Trojaner-Board
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Rocketnews-Trojaner und Spyhunter4 auf dem Rechner (https://www.trojaner-board.de/116032-rocketnews-trojaner-spyhunter4-rechner.html)

juppxy 30.05.2012 19:36
Rocketnews-Trojaner und Spyhunter4 auf dem Rechner
 
Guten Abend,

ich habe folgendes Problem, welches hier auch schon öfters beschrieben wurde. Wenn ich bei google einen Suchtext eingebe werde ich automatisch mit der rocketnews Seite verbunden, welche sich jedoch nicht aufbaut.

In der Hoffnung diesen Trojaner zu entfernen habe ich leider den nächsten Fehler gemacht und Spyhunter4 installiert. Wie ich mittlerweile weiß war dies wohl ein Fehler, zumindest wird das hier so beschrieben.

Ich hoffe ihr könnt mir helfen meinen Rechner wieder sauber zu bekommen.

Vielen Dank im Voraus

Sarah

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.05.30.05

Windows XP Service Pack 3 x86 FAT32
Internet Explorer 6.0.2900.5512
Sarah Wassermann :: ACER-F17C439E3C [Administrator]

30.05.2012 20:21:21
mbam-log-2012-05-30 (20-21-21).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 217695
Laufzeit: 9 Minute(n), 30 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

cosinus 31.05.2012 14:44
Bitte erstmal routinemäßig einen Vollscan mit malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden.

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset





Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

juppxy 01.06.2012 12:07
Hallo,
vielen Dank, dass du dich meiner angenommen hast! Ich bin echt ziemlich verzweifelt... Ich habe jetzt alle Dinge gemacht, die du genannt hast. Leider bin ich total planlos, wie ich das nun poste - ich hoffe, dass das jetzt so ok ist?!
Hier nun die Daten von dem malware:

Code:
rtfgswaqaMalwarebytes Anti-Malware 1.61.0.1400
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: v2012.05.30.05

Windows XP Service Pack 3 x86 FAT32
Internet Explorer 6.0.2900.5512
Sarah Wassermann :: ACER-F17C439E3C [Administrator]

31.05.2012 21:52:41
mbam-log-2012-05-31 (21-52-41).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 294203
Laufzeit: 1 Stunde(n), 28 Minute(n), 34 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Und hier die Daten von dem Esetscan:
Code:
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=1
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=50ef877eb77823458865a94c88a57515
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-06-01 10:51:42
# local_time=2012-06-01 12:51:42 (+0100, Westeuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1792 16777179 100 0 6490273 6490273 0 0
# compatibility_mode=8192 67108863 100 0 1037 1037 0 0
# scanned=83623
# found=3
# cleaned=0
# scan_time=3686
C:\WINDOWS\system32\BrDctF2LK.dll        a variant of Win32/Ponmocup.CU trojan (unable to clean)        00000000000000000000000000000000        I
C:\WINDOWS\Temp\2444ab.exe        Win32/PSW.Delf.OBN trojan (unable to clean)        00000000000000000000000000000000        I
${Memory}        probably a variant of Win32/Ponmocup.AA trojan        00000000000000000000000000000000        I
Bitte Bescheid geben, wenn ich das falsch poste, also ohne diese code-tags. Ich bin leider in diesem Bereich echt total ohne Plan, von daher würde ich mich umso mehr freuen, wenn du/ihr mir helfen könntet! EInfach Bescheid geben, wenn ich es anders posten soll!
Vielen, vielen Dank!

cosinus 01.06.2012 14:17
Malwarebytes erstellt bei jedem Scanvorgang genau ein Log. Hast du in der Vergangenheit schonmal mit Malwarebytes gescannt?
Wenn ja dann stehen auch alle Logs zu jedem Scanvorgang im Reiter Logdateien. Bitte alle posten, die dort sichtbar sind.

juppxy 01.06.2012 15:14
Sorry! Ich dachte, ich hätte das nur einmal gemacht!
Hier also der 1. und 2. log

Code:
rtfgswaqaMalwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.05.30.05

Windows XP Service Pack 3 x86 FAT32
Internet Explorer 6.0.2900.5512
Sarah Wassermann :: ACER-F17C439E3C [Administrator]

31.05.2012 21:52:41
mbam-log-2012-05-31 (21-52-41).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 294203
Laufzeit: 1 Stunde(n), 28 Minute(n), 34 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Hier der zweite

Code:
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.05.30.05

Windows XP Service Pack 3 x86 FAT32
Internet Explorer 6.0.2900.5512
Sarah Wassermann :: ACER-F17C439E3C [Administrator]

30.05.2012 20:21:21
mbam-log-2012-05-30 (20-21-21).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 217695
Laufzeit: 9 Minute(n), 30 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Passt das? Vielen, vielen Dank dir und entschuldige, meine Dusseligkeit!

cosinus 01.06.2012 15:49
Hätte da mal zwei Fragen bevor es weiter geht

1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?

juppxy 01.06.2012 16:42
Hallo Pc-Retter,

alles ist im Startmenü da, ich kann keine leeren Ordner sehen und Windows funktioniert, wie auch schon vorher, abgesehen von excel (aber das spinnt schon länger), einwandfrei.

Liebe Grüße!

cosinus 02.06.2012 15:57
Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log
CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

juppxy 02.06.2012 16:50
Hallo,
hier die otl-log

Code:
OTL logfile created on: 02.06.2012 17:30:57 - Run 1
OTL by OldTimer - Version 3.2.45.0    Folder = C:\Dokumente und Einstellungen\\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1013,98 Mb Total Physical Memory | 568,65 Mb Available Physical Memory | 56,08% Memory free
2,38 Gb Paging File | 1,98 Gb Available in Paging File | 83,15% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 44,99 Gb Total Space | 6,30 Gb Free Space | 14,00% Space Free | Partition Type: FAT32
Drive D: | 45,22 Gb Total Space | 45,06 Gb Free Space | 99,66% Space Free | Partition Type: FAT32
 
Computer Name: ACER-F17C439E3C | User Name:  | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.06.02 17:30:10 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Eigene Dateien\Downloads\OTL(2).exe
PRC - [2012.05.21 08:06:52 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.21 08:06:50 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2012.05.21 08:06:50 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.21 08:06:50 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.21 08:06:50 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.01.04 20:20:50 | 001,391,272 | ---- | M] (Ask) -- C:\Programme\Ask.com\Updater\Updater.exe
PRC - [2010.05.21 00:52:06 | 011,312,128 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.bin
PRC - [2010.05.21 00:52:04 | 011,318,784 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.exe
PRC - [2010.02.18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2008.04.14 07:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.01.31 14:01:38 | 000,159,744 | R--- | M] (Brother Industries, Ltd.) -- C:\Programme\Brother\Brmfcmon\BrMfcMon.exe
PRC - [2007.12.14 17:19:26 | 000,132,624 | ---- | M] (SAMSUNG ELECTRONICS) -- C:\Programme\Samsung\Samsung Media Studio 5\SMSTray.exe
PRC - [2005.08.17 09:07:36 | 000,352,256 | ---- | M] (acer Inc.) -- C:\Programme\acer\eRecovery\Monitor.exe
PRC - [2005.08.16 14:06:22 | 000,577,597 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2005.06.06 19:08:58 | 001,273,344 | ---- | M] (OSA Technologies Inc.) -- C:\Acer\eManager\anbmServ.exe
PRC - [2005.03.28 18:04:00 | 000,188,416 | ---- | M] (Acer Inc) -- C:\Acer\ePM\EPM-DM.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.05.21 08:06:52 | 000,398,288 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2010.05.04 15:36:28 | 000,970,752 | ---- | M] () -- C:\Programme\OpenOffice.org 3\program\libxml2.dll
MOD - [2005.08.16 14:07:42 | 000,053,248 | ---- | M] () -- C:\Programme\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2001.10.28 17:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\netmanage.dll -- (NetManager)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\dnscon70.dll -- (dnscon)
SRV - [2012.05.21 08:06:52 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.21 08:06:50 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012.05.21 08:06:50 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.05.02 16:33:44 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.04.14 07:53:04 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\tlntsvr.exe -- (TlntSvr)
SRV - [2008.04.14 07:52:56 | 000,114,176 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)
SRV - [2008.04.14 07:52:56 | 000,114,176 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE)
SRV - [2008.04.14 07:52:40 | 000,033,280 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv)
SRV - [2008.04.14 07:52:34 | 000,080,896 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2008.04.14 07:52:18 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger)
SRV - [2008.04.14 07:52:16 | 000,053,248 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess)
SRV - [2008.04.14 07:52:08 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
SRV - [2007.09.05 21:25:04 | 000,204,800 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\WINDOWS\system32\stacsv.exe -- (STacSV)
SRV - [2005.06.06 19:08:58 | 001,273,344 | ---- | M] (OSA Technologies Inc.) [Auto | Running] -- C:\Acer\eManager\anbmServ.exe -- (anbmService)
SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Programme\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2012.05.21 08:06:52 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.05.21 08:06:52 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.09.16 16:08:08 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2009.11.11 13:26:02 | 002,216,064 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel(R)
DRV - [2009.10.08 16:55:34 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008.07.24 12:02:36 | 000,101,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008.04.14 07:28:20 | 000,154,112 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmio.sys -- (dmio)
DRV - [2008.04.14 07:28:14 | 000,800,384 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008.04.14 00:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2008.04.14 00:44:22 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs)
DRV - [2008.04.14 00:02:38 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2007.09.05 21:25:30 | 001,246,456 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005.08.16 13:53:54 | 000,401,152 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2005.08.16 13:52:32 | 000,023,271 | ---- | M] (Broadcom Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2005.08.16 13:52:28 | 000,222,876 | ---- | M] (Broadcom Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btslbcsp.sys -- (BTSLBCSP)
DRV - [2005.08.16 13:51:32 | 001,341,466 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2005.08.16 13:49:38 | 000,030,363 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2005.08.16 13:49:04 | 000,056,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2005.08.16 13:46:08 | 000,148,040 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2005.06.30 16:58:24 | 000,007,296 | ---- | M] (OSA Technologies, An Avocent Company) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\osaio.sys -- (osaio)
DRV - [2005.03.24 16:54:08 | 000,078,208 | ---- | M] (Acer Value Labs, USA) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epm-shd.sys -- (EpmShd)
DRV - [2005.02.10 09:52:36 | 000,157,056 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005.01.14 15:57:16 | 000,004,010 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\osanbm.sys -- (osanbm)
DRV - [2005.01.13 14:46:16 | 000,069,632 | ---- | M] () [Kernel | Auto | Running] -- C:\Programme\acer\eRecovery\int15.sys -- (int15.sys)
DRV - [2004.10.07 19:51:08 | 001,270,540 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004.08.04 05:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2004.08.04 05:00:00 | 000,007,040 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2004.08.04 05:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmload.sys -- (dmload)
DRV - [2004.07.19 13:10:00 | 000,004,096 | ---- | M] (Acer Value Labs, USA) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epm-psd.sys -- (EpmPsd)
DRV - [2003.05.21 19:47:12 | 000,175,360 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://global.acer.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13165&gct=&gc=1&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13165&gct=&gc=1&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2913619195-3556326265-1765705353-1004\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter =
IE - HKU\S-1-5-21-2913619195-3556326265-1765705353-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-2913619195-3556326265-1765705353-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-2913619195-3556326265-1765705353-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-2913619195-3556326265-1765705353-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
IE - HKU\S-1-5-21-2913619195-3556326265-1765705353-1004\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-2913619195-3556326265-1765705353-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-2913619195-3556326265-1765705353-1004\..\URLSearchHook: {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Programme\AskSearch\bin\DefaultSearch.dll ()
IE - HKU\S-1-5-21-2913619195-3556326265-1765705353-1004\..\SearchScopes,DefaultScope = {AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
IE - HKU\S-1-5-21-2913619195-3556326265-1765705353-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}
IE - HKU\S-1-5-21-2913619195-3556326265-1765705353-1004\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid=&mid=&lang=&ds=&pr=&d=&v=&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-2913619195-3556326265-1765705353-1004\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKU\S-1-5-21-2913619195-3556326265-1765705353-1004\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = hxxp://toolbar.ask.com/toolbarv/askRedirect?gct=&gc=1&q={searchTerms}&crm=1&toolbar=DVS
IE - HKU\S-1-5-21-2913619195-3556326265-1765705353-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.0
FF - prefs.js..extensions.enabledItems: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f}:2.5.6.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Programme\Picasa2\npPicasa2.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2009.02.23 20:02:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.01.27 21:15:48 | 000,000,000 | ---D | M]
 
