Trojaner-Board - Windows gesperrt

hier das Log:

Code:

OTL logfile created on: 12.02.2012 20:55:19 - Run 1

OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\LFZL\Downloads

Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.19170)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

1,96 Gb Total Physical Memory | 1,52 Gb Available Physical Memory | 77,57% Memory free

4,14 Gb Paging File | 3,86 Gb Available in Paging File | 93,19% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 111,79 Gb Total Space | 58,56 Gb Free Space | 52,38% Space Free | Partition Type: NTFS

 

Computer Name: LFZL-LAPTOP | User Name: LFZL | Logged in as Administrator.

Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2012.02.12 20:53:25 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\LFZL\Downloads\OTL.exe

PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2008.01.21 03:35:20 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2011.03.29 04:00:34 | 000,047,032 | ---- | M] () -- C:\Programme\OpenAFS\Client\Program\afs_shl_ext_1032.dll

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2011.08.03 21:43:45 | 000,645,048 | ---- | M] (Cisco Systems, Inc.) [Auto | Stopped] -- C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- (vpnagent)

SRV - [2011.07.01 09:04:37 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2011.05.02 09:10:33 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2011.03.29 03:55:18 | 000,672,184 | ---- | M] (OpenAFS Project) [Auto | Stopped] -- C:\Programme\OpenAFS\Client\Program\afsd_service.exe -- (TransarcAFSDaemon)

SRV - [2009.11.09 12:46:23 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)

SRV - [2008.09.22 16:27:54 | 000,237,657 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_60b78c9b\stacsv.exe -- (STacSV)

SRV - [2008.09.17 11:03:16 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Stopped] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_60b78c9b\AEstSrv.exe -- (AESTFilters)

SRV - [2008.08.15 05:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)

SRV - [2008.07.10 19:42:14 | 000,819,200 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)

SRV - [2008.07.10 19:12:40 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)

SRV - [2008.06.11 10:39:22 | 001,664,248 | ---- | M] (AuthenTec, Inc.) [Auto | Stopped] -- C:\Programme\Fingerprint Sensor\AtService.exe -- (ATService)

SRV - [2008.01.21 03:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - [2011.12.10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)

DRV - [2011.07.01 09:04:38 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)

DRV - [2011.07.01 09:04:38 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)

DRV - [2011.06.10 21:42:41 | 000,019,192 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vpnva.sys -- (vpnva)

DRV - [2009.05.11 08:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)

DRV - [2009.02.13 11:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)

DRV - [2008.09.22 16:28:54 | 000,389,632 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)

DRV - [2008.06.30 11:52:26 | 000,112,128 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)

DRV - [2008.06.26 05:30:50 | 003,662,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)

DRV - [2008.06.04 13:14:00 | 000,026,608 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\PBADRV.sys -- (PBADRV)

DRV - [2008.01.21 03:32:46 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\loop.sys -- (msloop)

DRV - [2007.02.24 13:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-21-506798161-1589815655-2423967585-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/

IE - HKU\S-1-5-21-506798161-1589815655-2423967585-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKU\S-1-5-21-506798161-1589815655-2423967585-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.startup.homepage: "https://klips.uni-koeln.de/"

FF - prefs.js..extensions.enabledItems: {8AA36F4F-6DC7-4c06-77AF-5035170634FE}:2010.01.21

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.4.2.20111006100951

 

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.12 00:18:50 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.12.05 09:19:19 | 000,000,000 | ---D | M]

 

[2009.08.27 21:00:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LFZL\AppData\Roaming\mozilla\Extensions

[2012.01.25 16:54:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LFZL\AppData\Roaming\mozilla\Firefox\Profiles\ndz5z1ho.default\extensions

[2011.09.06 21:39:18 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\LFZL\AppData\Roaming\mozilla\Firefox\Profiles\ndz5z1ho.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2012.01.25 16:54:38 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\LFZL\AppData\Roaming\mozilla\Firefox\Profiles\ndz5z1ho.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

[2011.12.05 09:19:24 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions

[2010.06.30 09:06:23 | 000,000,000 | ---D | M] ("Citavi Picker") -- C:\Programme\Mozilla Firefox\extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}

[2010.05.19 16:53:17 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}

[2012.02.12 00:18:49 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2010.09.15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

[2012.02.12 00:18:45 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml

[2012.02.12 00:18:45 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2012.02.12 00:18:45 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml

[2012.02.12 00:18:45 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml

[2012.02.12 00:18:44 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml

[2012.02.12 00:18:44 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

 
 ========== Chrome  ==========

 

CHR - default_search_provider: Google ()

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\13.0.782.112\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll

CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL

CHR - plugin: Chrome NaCl (Disabled) = C:\Program Files\Google\Chrome\Application\13.0.782.112\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\13.0.782.112\pdf.dll

CHR - plugin: GoogleChromeRemotePlugin (Enabled) = C:\Users\LFZL\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\GoogleChromeRemotePlugin.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

CHR - Extension: Linkury Smartbar = C:\Users\LFZL\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\

CHR - Extension: Linkury Smartbar = C:\Users\LFZL\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\Redirect

 

O1 HOSTS File: ([2011.04.14 16:40:16 | 000,000,781 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O1 - Hosts: ::1             localhost

O1 - Hosts: 10.254.254.253        AFS

O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKU\S-1-5-21-506798161-1589815655-2423967585-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O4 - HKLM..\Run: []  File not found

O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)

O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Programme\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray.exe (IDT, Inc.)

O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)

O4 - HKU\S-1-5-21-506798161-1589815655-2423967585-1000..\Run: [ffdwnd] C:\Users\LFZL\AppData\Local\Mozilla\Firefox\firefox.exe (Tomasz Pawlak)

O4 - HKU\S-1-5-21-506798161-1589815655-2423967585-1000..\Run: [Linkury Chrome Smartbar] C:\Program Files\Linkury\Linkury.exe (Linkury)

O4 - Startup: C:\Users\LFZL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\LFZL\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

O4 - Startup: C:\Users\LFZL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()

O8 - Extra context menu item: &Citavi Picker... - C:\Program Files\Internet Explorer\PLUGINS\Citavi Picker\ShowContextMenu.html ()

O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)

O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{129162E6-D6A7-4066-B90D-D688848B5347}: DhcpNameServer = 192.168.2.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{51095014-818F-42D7-9BA0-BC49B3EBFF75}: DhcpNameServer = 192.168.1.1 193.189.244.194 193.189.244.202

O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AfsLogon: DllName - (C:\Program Files\OpenAFS\Client\Program\afslogon.dll) - C:\Programme\OpenAFS\Client\Program\afslogon.dll (OpenAFS Project)

O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg

O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O33 - MountPoints2\{4b072f80-300a-11df-8869-0023ae1c1d50}\Shell\AutoRun\command - "" = E:\GORILA///mankisha.exe

O33 - MountPoints2\{4b072f80-300a-11df-8869-0023ae1c1d50}\Shell\open\command - "" = E:\GORILA///mankisha.exe

O33 - MountPoints2\{61325291-30d9-11df-99cb-0023ae1c1d50}\Shell\AutoRun\command - "" = E:\svira/svira32.exe

O33 - MountPoints2\{61325291-30d9-11df-99cb-0023ae1c1d50}\Shell\explore\command - "" = E:\svira/svira32.exe

O33 - MountPoints2\{61325291-30d9-11df-99cb-0023ae1c1d50}\Shell\open\command - "" = E:\.\svira/svira32.exe

O33 - MountPoints2\{c33c4987-cd21-11de-aa56-0023ae1c1d50}\Shell - "" = AutoRun

O33 - MountPoints2\{c33c4987-cd21-11de-aa56-0023ae1c1d50}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a

O33 - MountPoints2\{efd9fcc4-6a9e-11e0-8245-0023ae1c1d50}\Shell - "" = AutoRun

O33 - MountPoints2\{efd9fcc4-6a9e-11e0-8245-0023ae1c1d50}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: FastUserSwitchingCompatibility -  File not found

NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)

NetSvcs: Nla -  File not found

NetSvcs: Ntmssvc -  File not found

NetSvcs: NWCWorkstation -  File not found

NetSvcs: Nwsapagent -  File not found

NetSvcs: SRService -  File not found

NetSvcs: WmdmPmSp -  File not found

NetSvcs: LogonHours -  File not found

NetSvcs: PCAudit -  File not found

NetSvcs: helpsvc -  File not found

NetSvcs: uploadmgr -  File not found

 

 

SafeBootMin: AppMgmt - Service

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: NTDS -  File not found

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

SafeBootNet: AppMgmt - Service

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: Messenger - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: NTDS -  File not found

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: rdsessmgr - Service

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)

SafeBootNet: WudfPf - Driver

SafeBootNet: WudfUsbccidDriver - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

ActiveX: {07DC65EA-BD67-2129-FABC-5752F1D61F88} - 

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0

ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1

ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

 

CREATERESTOREPOINT

Error creating restore point.

