1.1.10

Live 8.0.9

Logitech Registration

Logitech SetPoint

M-Audio MIDISPORT Driver 6.1.2 (x86)

Magix Sequoia v7.22

Malwarebytes Anti-Malware Version 1.70.0.1100

mCore

mDriver

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Client Profile DEU Language Pack

Microsoft .NET Framework 4 Extended

Microsoft .NET Framework 4 Extended DEU Language Pack

Microsoft Kernel-Mode Driver Framework Feature Pack 1.5

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Primary Interoperability Assemblies 2005

Microsoft Software Update for Web Folders  (English) 12

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

mMHouse

Moog Modular V v2.2

Mozilla Firefox 19.0 (x86 de)

Mozilla Maintenance Service

mPfMgr

mProSafe

MSXML 4.0 SP2 (KB954430)

mWlsSafe

mXML

MyMicroBalance

Native Instruments Abbey Road 60s Drums

Native Instruments Absynth 5

Native Instruments Acoustic Refractions

Native Instruments B4 II

Native Instruments Battery 3

Native Instruments Berlin Concert Grand

Native Instruments Controller Editor

Native Instruments ElektrikPiano (remove only)

Native Instruments FM8

Native Instruments Guitar Rig 4

Native Instruments Guitar Rig 5

Native Instruments Komplete 7

Native Instruments Kontakt 4

Native Instruments Kore Player

Native Instruments Massive

Native Instruments New York Concert Grand

Native Instruments Pro-53

Native Instruments Rammfire

Native Instruments Reaktor 5

Native Instruments Reaktor Prism

Native Instruments Reaktor Spark R2

Native Instruments Reflektor

Native Instruments Scarbee A-200

Native Instruments Scarbee Clavinet Pianet

Native Instruments Scarbee Mark I

Native Instruments Scarbee MM-Bass

Native Instruments Service Center

Native Instruments The Finger R2

Native Instruments Traktors 12

Native Instruments Upright Piano

Native Instruments Vienna Concert Grand

Native Instruments Vintage Organs

Nero 10 Menu TemplatePack Basic

Nero 10 Movie ThemePack Basic

Nero BackItUp 10 Help (CHM)

Nero Burning ROM 10

Nero BurningROM 10 Help (CHM)

Nero BurnRights 10 Help (CHM)

Nero Control Center 10

Nero ControlCenter 10 Help (CHM)

Nero Core Components 10

Nero CoverDesigner 10 Help (CHM)

Nero DiscSpeed 10

Nero DiscSpeed 10 Help (CHM)

Nero Dolby Files 10

Nero Express 10

Nero Express 10 Help (CHM)

Nero InfoTool 10 Help (CHM)

Nero MediaHub 10 Help (CHM)

Nero Multimedia Suite 10

Nero Recode 10

Nero Recode 10 Help (CHM)

Nero RescueAgent 10 Help (CHM)

Nero SoundTrax 10 Help (CHM)

Nero StartSmart 10 Help (CHM)

Nero Vision 10 Help (CHM)

Nero WaveEditor 10 Help (CHM)

NewCopy_CDA

NVIDIA Drivers

Paragon Backup & Recovery™ 10 Free Edition

PDF Settings

Phoscyon 1.8.0

ProductContextNPI

pschmid.net Ltd. - RibbonCustomizer Add-In

PSP Lexicon PSP 42 v1.2

PSP VintageWarmer2 2.3.1 32bit

QuickTime

Readme

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealPlayer

RealUpgrade 1.1

ReCycle v2.1

Rob Papen Albino 3

Samsung_MonSetup

Scan

ScannerCopy

Sicherheitsupdate für Windows Internet Explorer 7 (KB938127-v2)

Sicherheitsupdate für Windows Internet Explorer 7 (KB950759)

Sicherheitsupdate für Windows Internet Explorer 7 (KB953838)

Sicherheitsupdate für Windows Internet Explorer 7 (KB956390)

Sicherheitsupdate für Windows Internet Explorer 8 (KB971961)

Sicherheitsupdate für Windows Internet Explorer 8 (KB972260)

Sicherheitsupdate für Windows Internet Explorer 8 (KB981332)

Sicherheitsupdate für Windows Media Player (KB952069)

Sicherheitsupdate für Windows Media Player (KB954155)

Sicherheitsupdate für Windows Media Player (KB968816)