[2010.01.27 21:16:18 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Sarah Wassermann\Anwendungsdaten\Mozilla\Extensions
[2010.01.27 21:16:18 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Sarah Wassermann\Anwendungsdaten\Mozilla\Firefox\Profiles\dfv98dao.default\extensions
[2010.07.26 21:21:40 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Dokumente und Einstellungen\Sarah Wassermann\Anwendungsdaten\Mozilla\Firefox\Profiles\dfv98dao.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.01.27 21:25:06 | 000,000,000 | ---D | M] ("BitDefender QuickScanner") -- C:\Dokumente und Einstellungen\Sarah Wassermann\Anwendungsdaten\Mozilla\Firefox\Profiles\dfv98dao.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2010.02.28 17:08:08 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Dokumente und Einstellungen\Sarah Wassermann\Anwendungsdaten\Mozilla\Firefox\Profiles\dfv98dao.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
[2010.03.01 06:12:20 | 000,000,873 | ---- | M] () -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\Mozilla\Firefox\Profiles\dfv98dao.default\searchplugins\conduit.xml
[2011.12.20 14:29:56 | 000,005,508 | ---- | M] () -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\Mozilla\Firefox\Profiles\dfv98dao.default\searchplugins\webde-suche.xml
[2011.12.20 14:29:56 | 000,010,525 | ---- | M] () -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\Mozilla\Firefox\Profiles\dfv98dao.default\searchplugins\gmx-suche.xml
[2011.12.20 14:29:56 | 000,000,933 | ---- | M] () -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\Mozilla\Firefox\Profiles\dfv98dao.default\searchplugins\11-suche.xml
[2011.12.20 14:29:56 | 000,002,457 | ---- | M] () -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\Mozilla\Firefox\Profiles\dfv98dao.default\searchplugins\lastminute.xml
[2011.12.20 14:29:56 | 000,002,419 | ---- | M] () -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\Mozilla\Firefox\Profiles\dfv98dao.default\searchplugins\englische-ergebnisse.xml
[2010.01.27 21:15:48 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.04.18 07:45:36 | 000,576,958 | ---- | M] () (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\SARAH \ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\DFV98DAO.DEFAULT\EXTENSIONS\TOOLBAR@WEB.DE.XPI
[2012.05.02 16:33:44 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2010.06.10 13:52:46 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2012.02.14 06:21:04 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
[2012.02.14 06:21:04 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.14 06:21:04 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.14 06:21:04 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.14 06:21:04 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.02.14 06:21:04 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
 
O1 HOSTS File: ([2004.08.04 05:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-2913619195-3556326265-1765705353-1004\..\Toolbar\ShellBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-2913619195-3556326265-1765705353-1004\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnUpdater] C:\Programme\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [ControlCenter3] C:\Programme\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [EPM-DM] c:\Acer\ePM\EPM-DM.exe (Acer Inc)
O4 - HKLM..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe (Acer Value Labs, Taiwan)
O4 - HKLM..\Run: [eRecoveryService] C:\Programme\acer\eRecovery\Monitor.exe (acer Inc.)
O4 - HKLM..\Run: [IDTSysTrayApp] C:\WINDOWS\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LaunchApp] C:\WINDOWS\Alaunch.exe (Acer Inc.)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [RealTray] C:\Programme\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER File not found
O4 - HKLM..\Run: [SMSTray] C:\Programme\Samsung\Samsung Media Studio 5\SMSTray.exe (SAMSUNG ELECTRONICS)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk = C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Dokumente und Einstellungen\Sarah \Startmenü\Programme\Autostart\OpenOffice.org 3.2.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2913619195-3556326265-1765705353-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube Download - C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Senden an &Bluetooth - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} hxxp://picasaweb.google.com/s/v/40.11/uploader2.cab (UploadListView Class)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} hxxp://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} hxxp://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{26A65AE0-4098-4A9E-916A-F33DAAA60B83}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\rtutily.dll File not found
O21 - SSODL: UpdateCheck - {62B433F2-6CBE-4094-A163-D75660173871} - C:\WINDOWS\system32\rtutily.dll File not found
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {88485281-8b4b-4f8d-9ede-82e29a064277} - C:\Programme\MarkAny\ContentSafer\MACSMANAGER.dll (MarkAny Cooperation.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.09.23 17:08:56 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{04668d6a-ce72-11dd-8586-00038a000015}\Shell\AutoRun\command - "" = E:\
O33 - MountPoints2\{04668d6a-ce72-11dd-8586-00038a000015}\Shell\open\Command - "" = rundll32.exe .\desktop.dll,InstallM
O33 - MountPoints2\{09bbdd4c-0ee2-11dd-82c8-00038a000015}\Shell\AutoRun\command - "" = G:\
O33 - MountPoints2\{09bbdd4c-0ee2-11dd-82c8-00038a000015}\Shell\open\Command - "" = rundll32.exe .\desktop.dll,InstallM
O33 - MountPoints2\{2cc860a4-72a9-11de-8726-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{2cc860a4-72a9-11de-8726-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2cc860a4-72a9-11de-8726-00038a000015}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{534ed714-653c-11de-8701-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{534ed714-653c-11de-8701-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{534ed714-653c-11de-8701-00038a000015}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{6c948fd0-104b-11dd-82c9-00038a000015}\Shell\AutoRun\command - "" = G:\
O33 - MountPoints2\{6c948fd0-104b-11dd-82c9-00038a000015}\Shell\open\Command - "" = rundll32.exe .\desktop.dll,InstallM
O33 - MountPoints2\{d38dd680-5cce-11de-86e9-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{d38dd680-5cce-11de-86e9-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d38dd680-5cce-11de-86e9-00038a000015}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: 6to4 -  File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
 
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offlinebrowsingpaket
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer-Hilfe
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsererweiterungen
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - Zugang zu MSN Site
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML-Datenbindung
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer-Hauptschriftarten
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML-Hilfe
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
 
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.06.01 11:32:58 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2012.05.31 21:47:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Desktop\Henny&Kalle
[2012.05.30 22:55:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\\Desktop\desktop alle dateien
[2012.05.30 22:27:45 | 000,014,664 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\stinger.sys
[2012.05.30 22:27:25 | 000,159,608 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\mfevtps.exe.a3df.deleteme
[2012.05.30 22:27:14 | 000,000,000 | ---D | C] -- C:\Programme\stinger
[2012.05.30 21:08:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\\Anwendungsdaten\MSNInstaller
[2012.05.30 20:19:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\\Anwendungsdaten\Malwarebytes
[2012.05.30 20:19:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.05.30 20:19:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.05.30 20:19:05 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.05.30 20:19:05 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2012.05.30 19:57:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\AskToolbar
[2012.05.30 19:42:37 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2012.05.30 19:42:37 | 000,000,000 | ---D | C] -- C:\Programme\Enigma Software Group
[2012.05.30 19:40:44 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Wise Installation Wizard
[2012.05.30 19:32:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\TuneUp Software
[2012.05.30 19:31:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2012.05.30 19:31:23 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.05.30 19:31:22 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files
[2012.05.06 19:49:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sarah \Eigene Dateien\Meine empfangenen Dateien
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.06.02 17:34:04 | 000,000,228 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012.06.02 17:27:38 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\eRLog.ini
[2012.06.02 17:27:32 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.06.02 17:26:52 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2012.06.02 17:26:46 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.06.02 17:26:40 | 000,000,336 | ---- | M] () -- C:\WINDOWS\tasks\Sfre.job
[2012.06.02 17:26:36 | 1063,309,312 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.02 17:26:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.06.02 17:25:32 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2012.06.02 14:53:12 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.06.01 13:25:36 | 000,062,474 | ---- | M] () -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\wklnhst.dat
[2012.05.30 22:40:40 | 000,014,664 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\stinger.sys
[2012.05.30 22:27:22 | 000,159,608 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\mfevtps.exe.a3df.deleteme
[2012.05.21 08:06:52 | 000,137,928 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2012.05.21 08:06:52 | 000,083,392 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2012.05.14 21:52:26 | 000,000,432 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2012.05.10 06:24:46 | 000,336,256 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.05.09 21:26:10 | 000,464,856 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.05.09 21:26:10 | 000,446,152 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.05.09 21:26:10 | 000,087,060 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.05.09 21:26:10 | 000,073,358 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.05.09 21:23:12 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.05.30 15:45:47 | 000,000,336 | ---- | C] () -- C:\WINDOWS\tasks\Sfre.job
[2012.02.16 06:48:01 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.01.13 01:49:56 | 000,000,043 | ---- | C] () -- C:\WINDOWS\gswin32.ini
[2011.01.12 16:48:21 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2011.01.12 09:14:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat
[2011.01.12 09:14:02 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
 