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.02.12 17:07:06 | 000,000,000 | ---D | C] -- C:\Program Files\ESET

[2012.02.12 16:10:53 | 000,000,000 | ---D | C] -- C:\Users\LFZL\AppData\Roaming\Malwarebytes

[2012.02.12 16:10:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012.02.12 16:10:48 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2012.02.12 16:10:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2012.02.12 16:10:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012.02.10 18:55:19 | 000,000,000 | ---D | C] -- C:\Users\LFZL\Desktop\Publikation

[2012.02.10 11:01:20 | 000,000,000 | ---D | C] -- C:\Users\LFZL\AppData\Local\Microsoft Games

[2012.02.10 10:28:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco

[2012.02.02 17:21:38 | 000,000,000 | ---D | C] -- C:\Users\LFZL\Desktop\0_VortragKöln

[2012.02.01 13:27:47 | 000,000,000 | ---D | C] -- C:\Users\LFZL\Desktop\Lea

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.02.12 20:07:11 | 000,622,294 | ---- | M] () -- C:\Windows\System32\perfh007.dat

[2012.02.12 20:07:11 | 000,590,710 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2012.02.12 20:07:11 | 000,124,794 | ---- | M] () -- C:\Windows\System32\perfc007.dat

[2012.02.12 20:07:11 | 000,102,584 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2012.02.12 20:02:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012.02.12 20:00:24 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2012.02.12 20:00:23 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2012.02.12 19:55:51 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2012.02.12 19:55:51 | 000,000,366 | ---- | M] () -- C:\Windows\tasks\FinalTorrent Update Checker.job

[2012.02.12 17:25:42 | 000,000,680 | ---- | M] () -- C:\Users\LFZL\AppData\Local\d3d9caps.dat

[2012.02.12 16:10:49 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.02.12 13:41:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

 
 ========== Files Created - No Company Name ==========

 

[2012.02.12 16:10:49 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.01.31 15:57:11 | 000,193,864 | ---- | C] () -- C:\Users\LFZL\Desktop\brief_aspla_wentzlaff.ott

[2010.05.19 16:54:31 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2009.09.23 09:15:07 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin

[2009.09.23 09:15:06 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

[2009.09.03 09:42:20 | 000,039,424 | ---- | C] () -- C:\Users\LFZL\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009.08.28 02:25:07 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin

[2009.08.27 22:25:49 | 000,622,294 | ---- | C] () -- C:\Windows\System32\perfh007.dat

[2009.08.27 22:25:49 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat

[2009.08.27 22:25:49 | 000,124,794 | ---- | C] () -- C:\Windows\System32\perfc007.dat

[2009.08.27 22:25:49 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat

[2009.08.27 17:40:22 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll

[2009.08.27 17:40:21 | 002,192,024 | ---- | C] () -- C:\Windows\System32\igkrng500.bin

[2009.08.27 17:40:21 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1527.dll

[2009.08.27 17:40:20 | 000,495,376 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin

[2009.08.27 17:40:20 | 000,147,172 | ---- | C] () -- C:\Windows\System32\igfcg550.bin

[2009.08.27 15:32:49 | 000,080,368 | ---- | C] () -- C:\Windows\System32\pbadrvdll.dll

[2009.08.27 15:02:25 | 000,000,680 | ---- | C] () -- C:\Users\LFZL\AppData\Local\d3d9caps.dat

[2006.11.02 13:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2006.11.02 13:44:53 | 002,427,808 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT

[2006.11.02 11:33:01 | 000,590,710 | ---- | C] () -- C:\Windows\System32\perfh009.dat

[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat

[2006.11.02 11:33:01 | 000,102,584 | ---- | C] () -- C:\Windows\System32\perfc009.dat

[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat

[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat

[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT

[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

[2006.06.30 11:58:44 | 000,143,360 | ---- | C] () -- C:\Windows\System32\bioapi_mds300.dll

[2006.06.30 11:58:44 | 000,106,496 | ---- | C] () -- C:\Windows\System32\bioapi100.dll

 
 ========== LOP Check ==========

 

[2010.06.30 11:32:54 | 000,000,000 | ---D | M] -- C:\Users\LFZL\AppData\Roaming\Academic Software Zurich

[2011.08.10 14:55:36 | 000,000,000 | ---D | M] -- C:\Users\LFZL\AppData\Roaming\Canneverbe Limited

[2012.02.12 19:57:34 | 000,000,000 | ---D | M] -- C:\Users\LFZL\AppData\Roaming\Dropbox

[2011.11.23 19:27:16 | 000,000,000 | ---D | M] -- C:\Users\LFZL\AppData\Roaming\FinalTorrent

[2011.08.10 14:54:55 | 000,000,000 | ---D | M] -- C:\Users\LFZL\AppData\Roaming\OpenCandy

[2009.08.27 22:43:54 | 000,000,000 | ---D | M] -- C:\Users\LFZL\AppData\Roaming\OpenOffice.org

[2012.02.12 19:55:51 | 000,000,366 | ---- | M] () -- C:\Windows\Tasks\FinalTorrent Update Checker.job

[2012.02.12 20:00:15 | 000,032,558 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 

 
 < %ALLUSERSPROFILE%\Application Data\*. >

 
 < %ALLUSERSPROFILE%\Application Data\*.exe /s >

 
 < %APPDATA%\*. >

[2010.06.30 11:32:54 | 000,000,000 | ---D | M] -- C:\Users\LFZL\AppData\Roaming\Academic Software Zurich

[2011.11.23 20:32:18 | 000,000,000 | ---D | M] -- C:\Users\LFZL\AppData\Roaming\Adobe

[2010.03.29 14:06:50 | 000,000,000 | ---D | M] -- C:\Users\LFZL\AppData\Roaming\Avira

[2011.08.10 14:55:36 | 000,000,000 | ---D | M] -- C:\Users\LFZL\AppData\Roaming\Canneverbe Limited

[2012.02.12 19:57:34 | 000,000,000 | ---D | M] -- C:\Users\LFZL\AppData\Roaming\Dropbox

[2012.02.02 17:47:40 | 000,000,000 | ---D | M] -- C:\Users\LFZL\AppData\Roaming\dvdcss

[2011.11.23 19:27:16 | 000,000,000 | ---D | M] -- C:\Users\LFZL\AppData\Roaming\FinalTorrent

[2009.08.27 15:02:29 | 000,000,000 | ---D | M] -- C:\Users\LFZL\AppData\Roaming\Identities

[2009.08.27 15:29:54 | 000,000,000 | ---D | M] -- C:\Users\LFZL\AppData\Roaming\InstallShield

[2009.11.09 12:52:12 | 000,000,000 | ---D | M] -- C:\Users\LFZL\AppData\Roaming\Macromedia

[2012.02.12 16:10:53 | 000,000,000 | ---D | M] -- C:\Users\LFZL\AppData\Roaming\Malwarebytes

[2012.01.24 14:38:14 | 000,000,000 | --SD | M] -- C:\Users\LFZL\AppData\Roaming\Microsoft

[2009.08.27 21:00:52 | 000,000,000 | ---D | M] -- C:\Users\LFZL\AppData\Roaming\Mozilla

[2011.08.10 14:54:55 | 000,000,000 | ---D | M] -- C:\Users\LFZL\AppData\Roaming\OpenCandy