Sicherheitsupdate für Windows Media Player (KB973540)

Sicherheitsupdate für Windows Media Player 11 (KB954154)

Sicherheitsupdate für Windows XP (KB923561)

Sicherheitsupdate für Windows XP (KB923789)

Sicherheitsupdate für Windows XP (KB941569)

Sicherheitsupdate für Windows XP (KB946648)

Sicherheitsupdate für Windows XP (KB950760)

Sicherheitsupdate für Windows XP (KB950762)

Sicherheitsupdate für Windows XP (KB951376-v2)

Sicherheitsupdate für Windows XP (KB951698)

Sicherheitsupdate für Windows XP (KB951748)

Sicherheitsupdate für Windows XP (KB952004)

Sicherheitsupdate für Windows XP (KB953155)

Sicherheitsupdate für Windows XP (KB953839)

Sicherheitsupdate für Windows XP (KB956391)

Sicherheitsupdate für Windows XP (KB956572)

Sicherheitsupdate für Windows XP (KB956744)

Sicherheitsupdate für Windows XP (KB956802)

Sicherheitsupdate für Windows XP (KB956844)

Sicherheitsupdate für Windows XP (KB958869)

Sicherheitsupdate für Windows XP (KB959426)

Sicherheitsupdate für Windows XP (KB960225)

Sicherheitsupdate für Windows XP (KB960803)

Sicherheitsupdate für Windows XP (KB960859)

Sicherheitsupdate für Windows XP (KB961501)

Sicherheitsupdate für Windows XP (KB969059)

Sicherheitsupdate für Windows XP (KB969947)

Sicherheitsupdate für Windows XP (KB970238)

Sicherheitsupdate für Windows XP (KB970483)

Sicherheitsupdate für Windows XP (KB971468)

Sicherheitsupdate für Windows XP (KB971657)

Sicherheitsupdate für Windows XP (KB972270)

Sicherheitsupdate für Windows XP (KB973354)

Sicherheitsupdate für Windows XP (KB973507)

Sicherheitsupdate für Windows XP (KB973869)

Sicherheitsupdate für Windows XP (KB973904)

Sicherheitsupdate für Windows XP (KB974112)

Sicherheitsupdate für Windows XP (KB974318)

Sicherheitsupdate für Windows XP (KB974392)

Sicherheitsupdate für Windows XP (KB974571)

Sicherheitsupdate für Windows XP (KB975025)

Sicherheitsupdate für Windows XP (KB975254)

Sicherheitsupdate für Windows XP (KB975467)

Sicherheitsupdate für Windows XP (KB975560)

Sicherheitsupdate für Windows XP (KB975561)

Sicherheitsupdate für Windows XP (KB975713)

Sicherheitsupdate für Windows XP (KB976323)

Sicherheitsupdate für Windows XP (KB977816)

Sicherheitsupdate für Windows XP (KB977914)

Sicherheitsupdate für Windows XP (KB978037)

Sicherheitsupdate für Windows XP (KB978262)

Sicherheitsupdate für Windows XP (KB978338)

Sicherheitsupdate für Windows XP (KB978601)

Sicherheitsupdate für Windows XP (KB978706)

Sicherheitsupdate für Windows XP (KB979309)

Sicherheitsupdate für Windows XP (KB979683)

Sicherheitsupdate für Windows XP (KB980232)

SigmaTel Audio

Skype Click to Call

Skype™ 6.2

SolutionCenter

Sonnox Oxford R3 Dynamics Native VST v1.3.1

Sonnox Oxford R3 EQ Native VST v1.6.1

Sonnox Oxford Reverb Native VST v1.0

Status

Toolbox

TransMac version 10.2

TrayApp

Update für Windows Internet Explorer 8 (KB980182)

Update für Windows XP (KB898461)

Update für Windows XP (KB943729)

Update für Windows XP (KB951978)

Update für Windows XP (KB973815)

VAIO Camera Capture Utility

VAIO Update 5

Visual C++ 2008 x86 Runtime - (v9.0.30729)

Visual C++ 2008 x86 Runtime - v9.0.30729.01

VLC media player 2.0.1

Waves Mercury Bundle

Waves SSL Collection v1.2

WebFldrs XP

WebReg

Windows-Treiberpaket - Ricoh R5U870 (UVC)  (11/07/2006 6.1003.206.0)

Windows Driver Package - Intel net  (10/30/2006 10.6.0.29)

Windows Driver Package - Intel net  (11/01/2006 9.1.0.111)

Windows Genuine Advantage Notifications (KB905474)

Windows Internet Explorer 8

Windows Media Format 11 runtime

Windows Media Player 11

Windows Media Player Firefox Plugin

WinRAR

WinSplit Revolution (v11.04)

WISO Steuer-Sparbuch 2012

WISO Steuer-Sparbuch 2013

Yontoo 1.10.02

YourFileDownloader

.