========== LOP Check ==========
 
[2005.09.23 18:28:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint
[2010.01.16 10:41:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft
[2012.04.21 08:05:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\tmp
[2012.05.30 19:31:24 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files
[2012.05.30 19:31:24 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.05.30 19:31:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2010.01.27 21:25:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\QuickScan
[2010.06.10 13:56:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\OpenOffice.org
[2010.07.03 21:09:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\PriceGong
[2010.07.26 21:21:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\DVDVideoSoftIEHelpers
[2010.11.29 21:36:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\InterTrust
[2011.02.08 16:39:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\ScanSoft
[2011.07.17 18:26:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\DVDVideoSoft
[2012.02.13 09:10:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\ElevatedDiagnostics
[2012.05.30 19:32:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\TuneUp Software
[2012.05.30 19:57:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\AskToolbar
[2012.05.30 21:08:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\MSNInstaller
[2008.05.13 09:59:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\Ordner HP Share-to-Web
[2008.05.23 10:58:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\Viewpoint
[2008.06.11 13:04:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\DataCast
[2012.06.02 17:26:52 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job
[2012.06.02 17:34:04 | 000,000,228 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2012.06.02 17:26:40 | 000,000,336 | ---- | M] () -- C:\WINDOWS\Tasks\Sfre.job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2005.09.23 16:54:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\Identities
[2005.09.23 18:28:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\\Anwendungsdaten\You've Got Pictures Screensaver
[2005.09.23 18:28:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\\Anwendungsdaten\AOL
[2005.09.23 16:38:42 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\\Anwendungsdaten\Microsoft
[2010.01.27 21:16:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\\Anwendungsdaten\Mozilla
[2009.07.20 19:00:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\\Anwendungsdaten\Help
[2010.01.16 10:43:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\\Anwendungsdaten\InstallShield
[2010.01.18 09:57:02 | 000,000,000 | R--D | M] -- C:\Dokumente und Einstellungen\\Anwendungsdaten\Brother
[2010.01.27 21:25:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\\Anwendungsdaten\QuickScan
[2010.02.09 20:41:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\\Anwendungsdaten\Sun
[2010.06.10 13:56:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\\Anwendungsdaten\OpenOffice.org
[2010.06.17 22:26:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\\Anwendungsdaten\Real
[2010.07.03 21:09:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\\Anwendungsdaten\PriceGong
[2010.07.26 21:21:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\DVDVideoSoftIEHelpers
[2010.11.29 21:36:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\InterTrust
[2011.02.08 16:39:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\ScanSoft
[2011.07.17 18:26:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\DVDVideoSoft
[2012.02.13 09:10:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\ElevatedDiagnostics
[2012.03.18 10:05:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\\Anwendungsdaten\Avira
[2012.05.30 19:32:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\TuneUp Software
[2012.05.30 19:57:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\AskToolbar
[2012.05.30 20:19:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\Malwarebytes
[2012.05.30 21:08:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sarah \\MSNInstaller
[2008.04.29 09:32:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\Adobe
[2008.04.29 09:32:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\AdobeUM
[2008.04.29 10:44:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\Macromedia
[2008.05.01 10:53:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\skypePM
[2008.05.01 11:58:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\Google
[2008.05.13 09:59:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\Ordner HP Share-to-Web
[2008.05.23 10:58:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\Viewpoint
[2008.06.11 13:04:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\DataCast
[2008.06.24 20:40:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\CyberLink
 
< %APPDATA%\*.exe /s >
[2012.04.21 08:33:24 | 014,852,504 | ---- | M] (Adobe Systems Inc.) -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\Macromedia\Flash Player\www.macromedia.com\bin\airinstaller3x0\airinstaller3x0.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2004.08.04 05:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\i386\sp3.cab:AGP440.sys
[2004.08.04 05:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2004.08.04 05:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\i386\sp3.cab:atapi.sys
[2004.08.04 05:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.04 05:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.04 05:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\i386\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2008.04.14 07:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\eventlog.dll
[2008.04.14 07:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
[2004.08.04 05:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
 
< MD5 for: NETLOGON.DLL  >
[2008.04.14 07:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:22:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\netlogon.dll
[2008.04.14 07:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
[2004.08.04 05:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
 
< MD5 for: SCECLI.DLL  >
[2008.04.14 07:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:22:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\scecli.dll
[2008.04.14 07:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
[2004.08.04 05:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
 
< MD5 for: USER32.DLL  >
[2005.03.02 20:09:46 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=3751D7CF0E0A113D84414992146BCE6A -- C:\WINDOWS\$NtUninstallKB925902$\user32.dll
[2007.03.08 17:36:30 | 000,579,072 | ---- | M] (Microsoft Corporation) MD5=492E166CFD26A50FB9160DB536FF7D2B -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2005.03.02 20:19:56 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=4C90159A69A5FD3EB39C71411F28FCFF -- C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll
[2004.08.04 05:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\WINDOWS\$NtUninstallKB890859$\user32.dll
[2007.03.08 17:48:40 | 000,579,584 | ---- | M] (Microsoft Corporation) MD5=78785EFF8CB90CEC1862A4CCFD9A3C3A -- C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll
[2008.04.14 07:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008.04.14 04:22:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\user32.dll
[2008.04.14 07:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.04.14 07:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:23:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\userinit.exe
[2008.04.14 07:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2004.08.04 05:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2004.08.04 05:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 07:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:23:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\winlogon.exe
[2008.04.14 07:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2004.08.04 05:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2004.08.04 05:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2005.09.23 16:37:32 | 000,438,272 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
[2005.09.23 16:37:32 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2005.09.23 16:37:32 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[8 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< End of report >
Und hier war auch noch ein extra.log von otl. Ich weiß nicht, ob der auch wichtig ist, aber ich poste es einfach mal:

Code:
OTL Extras logfile created on: 02.06.2012 17:30:57 - Run 1
OTL by OldTimer - Version 3.2.45.0    Folder = C:\Dokumente und Einstellungen\Sarah \Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1013,98 Mb Total Physical Memory | 568,65 Mb Available Physical Memory | 56,08% Memory free
2,38 Gb Paging File | 1,98 Gb Available in Paging File | 83,15% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 44,99 Gb Total Space | 6,30 Gb Free Space | 14,00% Space Free | Partition Type: FAT32
Drive D: | 45,22 Gb Total Space | 45,06 Gb Free Space | 99,66% Space Free | Partition Type: FAT32
 
Computer Name: ACER-F17C439E3C | User Name: Sarah | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
 
[HKEY_USERS\S-1-5-21-2913619195-3556326265-1765705353-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htafile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe" = C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe:*:Enabled:AOL
"C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe" = C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe:*:Enabled:AOL
"C:\Programme\AOL 9.0\waol.exe" = C:\Programme\AOL 9.0\waol.exe:*:Enabled:AOL 9.0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe" = C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe:*:Enabled:AOL
"C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe" = C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe:*:Enabled:AOL
"C:\Programme\AOL 9.0\waol.exe" = C:\Programme\AOL 9.0\waol.exe:*:Enabled:AOL 9.0
"C:\Programme\Real\RealPlayer\RealPlay.exe" = C:\Programme\Real\RealPlayer\RealPlay.exe:*:Enabled:RealPlayer
"C:\WINDOWS\System32\muzapp.exe" = C:\WINDOWS\System32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"C:\Programme\Skype\Plugin Manager\skypePM.exe" = C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = WIDCOMM Bluetooth Software
"{46E1B1F2-A279-4356-9B17-029F9CC72EAE}" = Brother MFL-Pro Suite
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePowerManagement
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7A8FF745-BBC5-482B-88E4-18D3178249A9}" = ScanSoft PaperPort 11
"{827289F5-B44F-4E49-9993-840741585A62}" = Acer eManager for Notebook
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver for Mobile
"{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{91120407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{95120000-003F-0409-0000-0000000FF1CE}" = Microsoft Office Excel Viewer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{B26E3B0D-C2FA-4370-B068-7C476766F029}" = Microsoft Works
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C19BE821-89B1-4A96-AC7C-873810C0CB5F}" = ContentSAFER for Wizmax
"{C20CE592-B0F8-4D20-BF31-0151CA6331A6}" = Samsung Media Studio 5
"{C438DF2B-C5DF-4783-9CA5-9B89E501FA62}" = Works Update
"{C6A12D9B-D86A-4ee6-B980-95E4B26A2E13}" = Microsoft Works Suite-Add-Ins für Microsoft Word
"{C7CA945E-1F10-458B-AAAF-C566D25E3C02}" = Georg Büchner – Woyzeck
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DFD11EED-40F8-4305-A445-354B8343E725}" = Thomas Mann - Mario und der Zauberer
"{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Avira AntiVir Desktop" = Avira Free Antivirus
"ESET Online Scanner" = ESET Online Scanner v3
"Free YouTube Download 3_is1" = Free YouTube Download 3 version 3.0.6.715
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.9.908
"InstallShield_{827289F5-B44F-4E49-9993-840741585A62}" = Acer eManager for Notebook
"Klett Lehrersoftware Green Line (Band 4)" = Klett Lehrersoftware Green Line (Band 4)
"Klett Lehrersoftware Green Line (Band 6)" = Klett Lehrersoftware Green Line (Band 6)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mobile Partner" = Mobile Partner
"Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"QuickTime" = QuickTime
"Uninstall_is1" = Uninstall 1.0.0.1
"ViewpointMediaPlayer" = Viewpoint Media Player
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Works2005Setup" = Setup-Start von Microsoft Works 2005
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2913619195-3556326265-1765705353-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 21.05.2012 12:46:42 | Computer Name = ACER-F17C439E3C | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung WINWORD.EXE, Version 11.0.5604.0, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 21.05.2012 12:47:47 | Computer Name = ACER-F17C439E3C | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung WINWORD.EXE, Version 11.0.5604.0, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 23.05.2012 03:04:11 | Computer Name = ACER-F17C439E3C | Source = Microsoft Office 11 | ID = 2001
Description = Rejected Safe Mode action : Microsoft Office Word.
 