[2009.08.27 22:43:54 | 000,000,000 | ---D | M] -- C:\Users\LFZL\AppData\Roaming\OpenOffice.org

[2012.02.12 20:00:07 | 000,000,000 | ---D | M] -- C:\Users\LFZL\AppData\Roaming\Skype

[2012.02.12 09:09:53 | 000,000,000 | ---D | M] -- C:\Users\LFZL\AppData\Roaming\skypePM

[2012.02.07 12:34:10 | 000,000,000 | ---D | M] -- C:\Users\LFZL\AppData\Roaming\vlc

[2010.08.04 14:17:50 | 000,000,000 | ---D | M] -- C:\Users\LFZL\AppData\Roaming\VMware

 
 < %APPDATA%\*.exe /s >

[2011.09.02 01:42:06 | 024,183,152 | ---- | M] (Dropbox, Inc.) -- C:\Users\LFZL\AppData\Roaming\Dropbox\bin\Dropbox.exe

[2011.09.02 01:42:12 | 000,174,784 | ---- | M] (Dropbox, Inc.) -- C:\Users\LFZL\AppData\Roaming\Dropbox\bin\Uninstall.exe

[2009.08.27 15:26:20 | 000,010,134 | R--- | M] () -- C:\Users\LFZL\AppData\Roaming\Microsoft\Installer\{42929F0F-CE14-47AF-9FC7-FF297A603021}\ARPPRODUCTICON.exe

[2009.08.27 15:26:20 | 000,045,056 | R--- | M] (Macrovision Corporation) -- C:\Users\LFZL\AppData\Roaming\Microsoft\Installer\{42929F0F-CE14-47AF-9FC7-FF297A603021}\NewShortcut1_42929F0FCE1447AF9FC7FF297A603021_1.exe

[2009.08.27 15:32:09 | 000,365,322 | R--- | M] () -- C:\Users\LFZL\AppData\Roaming\Microsoft\Installer\{8B1F8092-9D84-459B-88EA-0BE882AC915E}\ARPPRODUCTICON.exe

[2009.08.27 15:31:44 | 000,365,322 | R--- | M] () -- C:\Users\LFZL\AppData\Roaming\Microsoft\Installer\{AF7E4468-E364-4991-BC2A-6E8293E1055B}\ARPPRODUCTICON.exe

[2009.08.27 15:32:36 | 000,011,758 | R--- | M] () -- C:\Users\LFZL\AppData\Roaming\Microsoft\Installer\{FECEF9D2-9D3D-449B-9EA4-CFA775C99460}\ARPPRODUCTICON.exe

[2011.08.10 14:54:56 | 000,416,160 | ---- | M] () -- C:\Users\LFZL\AppData\Roaming\OpenCandy\OpenCandy_E52FE0337CBE47C3B9FF25781E8C2B49\LatestDLMgr.exe

[2011.08.10 14:55:02 | 004,226,064 | ---- | M] () -- C:\Users\LFZL\AppData\Roaming\OpenCandy\OpenCandy_E52FE0337CBE47C3B9FF25781E8C2B49\LinkuryInstaller_p1v4.exe

 
 < %SYSTEMDRIVE%\*.exe >

[2007.11.07 07:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

 

 
 < MD5 for: AGP440.SYS  >

[2008.01.21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys

[2008.01.21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys

[2008.01.21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys

[2008.01.21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys

[2008.01.21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys

[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

 
 < MD5 for: ATAPI.SYS  >

[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys

[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys

[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys

[2008.03.06 05:21:17 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2209DBCD72FD45199BAE483DDBCA5D75 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_bdffb04d\atapi.sys

[2008.03.06 05:21:17 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2209DBCD72FD45199BAE483DDBCA5D75 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22130_none_dda155213abfc239\atapi.sys

[2008.01.21 03:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys

[2008.01.21 03:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys

[2008.03.06 05:24:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=49996882C3272D944D027E03FCD89F6B -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_fbc3e716\atapi.sys

[2008.03.06 05:24:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=49996882C3272D944D027E03FCD89F6B -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20786_none_db8b089b3dbc5507\atapi.sys

[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

 
 < MD5 for: CNGAUDIT.DLL  >

[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll

[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

 
 < MD5 for: IASTORV.SYS  >

[2008.01.21 03:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys

[2008.01.21 03:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys

[2008.01.21 03:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys

[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

 
 < MD5 for: NETLOGON.DLL  >

[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll

[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll

[2008.01.21 03:33:41 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

 
 < MD5 for: NVSTOR.SYS  >

[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys

[2008.01.21 03:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys

[2008.01.21 03:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys

[2008.01.21 03:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

 
 < MD5 for: SCECLI.DLL  >

[2008.01.21 03:34:39 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll

[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll

[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

 
 < MD5 for: USER32.DLL  >

[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\System32\user32.dll

[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll

[2008.01.21 03:34:02 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll

 
 < MD5 for: USERINIT.EXE  >

[2008.01.21 03:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe

[2008.01.21 03:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

 
 < MD5 for: WININIT.EXE  >

[2008.01.21 03:33:13 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe

[2008.01.21 03:33:13 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe

 
 < MD5 for: WINLOGON.EXE  >

[2012.01.13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe

[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe

[2008.01.21 03:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

 
 < MD5 for: WS2IFSL.SYS  >

[2008.01.21 03:34:35 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys

[2008.01.21 03:34:35 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys

 
 < %systemroot%\system32\drivers\*.sys /lockedfiles >

 
 < %systemroot%\System32\config\*.sav >

[2008.01.21 04:31:11 | 015,716,352 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV

[2008.01.21 04:31:01 | 000,102,400 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV

[2008.01.21 04:31:12 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV

[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV

[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

 
 < %systemroot%\*. /mp /s >

 
 < %systemroot%\system32\*.dll /lockedfiles >
 

< End of report >

Code:

OTL Extras logfile created on: 12.02.2012 20:55:19 - Run 1

OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\LFZL\Downloads

Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.19170)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

1,96 Gb Total Physical Memory | 1,52 Gb Available Physical Memory | 77,57% Memory free

4,14 Gb Paging File | 3,86 Gb Available in Paging File | 93,19% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 111,79 Gb Total Space | 58,56 Gb Free Space | 52,38% Space Free | Partition Type: NTFS

 

Computer Name: LFZL-LAPTOP | User Name: LFZL | Logged in as Administrator.

Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-506798161-1589815655-2423967585-1000\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- "C:\Program Files\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"VistaSp2" = Reg Error: Unknown registry data type -- File not found

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 
 ========== Authorized Applications List ==========

 

 
 ========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{45785C2A-2769-4512-BE4E-DFFD3520C6DB}" = lport=445 | protocol=6 | dir=in | app=system | 

"{63D02505-2DA9-4BDD-80BA-F161986EDE1D}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 | 

"{6AC3C9FC-FEDD-47BA-A274-56F4950F12F0}" = lport=51000 | protocol=6 | dir=in | name=adobe version cue cs4 server | 

"{70E7A0EB-EC53-4445-B5FA-A6B38483B6A8}" = lport=7001 | protocol=17 | dir=in | name=afs cachemanager callback (udp) | 

"{97079D10-AEEC-4AFA-B0F0-55C11B47033A}" = lport=3703 | protocol=6 | dir=in | name=adobe version cue cs4 server | 

"{AE9DB63E-BA22-4D95-B1DE-8956A2A37C12}" = lport=3704 | protocol=6 | dir=in | name=adobe version cue cs4 server | 

"{CFDF89E7-9830-4255-8491-8B14041C6493}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 

"{F7224F87-14DE-4C22-9262-DC08F901045D}" = lport=51001 | protocol=6 | dir=in | name=adobe version cue cs4 server | 

 
 ========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{1671DC77-6B81-44A3-ABA3-6CFDAB9B09F7}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 

"{1CE4AD11-590F-4841-8025-F64968DCC94A}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe | 

"{31B22A7F-56BB-4C21-9DA6-FC6AEC9CDCD5}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe | 

"{4AC55D5F-2704-417B-B772-0E8E88FDC29C}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 