==== End Of File ===========================

Wirklich vielen Dank für deine Mühen!:dankeschoen:

Alles klar, leider konnte ich keine Internetvrbindung herstellen und habe danach auf eigenes Risko ohne weitergemacht.

Der Desktop ist auf jednefall schon mal wieder sichtbar und alle Programme auch!

Hier das logfile des adwcleaner:

Code:

# AdwCleaner v2.113 - Datei am 02/03/2013 um 12:20:13 erstellt

# Aktualisiert am 23/02/2013 von Xplode

# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)

# Benutzer : Fabian - GROOVEBOX

# Bootmodus : Normal

# Ausgeführt unter : C:\Dokumente und Einstellungen\Fabian\Desktop\adwcleaner.exe

# Option [Löschen]
 
 

**** [Dienste] ****
 
 

***** [Dateien / Ordner] *****
 

Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Tarma Installer

Ordner Gelöscht : C:\Dokumente und Einstellungen\Fabian\Anwendungsdaten\Mozilla\Firefox\Profiles\jtg2mjlz.default\jetpack

Ordner Gelöscht : C:\Dokumente und Einstellungen\Fabian\Anwendungsdaten\yourfiledownloader

Ordner Gelöscht : C:\Programme\yourfiledownloader
 

***** [Registrierungsdatenbank] *****
 

Schlüssel Gelöscht : HKCU\Software\1ClickDownload

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\YourFileDownloader

Schlüssel Gelöscht : HKCU\Software\Softonic

Schlüssel Gelöscht : HKCU\Software\YourFileDownloader

Schlüssel Gelöscht : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh

Schlüssel Gelöscht : HKLM\Software\Iminent

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\1ClickDownloader

Schlüssel Gelöscht : HKLM\Software\Tarma Installer

Schlüssel Gelöscht : HKLM\Software\YourFileDownloader
 

***** [Internet Browser] *****
 

-\\ Internet Explorer v8.0.6001.18702
 

[OK] Die Registrierungsdatenbank ist sauber.
 

-\\ Mozilla Firefox v19.0 (de)
 

Datei : C:\Dokumente und Einstellungen\Fabian\Anwendungsdaten\Mozilla\Firefox\Profiles\jtg2mjlz.default\prefs.js
 

C:\Dokumente und Einstellungen\Fabian\Anwendungsdaten\Mozilla\Firefox\Profiles\jtg2mjlz.default\user.js ... Gelöscht !
 

[OK] Die Datei ist sauber.
 

*************************
 

AdwCleaner[S1].txt - [2635 octets] - [02/03/2013 12:20:13]
 

########## EOF - C:\AdwCleaner[S1].txt - [2695 octets] ##########

Hier das logfile vom combofix:

Code:

ComboFix 13-03-01.01 - Fabian 02.03.2013  12:39:22.1.2 - x86

Microsoft Windows XP Professional  5.1.2600.3.1252.49.1031.18.2046.1477 [GMT 1:00]

ausgeführt von:: c:\dokumente und einstellungen\Fabian\Desktop\ComboFix.exe

.

Achtung - Auf diesem PC ist keine Wiederherstellungskonsole installiert !!

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\dokumente und einstellungen\All Users\Anwendungsdaten\oKJlROuTVCyA

c:\dokumente und einstellungen\All Users\Anwendungsdaten\Propellerhead Software\ReCycle

c:\dokumente und einstellungen\All Users\Anwendungsdaten\Propellerhead Software\ReCycle\ReCycle210.dat

c:\dokumente und einstellungen\Fabian\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\System Repair.lnk

c:\dokumente und einstellungen\Fabian\Anwendungsdaten\Propellerhead Software\ReCycle

c:\dokumente und einstellungen\Fabian\Anwendungsdaten\Propellerhead Software\ReCycle\ReCycle Preferences File.prf

c:\dokumente und einstellungen\Fabian\Desktop\System Repair.lnk

C:\Install.exe

c:\programme\xp-AntiSpy

c:\programme\xp-AntiSpy\xp-AntiSpy.exe

.