Error - 30.05.2012 09:15:01 | Computer Name = ACER-F17C439E3C | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung firefox.exe, Version 12.0.0.4493, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 30.05.2012 10:47:31 | Computer Name = ACER-F17C439E3C | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung WINWORD.EXE, Version 11.0.5604.0, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 30.05.2012 13:05:38 | Computer Name = ACER-F17C439E3C | Source = VSS | ID = 4001
Description = Volumeschattenkopie-Dienstfehler: Vergleichsbereiche können zum Erstellen
 von Schattenkopien nicht gefunden werden.  Fügen Sie mindestens ein NTFS-Laufwerk
 mit ausreichend Speicherplatz dem System hinzu.  Es sind mindestens 100 MB freier
 Speicherplatz pro Volumesicherung bzw. -schattenkopie erforderlich.
 
Error - 30.05.2012 13:08:45 | Computer Name = ACER-F17C439E3C | Source = VSS | ID = 4001
Description = Volumeschattenkopie-Dienstfehler: Vergleichsbereiche können zum Erstellen
 von Schattenkopien nicht gefunden werden.  Fügen Sie mindestens ein NTFS-Laufwerk
 mit ausreichend Speicherplatz dem System hinzu.  Es sind mindestens 100 MB freier
 Speicherplatz pro Volumesicherung bzw. -schattenkopie erforderlich.
 
Error - 30.05.2012 13:14:31 | Computer Name = ACER-F17C439E3C | Source = VSS | ID = 4001
Description = Volumeschattenkopie-Dienstfehler: Vergleichsbereiche können zum Erstellen
 von Schattenkopien nicht gefunden werden.  Fügen Sie mindestens ein NTFS-Laufwerk
 mit ausreichend Speicherplatz dem System hinzu.  Es sind mindestens 100 MB freier
 Speicherplatz pro Volumesicherung bzw. -schattenkopie erforderlich.
 
Error - 30.05.2012 13:14:46 | Computer Name = ACER-F17C439E3C | Source = VSS | ID = 4001
Description = Volumeschattenkopie-Dienstfehler: Vergleichsbereiche können zum Erstellen
 von Schattenkopien nicht gefunden werden.  Fügen Sie mindestens ein NTFS-Laufwerk
 mit ausreichend Speicherplatz dem System hinzu.  Es sind mindestens 100 MB freier
 Speicherplatz pro Volumesicherung bzw. -schattenkopie erforderlich.
 
Error - 01.06.2012 14:44:55 | Computer Name = ACER-F17C439E3C | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung explorer.exe, Version 6.0.2900.5512, fehlgeschlagenes
 Modul unknown, Version 0.0.0.0, Fehleradresse 0x02ce0ff0.
 
[ System Events ]
Error - 02.06.2012 01:59:01 | Computer Name = ACER-F17C439E3C | Source = Service Control Manager | ID = 7023
Description = Der Dienst "DNS Connection" wurde mit folgendem Fehler beendet:  %%126
 
Error - 02.06.2012 01:59:01 | Computer Name = ACER-F17C439E3C | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Network Manager Service" wurde mit folgendem Fehler beendet:
  %%126
 
Error - 02.06.2012 08:51:10 | Computer Name = ACER-F17C439E3C | Source = Service Control Manager | ID = 7023
Description = Der Dienst "DNS Connection" wurde mit folgendem Fehler beendet:  %%126
 
Error - 02.06.2012 08:51:10 | Computer Name = ACER-F17C439E3C | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Network Manager Service" wurde mit folgendem Fehler beendet:
  %%126
 
Error - 02.06.2012 09:32:51 | Computer Name = ACER-F17C439E3C | Source = Service Control Manager | ID = 7023
Description = Der Dienst "DNS Connection" wurde mit folgendem Fehler beendet:  %%126
 
Error - 02.06.2012 09:32:51 | Computer Name = ACER-F17C439E3C | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Network Manager Service" wurde mit folgendem Fehler beendet:
  %%126
 
Error - 02.06.2012 11:11:56 | Computer Name = ACER-F17C439E3C | Source = Service Control Manager | ID = 7023
Description = Der Dienst "DNS Connection" wurde mit folgendem Fehler beendet:  %%126
 
Error - 02.06.2012 11:11:56 | Computer Name = ACER-F17C439E3C | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Network Manager Service" wurde mit folgendem Fehler beendet:
  %%126
 
Error - 02.06.2012 11:28:12 | Computer Name = ACER-F17C439E3C | Source = Service Control Manager | ID = 7023
Description = Der Dienst "DNS Connection" wurde mit folgendem Fehler beendet:  %%126
 
Error - 02.06.2012 11:28:13 | Computer Name = ACER-F17C439E3C | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Network Manager Service" wurde mit folgendem Fehler beendet:
  %%126
 
 
< End of report >
Ist das so ok?

Liebe Grüße

cosinus 02.06.2012 19:34
Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=13165&gct=&gc=1&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=13165&gct=&gc=1&q=
IE - HKU\S-1-5-21-2913619195-3556326265-1765705353-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2269050
IE - HKU\S-1-5-21-2913619195-3556326265-1765705353-1004\..\URLSearchHook: {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Programme\AskSearch\bin\DefaultSearch.dll ()
IE - HKU\S-1-5-21-2913619195-3556326265-1765705353-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}
IE - HKU\S-1-5-21-2913619195-3556326265-1765705353-1004\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid=&mid=&lang=&ds=&pr=&d=&v=&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-2913619195-3556326265-1765705353-1004\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKU\S-1-5-21-2913619195-3556326265-1765705353-1004\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = http://toolbar.ask.com/toolbarv/askRedirect?gct=&gc=1&q={searchTerms}&crm=1&toolbar=DVS
FF - user.js - File not found
[2010.02.28 17:08:08 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Dokumente und Einstellungen\Sarah Wassermann\Anwendungsdaten\Mozilla\Firefox\Profiles\dfv98dao.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
[2010.03.01 06:12:20 | 000,000,873 | ---- | M] () -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\Mozilla\Firefox\Profiles\dfv98dao.default\searchplugins\conduit.xml
[2011.12.20 14:29:56 | 000,005,508 | ---- | M] () -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\Mozilla\Firefox\Profiles\dfv98dao.default\searchplugins\webde-suche.xml
[2011.12.20 14:29:56 | 000,010,525 | ---- | M] () -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\Mozilla\Firefox\Profiles\dfv98dao.default\searchplugins\gmx-suche.xml
[2011.12.20 14:29:56 | 000,000,933 | ---- | M] () -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\Mozilla\Firefox\Profiles\dfv98dao.default\searchplugins\11-suche.xml
[2011.12.20 14:29:56 | 000,002,457 | ---- | M] () -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\Mozilla\Firefox\Profiles\dfv98dao.default\searchplugins\lastminute.xml
[2011.12.20 14:29:56 | 000,002,419 | ---- | M] () -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\Mozilla\Firefox\Profiles\dfv98dao.default\searchplugins\englische-ergebnisse.xml
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-2913619195-3556326265-1765705353-1004\..\Toolbar\ShellBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-2913619195-3556326265-1765705353-1004\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Programme\Ask.com\Updater\Updater.exe (Ask)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2913619195-3556326265-1765705353-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\rtutily.dll File not found
O21 - SSODL: UpdateCheck - {62B433F2-6CBE-4094-A163-D75660173871} - C:\WINDOWS\system32\rtutily.dll File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.09.23 17:08:56 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{04668d6a-ce72-11dd-8586-00038a000015}\Shell\AutoRun\command - "" = E:\
O33 - MountPoints2\{04668d6a-ce72-11dd-8586-00038a000015}\Shell\open\Command - "" = rundll32.exe .\desktop.dll,InstallM
O33 - MountPoints2\{09bbdd4c-0ee2-11dd-82c8-00038a000015}\Shell\AutoRun\command - "" = G:\
O33 - MountPoints2\{09bbdd4c-0ee2-11dd-82c8-00038a000015}\Shell\open\Command - "" = rundll32.exe .\desktop.dll,InstallM
O33 - MountPoints2\{2cc860a4-72a9-11de-8726-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{2cc860a4-72a9-11de-8726-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2cc860a4-72a9-11de-8726-00038a000015}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{534ed714-653c-11de-8701-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{534ed714-653c-11de-8701-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{534ed714-653c-11de-8701-00038a000015}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{6c948fd0-104b-11dd-82c9-00038a000015}\Shell\AutoRun\command - "" = G:\
O33 - MountPoints2\{6c948fd0-104b-11dd-82c9-00038a000015}\Shell\open\Command - "" = rundll32.exe .\desktop.dll,InstallM
O33 - MountPoints2\{d38dd680-5cce-11de-86e9-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{d38dd680-5cce-11de-86e9-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d38dd680-5cce-11de-86e9-00038a000015}\Shell\AutoRun\command - "" = E:\AutoRun.exe
[2012.05.30 19:57:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\AskToolbar
[2012.05.30 19:42:37 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2010.07.03 21:09:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\PriceGong
:Files
C:\Programme\Ask.com

:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

juppxy 02.06.2012 20:03
Hallihallo,

hier also die Ergebnisse:
Code:
All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\Default_Search_URL| /E : value set successfully!
HKU\S-1-5-21-2913619195-3556326265-1765705353-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-2913619195-3556326265-1765705353-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\{C94E154B-1459-4A47-966B-4B843BEFC7DB} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C94E154B-1459-4A47-966B-4B843BEFC7DB}\ deleted successfully.
C:\Programme\AskSearch\bin\DefaultSearch.dll moved successfully.
Registry key HKEY_USERS\S-1-5-21-2913619195-3556326265-1765705353-1004\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_USERS\S-1-5-21-2913619195-3556326265-1765705353-1004\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
Registry key HKEY_USERS\S-1-5-21-2913619195-3556326265-1765705353-1004\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_USERS\S-1-5-21-2913619195-3556326265-1765705353-1004\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF739809-1C6C-47C0-85B9-569DBB141420}\ not found.
C:\Dokumente und Einstellungen\Sarah Wassermann\Anwendungsdaten\Mozilla\Firefox\Profiles\dfv98dao.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\searchplugin folder moved successfully.
C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\Mozilla\Firefox\Profiles\dfv98dao.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\META-INF folder moved successfully.
C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\Mozilla\Firefox\Profiles\dfv98dao.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\lib folder moved successfully.
C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\Mozilla\Firefox\Profiles\dfv98dao.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\components folder moved successfully.
C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\Mozilla\Firefox\Profiles\dfv98dao.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\defaults folder moved successfully.
C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\Mozilla\Firefox\Profiles\dfv98dao.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\chrome folder moved successfully.
C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\Mozilla\Firefox\Profiles\dfv98dao.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} folder moved successfully.
File C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\Mozilla\Firefox\Profiles\dfv98dao.default\searchplugins\conduit.xml not found.
File C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\Mozilla\Firefox\Profiles\dfv98dao.default\searchplugins\webde-suche.xml not found.
File C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\Mozilla\Firefox\Profiles\dfv98dao.default\searchplugins\gmx-suche.xml not found.
File C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\Mozilla\Firefox\Profiles\dfv98dao.default\searchplugins\11-suche.xml not found.
File C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\Mozilla\Firefox\Profiles\dfv98dao.default\searchplugins\lastminute.xml not found.
File C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\Mozilla\Firefox\Profiles\dfv98dao.default\searchplugins\englische-ergebnisse.xml not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Programme\Ask.com\GenericAskToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-2913619195-3556326265-1765705353-1004\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-2913619195-3556326265-1765705353-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater deleted successfully.
C:\Programme\Ask.com\Updater\Updater.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\HonorAutoRunSetting deleted successfully.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun not found.
Registry value HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2913619195-3556326265-1765705353-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\PostBootReminder deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7849596a-48ea-486e-8937-a2a3009f31a9}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\UpdateCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{62B433F2-6CBE-4094-A163-D75660173871}\ deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\AUTOEXEC.BAT moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{04668d6a-ce72-11dd-8586-00038a000015}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04668d6a-ce72-11dd-8586-00038a000015}\ not found.
File E:\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{04668d6a-ce72-11dd-8586-00038a000015}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04668d6a-ce72-11dd-8586-00038a000015}\ not found.
File rundll32.exe .\desktop.dll,InstallM not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{09bbdd4c-0ee2-11dd-82c8-00038a000015}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{09bbdd4c-0ee2-11dd-82c8-00038a000015}\ not found.
File G:\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{09bbdd4c-0ee2-11dd-82c8-00038a000015}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{09bbdd4c-0ee2-11dd-82c8-00038a000015}\ not found.
File rundll32.exe .\desktop.dll,InstallM not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2cc860a4-72a9-11de-8726-00038a000015}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2cc860a4-72a9-11de-8726-00038a000015}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2cc860a4-72a9-11de-8726-00038a000015}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2cc860a4-72a9-11de-8726-00038a000015}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2cc860a4-72a9-11de-8726-00038a000015}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2cc860a4-72a9-11de-8726-00038a000015}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{534ed714-653c-11de-8701-00038a000015}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{534ed714-653c-11de-8701-00038a000015}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{534ed714-653c-11de-8701-00038a000015}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{534ed714-653c-11de-8701-00038a000015}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{534ed714-653c-11de-8701-00038a000015}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{534ed714-653c-11de-8701-00038a000015}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6c948fd0-104b-11dd-82c9-00038a000015}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6c948fd0-104b-11dd-82c9-00038a000015}\ not found.
File G:\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6c948fd0-104b-11dd-82c9-00038a000015}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6c948fd0-104b-11dd-82c9-00038a000015}\ not found.
File rundll32.exe .\desktop.dll,InstallM not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d38dd680-5cce-11de-86e9-00038a000015}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d38dd680-5cce-11de-86e9-00038a000015}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d38dd680-5cce-11de-86e9-00038a000015}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d38dd680-5cce-11de-86e9-00038a000015}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d38dd680-5cce-11de-86e9-00038a000015}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d38dd680-5cce-11de-86e9-00038a000015}\ not found.
File E:\AutoRun.exe not found.
Folder C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\AskToolbar\ not found.
C:\sh4ldr folder moved successfully.
Folder C:\Dokumente und Einstellungen\Sarah \Anwendungsdaten\PriceGong\ not found.
========== FILES ==========
C:\Programme\Ask.com\assets\oobe folder moved successfully.
C:\Programme\Ask.com\assets folder moved successfully.
C:\Programme\Ask.com\Updater folder moved successfully.
C:\Programme\Ask.com folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 400807 bytes
 
User: All Users
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 49353 bytes
 
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32768 bytes
 
User: Sarah
->Temp folder emptied: 350107011 bytes
->Temporary Internet Files folder emptied: 153259277 bytes
->Java cache emptied: 9013837 bytes
->FireFox cache emptied: 303826356 bytes
->Flash cache emptied: 15204461 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1479885 bytes
%systemroot%\System32 .tmp files removed: 3487623 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 33734460 bytes
RecycleBin emptied: 814 bytes
 
Total Files Cleaned = 830,00 mb
 
 
[EMPTYFLASH]
 
User: Default User
 
User: All Users
 
User: NetworkService
 
User: LocalService
 
User: Administrator
 
User: Sarah
->Flash cache emptied: 0 bytes
 
Total Flash Files Cleaned = 0,00 mb
 
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.44.0 log created on 06022012_205120

Files\Folders moved on Reboot...
File\Folder C:\Dokumente und Einstellungen\Sarah \Lokale Einstellungen\Temp\Temporäres Verzeichnis 1 für Stationsarbeit zur Wiederholung und Erarbeitung der Zeitformen des deutschen Verbs.zip\Stationen zur Vertiefung von Zeitformen\Stationen Aufregung im Wintercamp.doc not found!

Registry entries deleted on Reboot...
Vielen Dank! Ich bin echt sehr dankbar, dass man mir hilft!

cosinus 03.06.2012 12:43
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

juppxy 03.06.2012 13:19
Hier log Nr. 1 vom TDSS:

Code:
14:10:33.0718 3520        TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
14:10:33.0921 3520        ============================================================
14:10:33.0921 3520        Current date / time: 2012/06/03 14:10:33.0921
14:10:33.0921 3520        SystemInfo:
14:10:33.0921 3520       
14:10:33.0921 3520        OS Version: 5.1.2600 ServicePack: 3.0
14:10:33.0921 3520        Product type: Workstation
14:10:33.0921 3520        ComputerName: ACER-F17C439E3C
14:10:33.0921 3520        UserName: Sarah
14:10:33.0921 3520        Windows directory: C:\WINDOWS
14:10:33.0921 3520        System windows directory: C:\WINDOWS
14:10:33.0921 3520        Processor architecture: Intel x86
14:10:33.0921 3520        Number of processors: 1
14:10:33.0921 3520        Page size: 0x1000
14:10:33.0921 3520        Boot type: Normal boot
14:10:33.0921 3520        ============================================================
14:10:36.0593 3520        Drive \Device\Harddisk0\DR0 - Size: 0x174A446000 (93.16 Gb), SectorSize: 0x200, Cylinders: 0x2F81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
14:10:36.0609 3520        ============================================================
14:10:36.0609 3520        \Device\Harddisk0\DR0:
14:10:36.0640 3520        MBR partitions:
14:10:36.0640 3520        \Device\Harddisk0\DR0\Partition0: MBR, Type 0xC, StartLBA 0x5DE2BF, BlocksNum 0x59FE872
14:10:36.0656 3520        \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x5FDCB70, BlocksNum 0x5A742D1
14:10:36.0656 3520        ============================================================
14:10:36.0906 3520        C: <-> \Device\Harddisk0\DR0\Partition0
14:10:36.0921 3520        D: <-> \Device\Harddisk0\DR0\Partition1
14:10:36.0921 3520        ============================================================
14:10:36.0921 3520        Initialize success
14:10:36.0921 3520        ============================================================
14:11:55.0921 1608        ============================================================
14:11:55.0921 1608        Scan started
14:11:55.0921 1608        Mode: Manual; SigCheck; TDLFS;
14:11:55.0921 1608        ============================================================
14:11:56.0218 1608        Abiosdsk - ok
14:11:56.0265 1608        abp480n5        (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
14:11:56.0609 1608        abp480n5 - ok
14:11:56.0640 1608        ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:11:56.0750 1608        ACPI - ok
14:11:56.0750 1608        ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
14:11:56.0890 1608        ACPIEC - ok
14:11:56.0906 1608        adpu160m        (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
14:11:57.0031 1608        adpu160m - ok
14:11:57.0093 1608        aec            (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
14:11:57.0203 1608        aec - ok
14:11:57.0250 1608        AFD            (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
14:11:57.0296 1608        AFD - ok
14:11:57.0390 1608        AgereSoftModem  (ceffa3db1657293322e0bdea7d99e754) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
14:11:57.0546 1608        AgereSoftModem - ok
14:11:57.0562 1608        agp440          (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
14:11:57.0687 1608        agp440 - ok
14:11:57.0718 1608        agpCPQ          (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
14:11:57.0812 1608        agpCPQ - ok
14:11:57.0828 1608        Aha154x        (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
14:11:57.0875 1608        Aha154x - ok
14:11:57.0890 1608        aic78u2        (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
14:11:58.0015 1608        aic78u2 - ok
14:11:58.0031 1608        aic78xx        (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
14:11:58.0125 1608        aic78xx - ok
14:11:58.0281 1608        Alerter        (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
14:11:58.0406 1608        Alerter - ok
14:11:58.0484 1608        ALG            (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
14:11:58.0593 1608        ALG - ok
14:11:58.0609 1608        AliIde          (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
14:11:58.0718 1608        AliIde - ok
14:11:58.0734 1608        alim1541        (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
14:11:58.0859 1608        alim1541 - ok
14:11:58.0875 1608        amdagp          (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
14:11:58.0984 1608        amdagp - ok
14:11:59.0000 1608        amsint          (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
14:11:59.0046 1608        amsint - ok
14:11:59.0062 1608        anbmService - ok
14:11:59.0140 1608        AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Programme\Avira\AntiVir Desktop\sched.exe
14:11:59.0156 1608        AntiVirSchedulerService - ok
14:11:59.0187 1608        AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Programme\Avira\AntiVir Desktop\avguard.exe
14:11:59.0203 1608        AntiVirService - ok
14:11:59.0250 1608        AntiVirWebService (676894fa57b671fec5c3f05f8929e03b) C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE
14:11:59.0281 1608        AntiVirWebService - ok
14:11:59.0390 1608        AppMgmt        (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
14:11:59.0500 1608        AppMgmt - ok
14:11:59.0546 1608        Arp1394        (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
14:11:59.0656 1608        Arp1394 - ok
14:11:59.0671 1608        asc            (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
14:11:59.0796 1608        asc - ok
14:11:59.0812 1608        asc3350p        (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
14:11:59.0859 1608        asc3350p - ok
14:11:59.0890 1608        asc3550        (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
14:12:00.0000 1608        asc3550 - ok
14:12:00.0140 1608        aspnet_state    (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
14:12:00.0140 1608        aspnet_state - ok
14:12:00.0187 1608        AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:12:00.0296 1608        AsyncMac - ok
14:12:00.0312 1608        atapi          (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
14:12:00.0421 1608        atapi - ok
14:12:00.0437 1608        Atdisk - ok
14:12:00.0468 1608        Atmarpc        (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:12:00.0578 1608        Atmarpc - ok
14:12:00.0671 1608        AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
14:12:00.0796 1608        AudioSrv - ok
14:12:00.0812 1608        audstub        (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
14:12:00.0921 1608        audstub - ok
14:12:00.0968 1608        avgntflt        (d5541f0afb767e85fc412fc609d96a74) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
14:12:01.0000 1608        avgntflt - ok
14:12:01.0046 1608        avipbb          (7d967a682d4694df7fa57d63a2db01fe) C:\WINDOWS\system32\DRIVERS\avipbb.sys
14:12:01.0062 1608        avipbb - ok
14:12:01.0078 1608        avkmgr          (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys
14:12:01.0078 1608        avkmgr - ok
14:12:01.0109 1608        b57w2k          (b9543b0c771feab7ca095303007a159c) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
14:12:01.0156 1608        b57w2k - ok
14:12:01.0187 1608        Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
14:12:01.0312 1608        Beep - ok
14:12:01.0390 1608        BITS            (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
14:12:01.0515 1608        BITS - ok
14:12:01.0593 1608        Browser        (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
14:12:01.0718 1608        Browser - ok
14:12:01.0765 1608        BrScnUsb        (92a964547b96d697e5e9ed43b4297f5a) C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys
14:12:01.0812 1608        BrScnUsb - ok
14:12:01.0875 1608        btaudio        (6acd0c20891e5aeb553595411346b651) C:\WINDOWS\system32\drivers\btaudio.sys
14:12:01.0937 1608        btaudio ( UnsignedFile.Multi.Generic ) - warning
14:12:01.0937 1608        btaudio - detected UnsignedFile.Multi.Generic (1)
14:12:01.0984 1608        BTDriver        (c28d56499a050c43f4f6616d1f9d9aeb) C:\WINDOWS\system32\DRIVERS\btport.sys
14:12:02.0000 1608        BTDriver ( UnsignedFile.Multi.Generic ) - warning
14:12:02.0000 1608        BTDriver - detected UnsignedFile.Multi.Generic (1)
14:12:02.0031 1608        BthEnum        (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
14:12:02.0125 1608        BthEnum - ok
14:12:02.0140 1608        BthPan          (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
14:12:02.0265 1608        BthPan - ok
14:12:02.0328 1608        BTHPORT        (592e1cedbe314d0ef184dc6f46141e76) C:\WINDOWS\system32\Drivers\BTHport.sys
14:12:02.0375 1608        BTHPORT - ok
14:12:02.0406 1608        BthServ        (26c601ef7525e31379744abfc6f35a1b) C:\WINDOWS\System32\bthserv.dll
14:12:02.0531 1608        BthServ - ok
14:12:02.0546 1608        BTHUSB          (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
14:12:02.0656 1608        BTHUSB - ok
14:12:02.0750 1608        BTKRNL          (ad43bb2d7bd92ff55b568cfe7404ce7a) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
14:12:02.0843 1608        BTKRNL ( UnsignedFile.Multi.Generic ) - warning
14:12:02.0843 1608        BTKRNL - detected UnsignedFile.Multi.Generic (1)
14:12:02.0906 1608        BTSERIAL        (bec73a460c1f4a77a4e4081090762453) C:\WINDOWS\system32\drivers\btserial.sys
14:12:02.0921 1608        BTSERIAL ( UnsignedFile.Multi.Generic ) - warning
14:12:02.0921 1608        BTSERIAL - detected UnsignedFile.Multi.Generic (1)
14:12:02.0937 1608        BTSLBCSP        (cf7051b21b3faa33cb78ee0b56129d1c) C:\WINDOWS\system32\drivers\btslbcsp.sys
14:12:02.0953 1608        BTSLBCSP ( UnsignedFile.Multi.Generic ) - warning
14:12:02.0953 1608        BTSLBCSP - detected UnsignedFile.Multi.Generic (1)
14:12:03.0093 1608        btwdins        (3ac1a3ad155fc9b0c3adde8e10411785) c:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
14:12:03.0109 1608        btwdins ( UnsignedFile.Multi.Generic ) - warning
14:12:03.0109 1608        btwdins - detected UnsignedFile.Multi.Generic (1)
14:12:03.0156 1608        BTWDNDIS        (bd9b026ffe8cc4cc9eead94cfff73aa7) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
14:12:03.0171 1608        BTWDNDIS ( UnsignedFile.Multi.Generic ) - warning
14:12:03.0171 1608        BTWDNDIS - detected UnsignedFile.Multi.Generic (1)
14:12:03.0218 1608        BTWUSB          (d46543449fe424de9efe8333f60bdfa6) C:\WINDOWS\system32\Drivers\btwusb.sys
14:12:03.0234 1608        BTWUSB ( UnsignedFile.Multi.Generic ) - warning
14:12:03.0234 1608        BTWUSB - detected UnsignedFile.Multi.Generic (1)
14:12:03.0281 1608        cbidf          (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
14:12:03.0406 1608        cbidf - ok
14:12:03.0406 1608        cbidf2k        (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
14:12:04.0359 1608        cbidf2k - ok
14:12:04.0375 1608        cd20xrnt        (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
14:12:04.0437 1608        cd20xrnt - ok
14:12:04.0453 1608        Cdaudio        (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
14:12:04.0578 1608        Cdaudio - ok
14:12:04.0625 1608        Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
14:12:04.0718 1608        Cdfs - ok
14:12:04.0750 1608        Cdrom          (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:12:04.0859 1608        Cdrom - ok
14:12:04.0875 1608        Changer - ok
14:12:04.0984 1608        CiSvc          (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
14:12:05.0109 1608        CiSvc - ok
14:12:05.0218 1608        ClipSrv        (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
14:12:05.0343 1608        ClipSrv - ok
14:12:05.0437 1608        clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:12:05.0437 1608        clr_optimization_v2.0.50727_32 - ok
14:12:05.0468 1608        CmBatt          (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
14:12:05.0578 1608        CmBatt - ok
14:12:05.0609 1608        CmdIde          (c687f81290303d90099b027a6474f99f) C:\WINDOWS\system32\DRIVERS\cmdide.sys
14:12:05.0718 1608        CmdIde - ok
14:12:05.0718 1608        Compbatt        (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
14:12:05.0828 1608        Compbatt - ok
14:12:05.0890 1608        COMSysApp - ok
14:12:05.0921 1608        Cpqarray        (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
14:12:06.0031 1608        Cpqarray - ok
14:12:06.0046 1608        cpudrv - ok
14:12:06.0140 1608        CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
14:12:06.0265 1608        CryptSvc - ok
14:12:06.0281 1608        dac2w2k        (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
14:12:06.0390 1608        dac2w2k - ok
14:12:06.0406 1608        dac960nt        (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
14:12:06.0531 1608        dac960nt - ok
14:12:06.0609 1608        DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
14:12:06.0718 1608        DcomLaunch - ok
14:12:06.0765 1608        Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
14:12:06.0875 1608        Dhcp - ok
14:12:06.0890 1608        Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
14:12:07.0000 1608        Disk - ok
14:12:07.0062 1608        dmadmin - ok
14:12:07.0187 1608        dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
14:12:07.0343 1608        dmboot - ok