"{50981C21-54B8-457B-9957-80425D9F1A06}" = protocol=6 | dir=in | app=c:\users\lfzl\appdata\roaming\dropbox\bin\dropbox.exe | 

"{60992E2C-E621-452C-8628-DCDAF596979C}" = dir=in | app=c:\program files\finaltorrent\ftcheckforupdates.exe | 

"{7CE74BD0-C758-47C2-B3B7-10D1A02F1C13}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{A543FA9B-D796-4F58-A841-4DDCE24555EF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 

"{AB719860-3250-4677-A60D-1778306CC9B3}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 

"{BABE4012-1301-4E7B-A730-52F39828884A}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe | 

"{E14C4BD6-9E04-4D1B-9031-06A2340E164A}" = protocol=17 | dir=in | app=c:\users\lfzl\appdata\roaming\dropbox\bin\dropbox.exe | 

"{E9D6EF8F-BD4D-4453-8F57-1E5721693662}" = dir=in | app=c:\program files\finaltorrent\finaltorrent.exe | 

"{FDFE7547-AA58-473C-AE36-DDDACBBF7B7C}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe | 

"TCP Query User{1DB9EFC5-C315-48A9-8957-5CF0F107E826}C:\program files\nx client for windows\bin\nxssh.exe" = protocol=6 | dir=in | app=c:\program files\nx client for windows\bin\nxssh.exe | 

"TCP Query User{26F49EB9-8715-450C-B3A9-46047BAEB1BA}C:\program files\finaltorrent\finaltorrent.exe" = protocol=6 | dir=in | app=c:\program files\finaltorrent\finaltorrent.exe | 

"TCP Query User{CA51EB76-61E7-4C59-A3CF-A1314D000E35}C:\program files\nx client for windows\nxclient.exe" = protocol=6 | dir=in | app=c:\program files\nx client for windows\nxclient.exe | 

"TCP Query User{E80F59B2-63B5-4EE0-87DA-ECC62EBCAB60}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 

"UDP Query User{0EF94CFF-FDA3-4342-843C-69CBB4B0CE96}C:\program files\nx client for windows\nxclient.exe" = protocol=17 | dir=in | app=c:\program files\nx client for windows\nxclient.exe | 

"UDP Query User{1FC2F86C-B784-4C4F-A5B2-AC217B84D4CC}C:\program files\finaltorrent\finaltorrent.exe" = protocol=17 | dir=in | app=c:\program files\finaltorrent\finaltorrent.exe | 

"UDP Query User{B6B9FA1E-3777-4431-B52F-B2DBCDC2A64C}C:\program files\nx client for windows\bin\nxssh.exe" = protocol=17 | dir=in | app=c:\program files\nx client for windows\bin\nxssh.exe | 

"UDP Query User{EAE22C10-759C-406A-91C0-AC369736D843}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu

"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4

"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4

"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler

"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4

"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4

"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4

"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4

"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4

"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4

"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4

"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB

"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR

"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server

"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4

"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 22

"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)

"{303F7619-4E67-450F-985A-A2DF51B30AC8}" = Adobe Setup

"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4

"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player

"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4

"{3A6829EF-0791-4FDD-9382-C690DD0821B9}" = Adobe Flash Player 10 ActiveX

"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4

"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin

"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3

"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD

"{44257960-C5CC-45BA-8E83-524E4A0F3FD5}" = Cisco AnyConnect VPN Client

"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4

"{57F1AB5A-0B9A-4229-B231-B1516A33DCD4}" = VMware Infrastructure Client 2.5

"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Media Driver Ver.3.53.02

"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4

"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support

"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4

"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK

"{6865E7FA-9D39-460E-960D-14BACEDAE209}" = Visual Studio 8.0 Retail (Intel) Runtime

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files

"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP

"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4

"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4

"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4

"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8B1F8092-9D84-459B-88EA-0BE882AC915E}" = UPEK TouchChip Fingerprint Reader

"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007

"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007

"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007

"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007

"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007

"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007

"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007

"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007

"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007

"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007

"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4

"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4

"{96B9274D-2D07-4C5B-A29C-55F3C0D6B342}" = Linkury Smartbar

"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BC51C0F-DA8E-4370-9997-899B3435A647}" = VMware vSphere Host Update Utility 4.0

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch

"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1 - Deutsch

"{AED53CDF-1046-4C6B-B5E2-C195125ECDA0}" = Intel(R) PROSet/Wireless WiFi-Software

"{AF7E4468-E364-4991-BC2A-6E8293E1055B}" = BioAPI Framework

"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect

"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4

"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4

"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module

"{BC7E2C06-D255-4300-AA12-33AB54D009AC}" = Adobe Creative Suite 4 Design Standard

"{C40698F9-A861-4531-9F8C-FA7F8961375B}" = VMware vSphere Client 4.0

"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4

"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com

"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2

"{DFAA3D2B-7087-464E-823B-738A23C29C27}" = Microsoft Visual J# 2.0 Redistributable Package - SE

"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio

"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect

"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help

"{F870B987-18BC-45FC-9BE8-35C02DCDA10F}" = Broadcom Gigabit Integrated Controller

"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4

"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4

"{FA237125-51FF-408C-8BB8-30C2B3DFFF9C}" = Windows Resource Kit Tools

"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All

"{FECEF9D2-9D3D-449B-9EA4-CFA775C99460}" = AuthenTec Fingerprint System

"{FF1DDCF4-3A28-4F7F-96D8-E3F4BD1C1702}" = Dell Security Device Driver Pack

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"9D57DE505B6D8C710EF3B74BE638DBB936EED8A3" = Windows-Treiberpaket - Dell Inc. PBADRV System  (01/07/2008 1.0.1.5)

"Adobe AIR" = Adobe AIR

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Adobe_1e3ba55b33b1e8227645fb9c82acca3" = Adobe Creative Suite 4 Design Standard

"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus

"Citavi" = Citavi 2.5

"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player

"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com

"ENTERPRISE" = Microsoft Office Enterprise 2007

"ESET Online Scanner" = ESET Online Scanner v3

"FinalTorrent_is1" = FinalTorrent 2011

"Google Chrome" = Google Chrome

"HDMI" = Intel(R) Graphics Media Accelerator Driver

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000

"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft Visual J# 2.0 Redistributable Package - SE" = Microsoft Visual J# 2.0 Redistributable Package - SE

"Mozilla Firefox 10.0.1 (x86 de)" = Mozilla Firefox 10.0.1 (x86 de)

"nxclient_is1" = NX Client for Windows 3.4.0-5

"OpenAFS" = OpenAFS for Windows

"ProInst" = Intel PROSet Wireless

"Trusted Software Assistant_is1" = File Type Assistant

"VLC media player" = VLC media player 1.0.1

 
 ========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-506798161-1589815655-2423967585-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Dropbox" = Dropbox

"UklanAdmin V1.6" = UklanAdmin V1.6

 
 ========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 12.02.2012 10:55:25 | Computer Name = LFZL-Laptop | Source = Microsoft-Windows-CAPI2 | ID = 131584

Description = 

 

Error - 12.02.2012 10:57:35 | Computer Name = LFZL-Laptop | Source = EventSystem | ID = 4609

Description = 

 

Error - 12.02.2012 10:58:15 | Computer Name = LFZL-Laptop | Source = WinMgmt | ID = 10

Description = 

 

Error - 12.02.2012 12:00:39 | Computer Name = LFZL-Laptop | Source = WinMgmt | ID = 10

Description = 

 

Error - 12.02.2012 12:04:50 | Computer Name = LFZL-Laptop | Source = EventSystem | ID = 4609

Description = 

 

Error - 12.02.2012 12:05:02 | Computer Name = LFZL-Laptop | Source = WinMgmt | ID = 10

Description = 

 

Error - 12.02.2012 14:52:10 | Computer Name = LFZL-Laptop | Source = WinMgmt | ID = 10

Description = 

 

Error - 12.02.2012 15:04:07 | Computer Name = LFZL-Laptop | Source = WinMgmt | ID = 10

Description = 

 