.

(((((((((((((((((((((((   Dateien erstellt von 2013-02-02 bis 2013-03-02  ))))))))))))))))))))))))))))))

.

.

2013-03-01 18:18 . 2013-03-01 18:18        --------        d-----w-        c:\dokumente und einstellungen\Fabian\Anwendungsdaten\Malwarebytes

2013-03-01 18:17 . 2013-03-01 18:17        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes

2013-03-01 18:17 . 2013-03-01 18:17        --------        d-----w-        c:\programme\Malwarebytes' Anti-Malware

2013-03-01 18:17 . 2012-12-14 15:49        21104        ----a-w-        c:\windows\system32\drivers\mbam.sys

2013-02-19 20:56 . 2013-02-19 20:56        --------        d--h--w-        c:\programme\Gemeinsame Dateien\Skype

2013-02-14 14:47 . 2013-02-18 19:38        --------        d--h--w-        c:\dokumente und einstellungen\Fabian\Anwendungsdaten\Winsplit Revolution

2013-02-14 14:47 . 2013-02-14 14:47        --------        d--h--w-        c:\programme\WinSplit Revolution

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-12-19 12:56 . 2012-04-03 18:36        697272        ---ha-w-        c:\windows\system32\FlashPlayerApp.exe

2012-12-19 12:56 . 2011-10-24 07:14        73656        ---ha-w-        c:\windows\system32\FlashPlayerCPLApp.cpl

2013-02-19 17:31 . 2013-02-19 17:31        263064        ---ha-w-        c:\programme\mozilla firefox\components\browsercomps.dll

.

.

------- Sigcheck -------

Note: Unsigned files aren't necessarily malware.

.

[-] 2008-07-08 . 451D0981F4CCA5697307AF90D799BDC3 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32        129272        ---ha-w-        c:\dokumente und einstellungen\Fabian\Anwendungsdaten\Dropbox\bin\DropboxExt.17.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32        129272        ---ha-w-        c:\dokumente und einstellungen\Fabian\Anwendungsdaten\Dropbox\bin\DropboxExt.17.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32        129272        ---ha-w-        c:\dokumente und einstellungen\Fabian\Anwendungsdaten\Dropbox\bin\DropboxExt.17.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32        129272        ---ha-w-        c:\dokumente und einstellungen\Fabian\Anwendungsdaten\Dropbox\bin\DropboxExt.17.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Winsplit"="c:\programme\WinSplit Revolution\WinSplit.exe" [2011-04-12 3951616]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-07-06 86016]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-07-06 7561216]

"IAAnotif"="c:\programme\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-12-04 186904]

"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]

"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]

"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2012-08-08 348664]

"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]

"TkBellExe"="c:\programme\real\realplayer\update\realsched.exe" [2011-06-27 273544]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"nltide_2"="shell32" [X]

.

c:\dokumente und einstellungen\Fabian\Startmenü\Programme\Autostart\

Dropbox.lnk - c:\dokumente und einstellungen\Fabian\Anwendungsdaten\Dropbox\bin\Dropbox.exe [2013-2-15 29428904]

OneNote 2007 Screen Clipper and Launcher.lnk - c:\programme\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"HonorAutorunSetting"= 0 (0x0)

.

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"HonorAutorunSetting"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]

2009-07-20 07:58        72208        ---ha-w-        c:\programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTWLgn.dll

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

@=""

.

[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^HP Digital Imaging Monitor.lnk]

path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\HP Digital Imaging Monitor.lnk

backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^WISO Mein Steuer-Sparbuch heute.lnk]

path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\WISO Mein Steuer-Sparbuch heute.lnk

backup=c:\windows\pss\WISO Mein Steuer-Sparbuch heute.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^Fabian^Startmenü^Programme^Autostart^Dropbox.lnk]

path=c:\dokumente und einstellungen\Fabian\Startmenü\Programme\Autostart\Dropbox.lnk

backup=c:\windows\pss\Dropbox.lnkStartup

.