14:12:07.0390 1608        dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
14:12:07.0515 1608        dmio - ok
14:12:07.0531 1608        dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
14:12:07.0656 1608        dmload - ok
14:12:07.0750 1608        dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
14:12:07.0859 1608        dmserver - ok
14:12:07.0890 1608        DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
14:12:08.0015 1608        DMusic - ok
14:12:08.0046 1608        Dnscache        (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
14:12:08.0109 1608        Dnscache - ok
14:12:08.0156 1608        dnscon - ok
14:12:08.0218 1608        Dot3svc        (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
14:12:08.0343 1608        Dot3svc - ok
14:12:08.0375 1608        dpti2o          (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
14:12:08.0500 1608        dpti2o - ok
14:12:08.0546 1608        drmkaud        (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
14:12:08.0656 1608        drmkaud - ok
14:12:08.0750 1608        EapHost        (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
14:12:08.0875 1608        EapHost - ok
14:12:08.0921 1608        EpmPsd          (d68564fcfbdfc04280cdbbb37cf7ef7f) C:\WINDOWS\system32\drivers\epm-psd.sys
14:12:08.0937 1608        EpmPsd ( UnsignedFile.Multi.Generic ) - warning
14:12:08.0937 1608        EpmPsd - detected UnsignedFile.Multi.Generic (1)
14:12:08.0953 1608        EpmShd          (b2d71ba438701b5f0368b958bea2dc62) C:\WINDOWS\system32\drivers\epm-shd.sys
14:12:08.0953 1608        EpmShd ( UnsignedFile.Multi.Generic ) - warning
14:12:08.0953 1608        EpmShd - detected UnsignedFile.Multi.Generic (1)
14:12:09.0046 1608        ERSvc          (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
14:12:09.0156 1608        ERSvc - ok
14:12:09.0234 1608        Eventlog        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
14:12:09.0265 1608        Eventlog - ok
14:12:09.0312 1608        EventSystem    (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
14:12:09.0343 1608        EventSystem - ok
14:12:09.0359 1608        Fastfat        (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
14:12:09.0468 1608        Fastfat - ok
14:12:09.0515 1608        FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
14:12:09.0562 1608        FastUserSwitchingCompatibility - ok
14:12:09.0640 1608        Fax            (08b8b302af0d1b3b8543429bbac8f21f) C:\WINDOWS\system32\fxssvc.exe
14:12:09.0750 1608        Fax - ok
14:12:09.0781 1608        Fdc            (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
14:12:09.0890 1608        Fdc - ok
14:12:09.0921 1608        Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
14:12:10.0031 1608        Fips - ok
14:12:10.0046 1608        Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
14:12:10.0140 1608        Flpydisk - ok
14:12:10.0171 1608        FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
14:12:10.0296 1608        FltMgr - ok
14:12:10.0375 1608        FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
14:12:10.0390 1608        FontCache3.0.0.0 - ok
14:12:10.0390 1608        Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:12:10.0531 1608        Fs_Rec - ok
14:12:10.0546 1608        Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:12:10.0656 1608        Ftdisk - ok
14:12:10.0687 1608        Gpc            (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:12:10.0796 1608        Gpc - ok
14:12:10.0937 1608        gupdate        (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
14:12:10.0953 1608        gupdate - ok
14:12:10.0953 1608        gupdatem        (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
14:12:10.0968 1608        gupdatem - ok
14:12:11.0000 1608        HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:12:11.0125 1608        HDAudBus - ok
14:12:11.0187 1608        helpsvc        (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:12:11.0296 1608        helpsvc - ok
14:12:11.0343 1608        HidServ - ok
14:12:11.0437 1608        hkmsvc          (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
14:12:11.0546 1608        hkmsvc - ok
14:12:11.0578 1608        hpn            (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
14:12:11.0687 1608        hpn - ok
14:12:11.0734 1608        HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
14:12:11.0796 1608        HTTP - ok
14:12:11.0890 1608        HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
14:12:12.0000 1608        HTTPFilter - ok
14:12:12.0046 1608        hwdatacard      (008ada74e3028fced5145f4f74230d4b) C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
14:12:12.0093 1608        hwdatacard - ok
14:12:12.0125 1608        i2omgmt        (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
14:12:12.0234 1608        i2omgmt - ok
14:12:12.0250 1608        i2omp          (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
14:12:12.0359 1608        i2omp - ok
14:12:12.0375 1608        i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:12:12.0500 1608        i8042prt - ok
14:12:12.0562 1608        ialm            (737da0be27652c4482ac5cde099bfce9) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
14:12:12.0671 1608        ialm - ok
14:12:12.0781 1608        idsvc          (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:12:12.0875 1608        idsvc - ok
14:12:12.0906 1608        Imapi          (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
14:12:13.0015 1608        Imapi - ok
14:12:13.0156 1608        ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
14:12:13.0281 1608        ImapiService - ok
14:12:13.0328 1608        ini910u        (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
14:12:13.0437 1608        ini910u - ok
14:12:13.0546 1608        int15.sys      (4d8d5b1c895ea0f2a721b98a7ce198f1) C:\Programme\Acer\eRecovery\int15.sys
14:12:13.0562 1608        int15.sys ( UnsignedFile.Multi.Generic ) - warning
14:12:13.0562 1608        int15.sys - detected UnsignedFile.Multi.Generic (1)
14:12:13.0562 1608        IntelIde        (69c4e3c9e67a1f103b94e14fdd5f3213) C:\WINDOWS\system32\DRIVERS\intelide.sys
14:12:13.0671 1608        IntelIde - ok
14:12:13.0687 1608        intelppm        (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:12:13.0812 1608        intelppm - ok
14:12:13.0828 1608        Ip6Fw          (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
14:12:13.0937 1608        Ip6Fw - ok
14:12:13.0968 1608        IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:12:14.0078 1608        IpFilterDriver - ok
14:12:14.0109 1608        IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:12:14.0218 1608        IpInIp - ok
14:12:14.0265 1608        IpNat          (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:12:14.0359 1608        IpNat - ok
14:12:14.0390 1608        IPSec          (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:12:14.0484 1608        IPSec - ok
14:12:14.0546 1608        irda            (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
14:12:14.0671 1608        irda - ok
14:12:14.0703 1608        IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
14:12:14.0796 1608        IRENUM - ok
14:12:14.0859 1608        Irmon          (2efe1db1ec58a26b0c14bfda122e246f) C:\WINDOWS\System32\irmon.dll
14:12:14.0968 1608        Irmon - ok
14:12:15.0000 1608        isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:12:15.0109 1608        isapnp - ok
14:12:15.0234 1608        JavaQuickStarterService (1834c96fb1f9280bcf6ddfa6de8338bf) C:\Programme\Java\jre6\bin\jqs.exe
14:12:15.0250 1608        JavaQuickStarterService - ok
14:12:15.0265 1608        Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:12:15.0390 1608        Kbdclass - ok
14:12:15.0468 1608        kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
14:12:15.0578 1608        kmixer - ok
14:12:15.0593 1608        KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
14:12:15.0656 1608        KSecDD - ok
14:12:15.0703 1608        lanmanserver    (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
14:12:15.0734 1608        lanmanserver - ok
14:12:15.0765 1608        lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
14:12:15.0812 1608        lanmanworkstation - ok
14:12:15.0828 1608        lbrtfdc - ok
14:12:15.0859 1608        LmHosts        (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
14:12:15.0968 1608        LmHosts - ok
14:12:16.0031 1608        Messenger      (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
14:12:16.0125 1608        Messenger - ok
14:12:16.0156 1608        mnmdd          (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
14:12:16.0265 1608        mnmdd - ok
14:12:16.0312 1608        mnmsrvc        (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
14:12:16.0421 1608        mnmsrvc - ok
14:12:16.0437 1608        Modem          (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
14:12:16.0546 1608        Modem - ok
14:12:16.0578 1608        Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:12:16.0703 1608        Mouclass - ok
14:12:16.0734 1608        MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
14:12:16.0828 1608        MountMgr - ok
14:12:16.0906 1608        MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
14:12:16.0921 1608        MozillaMaintenance - ok
14:12:16.0937 1608        mraid35x        (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
14:12:17.0046 1608        mraid35x - ok
14:12:17.0078 1608        MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:12:17.0187 1608        MRxDAV - ok
14:12:17.0234 1608        MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:12:17.0328 1608        MRxSmb - ok
14:12:17.0421 1608        MSDTC          (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
14:12:17.0531 1608        MSDTC - ok
14:12:17.0546 1608        Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
14:12:17.0656 1608        Msfs - ok
14:12:17.0750 1608        MSIServer - ok
14:12:17.0796 1608        MSKSSRV        (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:12:17.0906 1608        MSKSSRV - ok
14:12:17.0921 1608        MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:12:18.0015 1608        MSPCLOCK - ok
14:12:18.0046 1608        MSPQM          (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
14:12:18.0156 1608        MSPQM - ok
14:12:18.0171 1608        mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:12:18.0281 1608        mssmbios - ok
14:12:18.0312 1608        Mup            (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
14:12:18.0343 1608        Mup - ok
14:12:18.0484 1608        napagent        (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
14:12:18.0609 1608        napagent - ok
14:12:18.0640 1608        NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
14:12:18.0750 1608        NDIS - ok
14:12:18.0765 1608        NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:12:18.0796 1608        NdisTapi - ok
14:12:18.0812 1608        Ndisuio        (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:12:18.0921 1608        Ndisuio - ok
14:12:18.0953 1608        NdisWan        (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:12:19.0062 1608        NdisWan - ok
14:12:19.0109 1608        NDProxy        (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
14:12:19.0140 1608        NDProxy - ok
14:12:19.0156 1608        NetBIOS        (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
14:12:19.0265 1608        NetBIOS - ok
14:12:19.0328 1608        NetBT          (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
14:12:19.0437 1608        NetBT - ok
14:12:19.0531 1608        NetDDE          (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
14:12:19.0640 1608        NetDDE - ok
14:12:19.0656 1608        NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
14:12:19.0750 1608        NetDDEdsdm - ok
14:12:19.0796 1608        Netlogon        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
14:12:19.0906 1608        Netlogon - ok
14:12:19.0953 1608        Netman          (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
14:12:20.0062 1608        Netman - ok
14:12:20.0125 1608        NetManager - ok
14:12:20.0218 1608        NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:12:20.0234 1608        NetTcpPortSharing - ok
14:12:20.0265 1608        NIC1394        (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
14:12:20.0390 1608        NIC1394 - ok
14:12:20.0453 1608        Nla            (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
14:12:20.0515 1608        Nla - ok
14:12:20.0531 1608        Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
14:12:20.0640 1608        Npfs - ok
14:12:20.0671 1608        NSCIRDA        (2adc0ca9945c65284b3d19bc18765974) C:\WINDOWS\system32\DRIVERS\nscirda.sys
14:12:20.0765 1608        NSCIRDA - ok
14:12:20.0859 1608        Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
14:12:20.0968 1608        Ntfs - ok
14:12:21.0015 1608        NTIDrvr        (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
14:12:21.0046 1608        NTIDrvr ( UnsignedFile.Multi.Generic ) - warning
14:12:21.0046 1608        NTIDrvr - detected UnsignedFile.Multi.Generic (1)
14:12:21.0062 1608        NtLmSsp        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
14:12:21.0156 1608        NtLmSsp - ok
14:12:21.0265 1608        NtmsSvc        (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
14:12:21.0437 1608        NtmsSvc - ok