Error - 12.02.2012 15:07:26 | Computer Name = LFZL-Laptop | Source = EventSystem | ID = 4609

Description = 

 

Error - 12.02.2012 15:56:54 | Computer Name = LFZL-Laptop | Source = System Restore | ID = 8193

Description = 

 

[ Cisco AnyConnect VPN Client Events ]

Error - 12.02.2012 12:02:31 | Computer Name = LFZL-Laptop | Source = vpnagent | ID = 67108866

Description = Function: CRouteMgr::UpdatePublicAddress File: .\RouteMgr.cpp Line: 

2190 Invoked Function: CChangeRouteTable::FindBestRouteInterface Return Code: -33095647

 (0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED 

 

Error - 12.02.2012 12:02:31 | Computer Name = LFZL-Laptop | Source = vpnagent | ID = 67108866

Description = Function: CMainThread::applyHostConfigForNoVpn File: .\MainThread.cpp

Line:

 7639 Invoked Function: CHostConfigMgr::DeterminePublicInterface Return Code: -33161196

 (0xFE060014) Description: ROUTEMGR_ERROR_PUBLIC_ADDRESS_UNAVAILABLE 

 

Error - 12.02.2012 12:02:31 | Computer Name = LFZL-Laptop | Source = vpnagent | ID = 67108866

Description = Function: CMainThread::genericNoticeHandler File: .\MainThread.cpp Line:

 5589 Invoked Function: CMainThread::applyHostConfigForNoVpn Return Code: -33161196

 (0xFE060014) Description: ROUTEMGR_ERROR_PUBLIC_ADDRESS_UNAVAILABLE 

 

Error - 12.02.2012 12:02:31 | Computer Name = LFZL-Laptop | Source = vpnagent | ID = 67108866

Description = Function: CMainThread::processNotice File: .\MainThread.cpp Line: 5321

Invoked

 Function: CMainThread::genericNoticeHandler Return Code: -33161196 (0xFE060014) Description:

 ROUTEMGR_ERROR_PUBLIC_ADDRESS_UNAVAILABLE 

 

Error - 12.02.2012 12:02:31 | Computer Name = LFZL-Laptop | Source = vpnagent | ID = 67108866

Description = Function: CMainThread::noticeHandler File: .\MainThread.cpp Line: 5283

Invoked

 Function: CMainThread::processNotice Return Code: -33161196 (0xFE060014) Description:

 ROUTEMGR_ERROR_PUBLIC_ADDRESS_UNAVAILABLE 

 

Error - 12.02.2012 12:02:31 | Computer Name = LFZL-Laptop | Source = vpnagent | ID = 67108866

Description = Function: CMainThread::internalCallbackHandler File: .\MainThread.cpp

Line:

 5045 Invoked Function: CMainThread::noticeHandler Return Code: -33161196 (0xFE060014)

Description:

 ROUTEMGR_ERROR_PUBLIC_ADDRESS_UNAVAILABLE 

 

Error - 12.02.2012 12:02:31 | Computer Name = LFZL-Laptop | Source = vpnagent | ID = 67108866

Description = Function: CMainThread::callbackHandler File: .\MainThread.cpp Line: 

4971 Invoked Function: internalCallbackHandler Return Code: -33161196 (0xFE060014)

Description:

 ROUTEMGR_ERROR_PUBLIC_ADDRESS_UNAVAILABLE 

 

Error - 12.02.2012 14:52:16 | Computer Name = LFZL-Laptop | Source = vpnagent | ID = 67108866

Description = Function: CChangeRouteHelper::ClearRouteTable File: .\ChangeRouteHelper.cpp

Line:

 601 Invoked Function: DeleteRoute Return Code: -33095666 (0xFE07000E) Description:

 ROUTETABLE_ERROR_DELETEIPFORWARDENTRY_FAILED the interface appears to be available

 

Error - 12.02.2012 14:52:16 | Computer Name = LFZL-Laptop | Source = vpnagent | ID = 67108866

Description = Function: CChangeRouteHelper::ClearRouteTable File: .\ChangeRouteHelper.cpp

Line:

 601 Invoked Function: DeleteRoute Return Code: -33095666 (0xFE07000E) Description:

 ROUTETABLE_ERROR_DELETEIPFORWARDENTRY_FAILED the interface appears to be available

 

Error - 12.02.2012 14:52:16 | Computer Name = LFZL-Laptop | Source = vpnagent | ID = 67108866

Description = Function: fileExists File: .\Utility\sysutils.cpp Line: 500 Invoked Function:

 _tstat Return Code: 2 (0x00000002) Description: Das System kann die angegebene Datei

 nicht finden.   File: C:\ProgramData\Cisco\Cisco AnyConnect VPN Client\InitialFirewallConfig.wfw

Error:

 No such file or directory

 

[ OSession Events ]

Error - 16.03.2010 19:34:19 | Computer Name = LFZL-Laptop | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:

 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 14116

 seconds with 1980 seconds of active time.  This session ended with a crash.

 

Error - 26.11.2010 07:59:04 | Computer Name = LFZL-Laptop | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 98

 seconds with 60 seconds of active time.  This session ended with a crash.

 

[ System Events ]

Error - 12.02.2012 12:05:03 | Computer Name = LFZL-Laptop | Source = Service Control Manager | ID = 7001

Description = 

 

Error - 12.02.2012 12:05:03 | Computer Name = LFZL-Laptop | Source = Service Control Manager | ID = 7026

Description = 

 

Error - 12.02.2012 14:52:10 | Computer Name = LFZL-Laptop | Source = Service Control Manager | ID = 7000

Description = 

 

Error - 12.02.2012 14:53:15 | Computer Name = LFZL-Laptop | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001

Description = 

 

Error - 12.02.2012 15:03:09 | Computer Name = LFZL-Laptop | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000

Description = 

 

Error - 12.02.2012 15:04:08 | Computer Name = LFZL-Laptop | Source = Service Control Manager | ID = 7001

Description = 

 

Error - 12.02.2012 15:04:08 | Computer Name = LFZL-Laptop | Source = Service Control Manager | ID = 7026

Description = 

 

Error - 12.02.2012 15:07:16 | Computer Name = LFZL-Laptop | Source = DCOM | ID = 10005

Description = 

 

Error - 12.02.2012 15:07:26 | Computer Name = LFZL-Laptop | Source = DCOM | ID = 10005

Description = 

 

Error - 12.02.2012 15:07:31 | Computer Name = LFZL-Laptop | Source = DCOM | ID = 10005

Description = 

 

 

< End of report >

Code:

14:02:46.0772 4148        TDSS rootkit removing tool 2.7.12.0 Feb 11 2012 16:58:52

14:02:47.0037 4148        ============================================================

14:02:47.0037 4148        Current date / time: 2012/02/13 14:02:47.0037

14:02:47.0037 4148        SystemInfo:

14:02:47.0037 4148        

14:02:47.0037 4148        OS Version: 6.0.6002 ServicePack: 2.0

14:02:47.0038 4148        Product type: Workstation

14:02:47.0038 4148        ComputerName: LFZL-LAPTOP

14:02:47.0038 4148        UserName: LFZL

14:02:47.0038 4148        Windows directory: C:\Windows

14:02:47.0038 4148        System windows directory: C:\Windows

14:02:47.0038 4148        Processor architecture: Intel x86

14:02:47.0038 4148        Number of processors: 2

14:02:47.0038 4148        Page size: 0x1000

14:02:47.0038 4148        Boot type: Normal boot

14:02:47.0038 4148        ============================================================

14:02:48.0418 4148        Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

14:02:48.0420 4148        \Device\Harddisk0\DR0:

14:02:48.0420 4148        MBR used

14:02:48.0420 4148        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xDF93800

14:02:48.0444 4148        Initialize success

14:02:48.0444 4148        ============================================================

14:04:21.0941 5160        ============================================================

14:04:21.0941 5160        Scan started

14:04:21.0941 5160        Mode: Manual; SigCheck; TDLFS; 

14:04:21.0941 5160        ============================================================

14:04:22.0549 5160        ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys

14:04:22.0721 5160        ACPI - ok

14:04:22.0814 5160        adfs            (6d7f09cd92a9fef3a8efce66231fdd79) C:\Windows\system32\drivers\adfs.sys

14:04:22.0845 5160        adfs - ok

14:04:22.0923 5160        adp94xx         (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys

14:04:22.0939 5160        adp94xx - ok

14:04:23.0251 5160        adpahci         (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys

14:04:23.0282 5160        adpahci - ok

14:04:23.0376 5160        adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys

14:04:23.0423 5160        adpu160m - ok

14:04:23.0516 5160        adpu320         (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys

14:04:23.0532 5160        adpu320 - ok

14:04:23.0657 5160        AFD             (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys

14:04:23.0844 5160        AFD - ok

14:04:24.0203 5160        agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys

14:04:24.0218 5160        agp440 - ok

14:04:24.0265 5160        aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

14:04:24.0296 5160        aic78xx - ok

14:04:24.0390 5160        aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys

14:04:24.0390 5160        aliide - ok

14:04:24.0452 5160        amdagp          (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys

14:04:24.0452 5160        amdagp - ok

14:04:24.0483 5160        amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys

14:04:24.0499 5160        amdide - ok

14:04:24.0515 5160        AmdK7           (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys

14:04:24.0671 5160        AmdK7 - ok

14:04:24.0858 5160        AmdK8           (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys

14:04:24.0905 5160        AmdK8 - ok

14:04:24.0967 5160        arc             (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys

14:04:24.0983 5160        arc - ok

14:04:25.0014 5160        arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys

14:04:25.0029 5160        arcsas - ok

14:04:25.0123 5160        AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

14:04:25.0185 5160        AsyncMac - ok

14:04:25.0263 5160        atapi           (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys

14:04:25.0279 5160        atapi - ok

14:04:25.0373 5160        avgio           (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys

14:04:25.0388 5160        avgio - ok

14:04:25.0451 5160        avgntflt        (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys

14:04:25.0482 5160        avgntflt - ok

14:04:25.0513 5160        avipbb          (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys

14:04:25.0529 5160        avipbb - ok

14:04:25.0591 5160        b57nd60x        (6fb43f0dadb3fdc287d080c19666af8d) C:\Windows\system32\DRIVERS\b57nd60x.sys

14:04:25.0716 5160        b57nd60x - ok

14:04:25.0809 5160        Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

14:04:25.0872 5160        Beep - ok

14:04:25.0919 5160        blbdrive        (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys

14:04:25.0965 5160        blbdrive - ok

14:04:26.0028 5160        bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys

14:04:26.0106 5160        bowser - ok

14:04:26.0199 5160        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

14:04:26.0387 5160        BrFiltLo - ok

14:04:26.0480 5160        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

14:04:26.0543 5160        BrFiltUp - ok

14:04:26.0636 5160        Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

14:04:26.0855 5160        Brserid - ok

14:04:27.0026 5160        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

14:04:27.0151 5160        BrSerWdm - ok

14:04:27.0198 5160        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

14:04:27.0260 5160        BrUsbMdm - ok

14:04:27.0323 5160        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

14:04:27.0401 5160        BrUsbSer - ok

14:04:27.0557 5160        BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

14:04:27.0619 5160        BTHMODEM - ok

14:04:27.0650 5160        cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

14:04:27.0697 5160        cdfs - ok

14:04:27.0759 5160        cdrom           (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys

14:04:27.0791 5160        cdrom - ok

14:04:27.0822 5160        circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys

14:04:27.0884 5160        circlass - ok

14:04:28.0009 5160        CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys

14:04:28.0040 5160        CLFS - ok

14:04:28.0134 5160        CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys

14:04:28.0165 5160        CmBatt - ok

14:04:28.0212 5160        cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys

14:04:28.0243 5160        cmdide - ok

14:04:28.0337 5160        Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys

14:04:28.0337 5160        Compbatt - ok

14:04:28.0352 5160        crcdisk         (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys

14:04:28.0368 5160        crcdisk - ok

14:04:28.0399 5160        Crusoe          (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys

14:04:28.0446 5160        Crusoe - ok

14:04:28.0524 5160        DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys

14:04:28.0586 5160        DfsC - ok

14:04:28.0680 5160        disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys

14:04:28.0695 5160        disk - ok

14:04:28.0805 5160        drmkaud         (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

14:04:28.0883 5160        drmkaud - ok

14:04:28.0929 5160        DXGKrnl         (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys

14:04:28.0961 5160        DXGKrnl - ok

14:04:29.0085 5160        E1G60           (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys

14:04:29.0163 5160        E1G60 - ok

14:04:29.0304 5160        Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys

14:04:29.0319 5160        Ecache - ok

14:04:29.0382 5160        elxstor         (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys

14:04:29.0413 5160        elxstor - ok

14:04:29.0553 5160        ErrDev          (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys

14:04:29.0600 5160        ErrDev - ok

14:04:29.0678 5160        exfat           (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys

14:04:29.0741 5160        exfat - ok

14:04:29.0787 5160        fastfat         (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys

14:04:29.0819 5160        fastfat - ok

14:04:29.0865 5160        fdc             (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys

14:04:29.0912 5160        fdc - ok

14:04:30.0006 5160        FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

14:04:30.0021 5160        FileInfo - ok

14:04:30.0053 5160        Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

14:04:30.0115 5160        Filetrace - ok

14:04:30.0162 5160        flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys

14:04:30.0224 5160        flpydisk - ok

14:04:30.0287 5160        FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys

14:04:30.0302 5160        FltMgr - ok

14:04:30.0318 5160        Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

14:04:30.0349 5160        Fs_Rec - ok

14:04:30.0380 5160        gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys

14:04:30.0380 5160        gagp30kx - ok

14:04:30.0536 5160        HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys

14:04:30.0599 5160        HdAudAddService - ok

14:04:30.0661 5160        HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys

14:04:30.0786 5160        HDAudBus - ok

14:04:31.0051 5160        HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

14:04:31.0145 5160        HidBth - ok

14:04:31.0207 5160        HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys

14:04:31.0269 5160        HidIr - ok

14:04:31.0332 5160        HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys

14:04:31.0379 5160        HidUsb - ok

14:04:31.0441 5160        HpCISSs         (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys

14:04:31.0441 5160        HpCISSs - ok

14:04:31.0613 5160        HTTP            (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys

14:04:31.0706 5160        HTTP - ok

14:04:31.0769 5160        i2omp           (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys

14:04:31.0800 5160        i2omp - ok

14:04:31.0956 5160        i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

14:04:32.0003 5160        i8042prt - ok

14:04:32.0112 5160        iaStorV         (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys

14:04:32.0143 5160        iaStorV - ok

14:04:32.0377 5160        igfx            (0627fc0c422cd6e0f23e1b0d1d9f0899) C:\Windows\system32\DRIVERS\igdkmd32.sys

14:04:32.0533 5160        igfx - ok

14:04:32.0658 5160        iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

14:04:32.0689 5160        iirsp - ok

14:04:32.0736 5160        IntcHdmiAddService (c7e7e43cbd34d3b0a0156b51b917dfcc) C:\Windows\system32\drivers\IntcHdmi.sys

14:04:32.0767 5160        IntcHdmiAddService - ok

14:04:32.0829 5160        intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys

14:04:32.0845 5160        intelide - ok

14:04:32.0876 5160        intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

14:04:32.0923 5160        intelppm - ok

14:04:32.0939 5160        IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

14:04:32.0985 5160        IpFilterDriver - ok

14:04:32.0985 5160        IpInIp - ok

14:04:33.0032 5160        IPMIDRV         (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys

14:04:33.0079 5160        IPMIDRV - ok

14:04:33.0219 5160        IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

14:04:33.0282 5160        IPNAT - ok

14:04:33.0313 5160        IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

14:04:33.0375 5160        IRENUM - ok

14:04:33.0407 5160        isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys

14:04:33.0438 5160        isapnp - ok

14:04:33.0500 5160        iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys

14:04:33.0531 5160        iScsiPrt - ok

14:04:33.0563 5160        iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

14:04:33.0563 5160        iteatapi - ok

14:04:33.0594 5160        iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

14:04:33.0594 5160        iteraid - ok

14:04:33.0703 5160        kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

14:04:33.0719 5160        kbdclass - ok

14:04:33.0781 5160        kbdhid          (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys

14:04:33.0828 5160        kbdhid - ok

14:04:33.0890 5160        KSecDD          (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys

14:04:33.0921 5160        KSecDD - ok

14:04:33.0953 5160        lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

14:04:33.0999 5160        lltdio - ok

14:04:34.0202 5160        LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys

14:04:34.0202 5160        LSI_FC - ok

14:04:34.0249 5160        LSI_SAS         (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys

14:04:34.0265 5160        LSI_SAS - ok

14:04:34.0327 5160        LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys

14:04:34.0358 5160        LSI_SCSI - ok

14:04:34.0374 5160        luafv           (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

14:04:34.0405 5160        luafv - ok

14:04:34.0436 5160        MBAMProtector   (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys

14:04:34.0452 5160        MBAMProtector - ok

14:04:34.0545 5160        megasas         (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys

14:04:34.0545 5160        megasas - ok

14:04:34.0577 5160        MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys

14:04:34.0608 5160        MegaSR - ok

14:04:34.0639 5160        Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

14:04:34.0686 5160        Modem - ok

14:04:34.0717 5160        monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

14:04:34.0748 5160        monitor - ok

14:04:34.0795 5160        mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

14:04:34.0811 5160        mouclass - ok

14:04:34.0889 5160        mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

14:04:34.0935 5160        mouhid - ok

14:04:34.0967 5160        MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

14:04:34.0998 5160        MountMgr - ok

14:04:35.0029 5160        mpio            (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys

14:04:35.0045 5160        mpio - ok

14:04:35.0076 5160        mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

14:04:35.0107 5160        mpsdrv - ok

14:04:35.0154 5160        Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

14:04:35.0169 5160        Mraid35x - ok

14:04:35.0216 5160        MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys

14:04:35.0279 5160        MRxDAV - ok

14:04:35.0403 5160        mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys

14:04:35.0466 5160        mrxsmb - ok

14:04:35.0528 5160        mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys

14:04:35.0559 5160        mrxsmb10 - ok

14:04:35.0669 5160        mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

14:04:35.0669 5160        mrxsmb20 - ok

14:04:35.0747 5160        msahci          (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys

14:04:35.0747 5160        msahci - ok

14:04:35.0793 5160        msdsm           (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys

14:04:35.0793 5160        msdsm - ok

14:04:35.0809 5160        Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

14:04:35.0840 5160        Msfs - ok

14:04:35.0887 5160        msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

14:04:35.0887 5160        msisadrv - ok

14:04:35.0934 5160        MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

14:04:35.0981 5160        MSKSSRV - ok

14:04:36.0168 5160        msloop          (0a562f61d84bf1988e4dd6413b76c1d4) C:\Windows\system32\DRIVERS\loop.sys

14:04:36.0215 5160        msloop - ok

14:04:36.0261 5160        MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

14:04:36.0308 5160        MSPCLOCK - ok

14:04:36.0355 5160        MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

14:04:36.0402 5160        MSPQM - ok

14:04:36.0464 5160        MsRPC           (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys

14:04:36.0480 5160        MsRPC - ok

14:04:36.0527 5160        mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

14:04:36.0542 5160        mssmbios - ok

14:04:36.0589 5160        MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

14:04:36.0636 5160        MSTEE - ok

14:04:36.0714 5160        Mup             (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys

14:04:36.0729 5160        Mup - ok

14:04:36.0807 5160        NativeWifiP     (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys

14:04:36.0823 5160        NativeWifiP - ok

14:04:36.0917 5160        NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys

14:04:36.0963 5160        NDIS - ok

14:04:37.0057 5160        NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

14:04:37.0088 5160        NdisTapi - ok

14:04:37.0416 5160        Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

14:04:37.0494 5160        Ndisuio - ok

14:04:37.0556 5160        NdisWan         (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys

14:04:37.0587 5160        NdisWan - ok

14:04:37.0634 5160        NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

14:04:37.0665 5160        NDProxy - ok

14:04:37.0697 5160        NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

14:04:37.0759 5160        NetBIOS - ok

14:04:38.0118 5160        netbt           (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys

14:04:38.0149 5160        netbt - ok

14:04:38.0289 5160        NETw5v32        (9ca26dccf0b84a6ff2b54fbb2a94520b) C:\Windows\system32\DRIVERS\NETw5v32.sys

14:04:38.0539 5160        NETw5v32 - ok

14:04:38.0679 5160        nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

14:04:38.0679 5160        nfrd960 - ok

14:04:38.0726 5160        Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys

14:04:38.0804 5160        Npfs - ok

14:04:38.0835 5160        nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

14:04:38.0851 5160        nsiproxy - ok

14:04:38.0929 5160        Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys

14:04:38.0976 5160        Ntfs - ok

14:04:39.0085 5160        ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

14:04:39.0147 5160        ntrigdigi - ok

14:04:39.0179 5160        Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

14:04:39.0225 5160        Null - ok

14:04:39.0272 5160        nvraid          (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys

14:04:39.0272 5160        nvraid - ok

14:04:39.0413 5160        nvstor          (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys

14:04:39.0444 5160        nvstor - ok

14:04:39.0569 5160        nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys

14:04:39.0600 5160        nv_agp - ok

14:04:39.0740 5160        NwlnkFlt - ok

14:04:39.0756 5160        NwlnkFwd - ok

14:04:39.0818 5160        ohci1394        (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys

14:04:39.0865 5160        ohci1394 - ok

14:04:39.0990 5160        Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

14:04:40.0068 5160        Parport - ok

14:04:40.0177 5160        partmgr         (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys

14:04:40.0193 5160        partmgr - ok

14:04:40.0286 5160        Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

14:04:40.0364 5160        Parvdm - ok

14:04:40.0411 5160        PBADRV          (4088c1ecd1f54281a92fa663b0fdc36f) C:\Windows\system32\DRIVERS\PBADRV.sys

14:04:40.0411 5160        PBADRV - ok

14:04:40.0505 5160        pci             (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys

14:04:40.0520 5160        pci - ok

14:04:40.0551 5160        pciide          (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys

14:04:40.0567 5160        pciide - ok

14:04:40.0676 5160        pcmcia          (3bb2244f343b610c29c98035504c9b75) C:\Windows\system32\DRIVERS\pcmcia.sys

14:04:40.0692 5160        pcmcia - ok

14:04:40.0739 5160        PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

14:04:41.0004 5160        PEAUTH - ok

14:04:41.0347 5160        PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

14:04:41.0425 5160        PptpMiniport - ok

14:04:41.0472 5160        Processor       (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys

14:04:41.0503 5160        Processor - ok

14:04:41.0597 5160        PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys

14:04:41.0628 5160        PSched - ok

14:04:41.0971 5160        ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys

14:04:42.0049 5160        ql2300 - ok

14:04:42.0236 5160        ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

14:04:42.0252 5160        ql40xx - ok

14:04:42.0314 5160        QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

14:04:42.0361 5160        QWAVEdrv - ok

14:04:42.0408 5160        RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

14:04:42.0455 5160        RasAcd - ok

14:04:42.0517 5160        Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

14:04:42.0564 5160        Rasl2tp - ok

14:04:42.0657 5160        RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys

14:04:42.0704 5160        RasPppoe - ok

14:04:42.0751 5160        RasSstp         (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys

14:04:42.0767 5160        RasSstp - ok

14:04:42.0829 5160        rdbss           (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys

14:04:42.0876 5160        rdbss - ok

14:04:42.0907 5160        RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

14:04:42.0938 5160        RDPCDD - ok

14:04:43.0001 5160        rdpdr           (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys

14:04:43.0032 5160        rdpdr - ok

14:04:43.0063 5160        RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

14:04:43.0110 5160        RDPENCDD - ok

14:04:43.0157 5160        RDPWD           (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys

14:04:43.0203 5160        RDPWD - ok

14:04:43.0281 5160        rimmptsk        (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys

14:04:43.0344 5160        rimmptsk - ok

14:04:43.0406 5160        rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

14:04:43.0469 5160        rspndr - ok

14:04:43.0531 5160        sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

14:04:43.0547 5160        sbp2port - ok

14:04:43.0625 5160        sdbus           (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys

14:04:43.0656 5160        sdbus - ok

14:04:43.0671 5160        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

14:04:43.0749 5160        secdrv - ok

14:04:43.0781 5160        Serenum         (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys

14:04:43.0827 5160        Serenum - ok

14:04:43.0890 5160        Serial          (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys

14:04:43.0937 5160        Serial - ok

14:04:43.0983 5160        sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

14:04:44.0030 5160        sermouse - ok

14:04:44.0093 5160        sffdisk         (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys

14:04:44.0139 5160        sffdisk - ok

14:04:44.0171 5160        sffp_mmc        (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys

14:04:44.0233 5160        sffp_mmc - ok

14:04:44.0249 5160        sffp_sd         (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys

14:04:44.0295 5160        sffp_sd - ok

14:04:44.0342 5160        sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys

14:04:44.0373 5160        sfloppy - ok

14:04:44.0389 5160        sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys

14:04:44.0405 5160        sisagp - ok

14:04:44.0436 5160        SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys

14:04:44.0436 5160        SiSRaid2 - ok

14:04:44.0529 5160        SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys

14:04:44.0529 5160        SiSRaid4 - ok

14:04:44.0592 5160        Smb             (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys

14:04:44.0607 5160        Smb - ok

14:04:44.0654 5160        spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

14:04:44.0654 5160        spldr - ok

14:04:44.0717 5160        srv             (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys

14:04:44.0810 5160        srv - ok

14:04:44.0841 5160        srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys

14:04:44.0904 5160        srv2 - ok

14:04:44.0951 5160        srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys

14:04:44.0966 5160        srvnet - ok

14:04:45.0044 5160        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys

14:04:45.0044 5160        ssmdrv - ok

14:04:45.0153 5160        STHDA           (304f7634121eae608cc413158ef3b1f9) C:\Windows\system32\DRIVERS\stwrt.sys

14:04:45.0200 5160        STHDA - ok

14:04:45.0247 5160        swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

14:04:45.0263 5160        swenum - ok

14:04:45.0294 5160        Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

14:04:45.0309 5160        Symc8xx - ok

14:04:45.0356 5160        Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

14:04:45.0356 5160        Sym_hi - ok

14:04:45.0403 5160        Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

14:04:45.0419 5160        Sym_u3 - ok

14:04:45.0481 5160        Tcpip           (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys

14:04:45.0528 5160        Tcpip - ok

14:04:45.0590 5160        Tcpip6          (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys

14:04:45.0621 5160        Tcpip6 - ok

14:04:45.0699 5160        tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys

14:04:45.0762 5160        tcpipreg - ok

14:04:45.0840 5160        TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

14:04:45.0887 5160        TDPIPE - ok

14:04:45.0980 5160        TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

14:04:46.0027 5160        TDTCP - ok

14:04:46.0089 5160        tdx             (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys

14:04:46.0136 5160        tdx - ok

14:04:46.0214 5160        TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys

14:04:46.0230 5160        TermDD - ok

14:04:46.0292 5160        tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

14:04:46.0339 5160        tssecsrv - ok

14:04:46.0386 5160        tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

14:04:46.0479 5160        tunmp - ok

14:04:46.0589 5160        tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys

14:04:46.0620 5160        tunnel - ok

14:04:46.0667 5160        uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys

14:04:46.0698 5160        uagp35 - ok

14:04:46.0729 5160        udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys

14:04:46.0760 5160        udfs - ok

14:04:46.0791 5160        uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys

14:04:46.0807 5160        uliagpkx - ok

14:04:46.0838 5160        uliahci         (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys

14:04:46.0885 5160        uliahci - ok

14:04:46.0932 5160        UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

14:04:46.0947 5160        UlSata - ok

14:04:46.0979 5160        ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

14:04:46.0994 5160        ulsata2 - ok

14:04:47.0072 5160        umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

14:04:47.0103 5160        umbus - ok

14:04:47.0150 5160        usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

14:04:47.0213 5160        usbccgp - ok

14:04:47.0244 5160        usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

14:04:47.0322 5160        usbcir - ok

14:04:47.0384 5160        usbehci         (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys

14:04:47.0415 5160        usbehci - ok

14:04:47.0478 5160        usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys

14:04:47.0509 5160        usbhub - ok

14:04:47.0556 5160        usbohci         (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys

14:04:47.0618 5160        usbohci - ok

14:04:47.0712 5160        usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

14:04:47.0743 5160        usbprint - ok

14:04:47.0774 5160        USBSTOR         (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS

14:04:47.0805 5160        USBSTOR - ok

14:04:47.0821 5160        usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

14:04:47.0852 5160        usbuhci - ok

14:04:47.0883 5160        vga             (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys

14:04:47.0915 5160        vga - ok

14:04:47.0930 5160        VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

14:04:47.0993 5160        VgaSave - ok

14:04:48.0024 5160        viaagp          (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys

14:04:48.0039 5160        viaagp - ok

14:04:48.0071 5160        ViaC7           (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys

14:04:48.0102 5160        ViaC7 - ok

14:04:48.0133 5160        viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys

14:04:48.0133 5160        viaide - ok

14:04:48.0180 5160        volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

14:04:48.0195 5160        volmgr - ok

14:04:48.0258 5160        volmgrx         (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys

14:04:48.0273 5160        volmgrx - ok

14:04:48.0336 5160        volsnap         (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys

14:04:48.0351 5160        volsnap - ok

14:04:48.0461 5160        vpnva           (fc94804932cfc35f01b3ae510e3b4d5c) C:\Windows\system32\DRIVERS\vpnva.sys

14:04:48.0461 5160        vpnva - ok

14:04:48.0523 5160        vsmraid         (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys

14:04:48.0539 5160        vsmraid - ok

14:04:48.0570 5160        WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

14:04:48.0648 5160        WacomPen - ok

14:04:48.0663 5160        Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

14:04:48.0710 5160        Wanarp - ok

14:04:48.0710 5160        Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

14:04:48.0741 5160        Wanarpv6 - ok

14:04:48.0788 5160        Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys

14:04:48.0804 5160        Wd - ok

14:04:48.0851 5160        Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

14:04:48.0929 5160        Wdf01000 - ok

14:04:49.0022 5160        WmiAcpi         (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys

14:04:49.0053 5160        WmiAcpi - ok

14:04:49.0116 5160        WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys

14:04:49.0163 5160        WpdUsb - ok

14:04:49.0194 5160        ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

14:04:49.0225 5160        ws2ifsl - ok

14:04:49.0272 5160        WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

14:04:49.0303 5160        WUDFRd - ok

14:04:49.0334 5160        MBR (0x1B8)     (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0

14:04:49.0475 5160        \Device\Harddisk0\DR0 - ok

14:04:49.0475 5160        Boot (0x1200)   (1f1e5f5689d4a83e2ae1b28ab9052f27) \Device\Harddisk0\DR0\Partition0

14:04:49.0475 5160        \Device\Harddisk0\DR0\Partition0 - ok

14:04:49.0475 5160        ============================================================

14:04:49.0475 5160        Scan finished

14:04:49.0475 5160        ============================================================

14:04:49.0490 5456        Detected object count: 0

14:04:49.0490 5456        Actual detected object count: 0

scheint okay zu sein.

noch eine Beobachtung: als ich vorhin nach dem OTL-Fix den virenscanner wieder anschalten wollte, gab es eine Fehlermeldung das der Windows Hostprozess (Rundll32) nicht mehr funktioniert, als ich dazu auf den Icon des Windows-Sicherheitscenter in der Taskbar geklickt habe. Das ist aber nicht rekonstruierbar.