[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^Fabian^Startmenü^Programme^Autostart^Logitech-Produktregistrierung.lnk]

path=c:\dokumente und einstellungen\Fabian\Startmenü\Programme\Autostart\Logitech-Produktregistrierung.lnk

backup=c:\windows\pss\Logitech-Produktregistrierung.lnkStartup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]

2007-05-10 20:46        624248        ---ha-w-        c:\programme\Adobe\Acrobat 8.0\Acrobat\acrotray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2012-09-23 19:43        926896        ---ha-w-        c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]

2012-10-11 20:56        59280        ---ha-w-        c:\programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]

2010-04-01 09:16        357696        ---ha-w-        c:\programme\DAEMON Tools Lite\DTLite.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FILSHtray]

2012-02-06 10:09        597504        ---ha-w-        c:\programme\FILSHtray\FILSHtray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]

2006-10-26 20:17        31016        -c-ha-w-        c:\programme\Microsoft Office\Office12\GrooveMonitor.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

2006-02-18 22:11        49152        -c-ha-w-        c:\programme\HP\HP Software Update\hpwuSchd2.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISBMgr.exe]

2006-11-11 11:05        43128        -c-ha-w-        c:\programme\Sony\ISB Utility\ISBMgr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2012-10-25 02:12        421888        ---ha-w-        c:\programme\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

2013-02-07 12:14        17706088        ---ha-r-        c:\programme\Skype\Phone\Skype.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2010-05-14 07:14        248552        -c-ha-w-        c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]

2011-06-27 17:08        273544        ---ha-w-        c:\programme\Real\RealPlayer\Update\realsched.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIO Update 5]

2009-12-08 16:34        1324400        ---ha-w-        c:\programme\Sony\VAIO Update 5\VAIOUpdt.exe

.

R0 hotcore3;hc3ServiceName;c:\windows\system32\drivers\hotcore3.sys [19.04.2010 21:44 40560]

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [19.04.2010 21:57 64288]

R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [04.05.2012 15:47 36000]

R2 AntiVirSchedulerService;Avira Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [04.05.2012 15:47 86224]

R2 MIDISPORTAudioDevMon;MIDISPORT Audio Device Monitor;c:\programme\M-Audio\MIDISPORT\AudioDevMon.exe [06.10.2010 15:45 1636872]

R2 NIHardwareService;NIHardwareService;c:\programme\Gemeinsame Dateien\Native Instruments\Hardware\NIHardwareService.exe [07.04.2011 16:33 3857408]

R3 MAUSBMIDISPORT;Service for M-Audio MIDISPORT;c:\windows\system32\drivers\MAudioMIDISPORT.sys [22.06.2011 15:55 169224]

R3 R5U870FLx86;R5U870 UVC Lower Filter  ;c:\windows\system32\drivers\R5U870FLx86.sys [20.04.2010 20:34 72704]

R3 R5U870FUx86;R5U870 UVC Upper Filter  ;c:\windows\system32\drivers\R5U870FUx86.sys [20.04.2010 20:34 43904]

R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [19.04.2010 21:11 226304]

S2 MBAMScheduler;MBAMScheduler;c:\programme\Malwarebytes' Anti-Malware\mbamscheduler.exe [01.03.2013 19:17 398184]

S2 MBAMService;MBAMService;c:\programme\Malwarebytes' Anti-Malware\mbamservice.exe [01.03.2013 19:17 682344]

S2 SkypeUpdate;Skype Updater;c:\programme\Skype\Updater\Updater.exe [07.02.2013 13:10 161384]

S3 automap;Automap MIDI Driver Service;c:\windows\system32\drivers\automap.sys [21.04.2010 20:46 7168]

S3 MADFUMIDISPORT2010;Service for M-Audio MIDISPORT DFU;c:\windows\system32\drivers\MAudioMIDISPORT_DFU.sys [22.06.2011 15:55 23304]

S3 MagixASIODrv;MAGIX_ASIO_BoostDriver;c:\programme\Magix\Sequoia7\mxasio.sys [06.06.2010 08:47 4899]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [01.03.2013 19:17 21104]

S3 NvnUsbAudio;Novation USB Audio Driver;c:\windows\system32\drivers\nvnusbaudio.sys [21.04.2010 20:46 31232]

S3 rrau0001;rrau0001;c:\windows\system32\drivers\rrau0001.sys [03.06.2011 10:01 24576]

S3 rrau0002;rrau0002;c:\windows\system32\drivers\rrau0002.sys [21.04.2010 11:27 24576]

S3 rrwd0001;rrwd0001;c:\windows\system32\drivers\rrwd0001.sys [03.06.2011 10:01 71936]

S3 rrwd0002;rrwd0002;c:\windows\system32\drivers\rrwd0002.sys [21.04.2010 11:27 97280]

S3 VUAgent;VUAgent;c:\programme\Sony\VAIO Update 5\VUAgent.exe [21.04.2010 09:06 673136]

S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [21.04.2010 09:47 691696]

.

Inhalt des "geplante Tasks" Ordners

.

2013-03-02 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1645522239-261478967-1417001333-1003.job

- c:\programme\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]

.

2013-02-24 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1645522239-261478967-1417001333-1003.job

- c:\programme\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]

.

.

------- Zusätzlicher Suchlauf -------

.

uInternet Settings,ProxyOverride = *.local

IE: An vorhandenes PDF anfügen - c:\programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - c:\programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - c:\programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Auswahl in Adobe PDF konvertieren - c:\programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Auswahl in vorhandene PDF-Datei konvertieren - c:\programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: In Adobe PDF konvertieren - c:\programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Verknüpfungsziel in Adobe PDF konvertieren - c:\programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - c:\programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

FF - ProfilePath - c:\dokumente und einstellungen\Fabian\Anwendungsdaten\Mozilla\Firefox\Profiles\jtg2mjlz.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

HKLM-Run-oKJlROuTVCyA.exe - c:\dokumente und einstellungen\All Users\Anwendungsdaten\oKJlROuTVCyA.exe

MSConfigStartUp-Adobe Reader Speed Launcher - c:\programme\Adobe\Reader 9.0\Reader\Reader_sl.exe

MSConfigStartUp-NBAgent - c:\programme\Nero\Nero 10\Nero BackItUp\NBAgent.exe

MSConfigStartUp-SanDiskSecureAccess_Manager - c:\dokumente und einstellungen\Fabian\Anwendungsdaten\SanDisk\SanDiskSecureAccess_Manager.exe

MSConfigStartUp-VAIOCameraUtility - c:\programme\Sony\VAIO Camera Utility\VCUServe.exe

AddRemove-EDIROL FA-101 Driver Setup - c:\programme\EDIROL\FA-101\uninst.exe Software\EDIROL\FA-101\Setup

AddRemove-EDIROL FA-66 Driver Setup - c:\programme\EDIROL\FA-66\uninst.exe Software\EDIROL\FA-66\Setup

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net

Rootkit scan 2013-03-02 12:57

Windows 5.1.2600 Service Pack 3 NTFS

.

Scanne versteckte Prozesse... 

.

Scanne versteckte Autostarteinträge... 

.

Scanne versteckte Dateien... 

.

Scan erfolgreich abgeschlossen

versteckte Dateien: 0

.

**************************************************************************

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_USERS\S-1-5-21-1645522239-261478967-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FB015181-B334-2F0D-CB09-8DDDE788FA4D}*]

@Allowed: (Read) (RestrictedCode)

@Allowed: (Read) (RestrictedCode)

"papheonmfnnajlhnpmmfonhjkejjddib"=hex:6a,61,6d,65,61,70,61,62,68,6e,65,6d,67,

   69,6a,62,6f,6b,6d,70,00,f4

"oajhocifjpmbnpbffjedfbddnglanl"=hex:6a,61,6d,65,61,70,61,62,68,6e,65,6d,67,69,

   6a,62,6f,6b,6d,70,00,f4

.

--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

.

- - - - - - - > 'winlogon.exe'(884)

c:\programme\gemeinsame dateien\logitech\bluetooth\LBTWlgn.dll

c:\programme\gemeinsame dateien\logitech\bluetooth\LBTServ.dll

.

Zeit der Fertigstellung: 2013-03-02  13:05:15

ComboFix-quarantined-files.txt  2013-03-02 12:05

.

Vor Suchlauf: 1 Verzeichnis(se), 16.527.572.992 Bytes frei

Nach Suchlauf: 12 Verzeichnis(se), 17.526.853.632 Bytes frei

.

- - End Of File - - 8147BC29BEF8F8D605887CE4878993B4

Gruß

F.