14:12:21.0484 1608        Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
14:12:21.0593 1608        Null - ok
14:12:21.0625 1608        NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:12:21.0750 1608        NwlnkFlt - ok
14:12:21.0750 1608        NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:12:21.0875 1608        NwlnkFwd - ok
14:12:21.0906 1608        ohci1394        (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
14:12:22.0015 1608        ohci1394 - ok
14:12:22.0062 1608        osaio          (9d1177c2a8de936b33d85ff75e8cbf1a) C:\WINDOWS\system32\drivers\osaio.sys
14:12:22.0078 1608        osaio ( UnsignedFile.Multi.Generic ) - warning
14:12:22.0078 1608        osaio - detected UnsignedFile.Multi.Generic (1)
14:12:22.0093 1608        osanbm          (3245bee5176697faf0744a2e1288dc77) C:\WINDOWS\system32\drivers\osanbm.sys
14:12:22.0109 1608        osanbm ( UnsignedFile.Multi.Generic ) - warning
14:12:22.0109 1608        osanbm - detected UnsignedFile.Multi.Generic (1)
14:12:22.0234 1608        ose            (7a56cf3e3f12e8af599963b16f50fb6a) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
14:12:22.0265 1608        ose - ok
14:12:22.0296 1608        Parport        (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
14:12:22.0406 1608        Parport - ok
14:12:22.0421 1608        PartMgr        (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
14:12:22.0515 1608        PartMgr - ok
14:12:22.0562 1608        ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
14:12:22.0671 1608        ParVdm - ok
14:12:22.0687 1608        PCI            (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
14:12:22.0796 1608        PCI - ok
14:12:22.0812 1608        PCIDump - ok
14:12:22.0828 1608        PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
14:12:22.0953 1608        PCIIde - ok
14:12:22.0984 1608        Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
14:12:23.0078 1608        Pcmcia - ok
14:12:23.0093 1608        PDCOMP - ok
14:12:23.0109 1608        PDFRAME - ok
14:12:23.0125 1608        PDRELI - ok
14:12:23.0140 1608        PDRFRAME - ok
14:12:23.0156 1608        perc2          (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
14:12:23.0265 1608        perc2 - ok
14:12:23.0281 1608        perc2hib        (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
14:12:23.0390 1608        perc2hib - ok
14:12:23.0453 1608        PlugPlay        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
14:12:23.0500 1608        PlugPlay - ok
14:12:23.0531 1608        PolicyAgent    (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
14:12:23.0640 1608        PolicyAgent - ok
14:12:23.0671 1608        PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:12:23.0765 1608        PptpMiniport - ok
14:12:23.0796 1608        ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
14:12:23.0906 1608        ProtectedStorage - ok
14:12:23.0921 1608        PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
14:12:24.0031 1608        PSched - ok
14:12:24.0046 1608        Ptilink        (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:12:24.0156 1608        Ptilink - ok
14:12:24.0171 1608        ql1080          (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
14:12:24.0281 1608        ql1080 - ok
14:12:24.0296 1608        Ql10wnt        (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
14:12:24.0390 1608        Ql10wnt - ok
14:12:24.0406 1608        ql12160        (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
14:12:24.0531 1608        ql12160 - ok
14:12:24.0546 1608        ql1240          (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
14:12:24.0656 1608        ql1240 - ok
14:12:24.0671 1608        ql1280          (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
14:12:24.0796 1608        ql1280 - ok
14:12:24.0812 1608        RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:12:24.0937 1608        RasAcd - ok
14:12:25.0000 1608        RasAuto        (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
14:12:25.0109 1608        RasAuto - ok
14:12:25.0125 1608        Rasirda        (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
14:12:25.0187 1608        Rasirda - ok
14:12:25.0203 1608        Rasl2tp        (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:12:25.0296 1608        Rasl2tp - ok
14:12:25.0375 1608        RasMan          (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
14:12:25.0468 1608        RasMan - ok
14:12:25.0500 1608        RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:12:25.0593 1608        RasPppoe - ok
14:12:25.0609 1608        Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
14:12:25.0734 1608        Raspti - ok
14:12:25.0765 1608        Rdbss          (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:12:25.0875 1608        Rdbss - ok
14:12:25.0875 1608        RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:12:25.0984 1608        RDPCDD - ok
14:12:26.0062 1608        rdpdr          (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:12:26.0171 1608        rdpdr - ok
14:12:26.0203 1608        RDPWD          (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
14:12:26.0218 1608        RDPWD - ok
14:12:26.0281 1608        RDSessMgr      (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
14:12:26.0390 1608        RDSessMgr - ok
14:12:26.0421 1608        redbook        (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
14:12:26.0531 1608        redbook - ok
14:12:26.0656 1608        RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
14:12:26.0765 1608        RemoteAccess - ok
14:12:26.0812 1608        RemoteRegistry  (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
14:12:26.0921 1608        RemoteRegistry - ok
14:12:26.0953 1608        RFCOMM          (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
14:12:27.0062 1608        RFCOMM - ok
14:12:27.0109 1608        RpcLocator      (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
14:12:27.0218 1608        RpcLocator - ok
14:12:27.0312 1608        RpcSs          (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
14:12:27.0359 1608        RpcSs - ok
14:12:27.0406 1608        RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
14:12:27.0515 1608        RSVP - ok
14:12:27.0562 1608        SamSs          (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
14:12:27.0656 1608        SamSs - ok
14:12:27.0687 1608        sbp2port        (b244960e5a1db8e9d5d17086de37c1e4) C:\WINDOWS\system32\DRIVERS\sbp2port.sys
14:12:27.0796 1608        sbp2port - ok
14:12:27.0843 1608        SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
14:12:27.0953 1608        SCardSvr - ok
14:12:28.0000 1608        Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
14:12:28.0109 1608        Schedule - ok
14:12:28.0156 1608        Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:12:28.0265 1608        Secdrv - ok
14:12:28.0359 1608        seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
14:12:28.0468 1608        seclogon - ok
14:12:28.0562 1608        SENS            (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
14:12:28.0656 1608        SENS - ok
14:12:28.0687 1608        serenum        (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
14:12:28.0781 1608        serenum - ok
14:12:28.0796 1608        Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
14:12:28.0921 1608        Serial - ok
14:12:28.0968 1608        Sfloppy        (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
14:12:29.0078 1608        Sfloppy - ok
14:12:29.0203 1608        SharedAccess    (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
14:12:29.0328 1608        SharedAccess - ok
14:12:29.0359 1608        ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
14:12:29.0390 1608        ShellHWDetection - ok
14:12:29.0406 1608        Simbad - ok
14:12:29.0421 1608        sisagp          (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
14:12:29.0546 1608        sisagp - ok
14:12:29.0562 1608        Sparrow        (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
14:12:29.0609 1608        Sparrow - ok
14:12:29.0671 1608        splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
14:12:29.0796 1608        splitter - ok
14:12:29.0828 1608        Spooler        (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
14:12:29.0875 1608        Spooler - ok
14:12:29.0890 1608        sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
14:12:30.0000 1608        sr - ok
14:12:30.0078 1608        srservice      (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
14:12:30.0187 1608        srservice - ok
14:12:30.0250 1608        Srv            (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
14:12:30.0328 1608        Srv - ok
14:12:30.0375 1608        SSDPSRV        (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
14:12:30.0484 1608        SSDPSRV - ok
14:12:30.0531 1608        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
14:12:30.0531 1608        ssmdrv - ok
14:12:30.0593 1608        STacSV          (f70ab08582e06a8bda3e470592d1a394) C:\WINDOWS\system32\STacSV.exe
14:12:30.0625 1608        STacSV - ok
14:12:30.0796 1608        STHDA          (146fac5d70c235cacebeff21b67651ba) C:\WINDOWS\system32\drivers\sthda.sys
14:12:30.0921 1608        STHDA - ok
14:12:31.0000 1608        stisvc          (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
14:12:31.0156 1608        stisvc - ok
14:12:31.0218 1608        swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
14:12:31.0328 1608        swenum - ok
14:12:31.0375 1608        swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
14:12:31.0484 1608        swmidi - ok
14:12:31.0578 1608        SwPrv - ok
14:12:31.0625 1608        symc810        (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
14:12:31.0750 1608        symc810 - ok
14:12:31.0765 1608        symc8xx        (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
14:12:31.0875 1608        symc8xx - ok
14:12:31.0890 1608        sym_hi          (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
14:12:32.0015 1608        sym_hi - ok
14:12:32.0015 1608        sym_u3          (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
14:12:32.0125 1608        sym_u3 - ok
14:12:32.0156 1608        sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
14:12:32.0265 1608        sysaudio - ok
14:12:32.0312 1608        SysmonLog      (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
14:12:32.0406 1608        SysmonLog - ok
14:12:32.0500 1608        TapiSrv        (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
14:12:32.0625 1608        TapiSrv - ok
14:12:32.0671 1608        Tcpip          (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:12:32.0765 1608        Tcpip - ok
14:12:32.0781 1608        TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
14:12:32.0890 1608        TDPIPE - ok
14:12:32.0906 1608        TDTCP          (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
14:12:33.0015 1608        TDTCP - ok
14:12:33.0062 1608        TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
14:12:33.0171 1608        TermDD - ok
14:12:33.0265 1608        TermService    (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
14:12:33.0406 1608        TermService - ok
14:12:33.0453 1608        Themes          (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
14:12:33.0453 1608        Themes - ok
14:12:33.0484 1608        tifm21          (8778a553003a3d37a550a1f9cff6be28) C:\WINDOWS\system32\drivers\tifm21.sys
14:12:33.0515 1608        tifm21 - ok
14:12:33.0609 1608        TlntSvr        (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\system32\tlntsvr.exe
14:12:33.0703 1608        TlntSvr - ok
14:12:33.0718 1608        TosIde          (d213a9247dc347f305a2d4cc9b951487) C:\WINDOWS\system32\DRIVERS\toside.sys
14:12:33.0843 1608        TosIde - ok
14:12:33.0906 1608        TrkWks          (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
14:12:34.0015 1608        TrkWks - ok
14:12:34.0046 1608        Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
14:12:34.0171 1608        Udfs - ok
14:12:34.0187 1608        ultra          (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
14:12:34.0234 1608        ultra - ok
14:12:34.0265 1608        Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
14:12:34.0421 1608        Update - ok
14:12:34.0484 1608        upnphost        (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
14:12:34.0593 1608        upnphost - ok
14:12:34.0656 1608        UPS            (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
14:12:34.0765 1608        UPS - ok
14:12:34.0796 1608        usbccgp        (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:12:34.0921 1608        usbccgp - ok
14:12:34.0937 1608        usbehci        (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:12:35.0046 1608        usbehci - ok
14:12:35.0093 1608        usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:12:35.0203 1608        usbhub - ok
14:12:35.0234 1608        usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:12:35.0343 1608        usbprint - ok
14:12:35.0375 1608        usbscan        (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:12:35.0468 1608        usbscan - ok
14:12:35.0484 1608        USBSTOR        (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:12:35.0593 1608        USBSTOR - ok
14:12:35.0625 1608        usbuhci        (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:12:35.0734 1608        usbuhci - ok
14:12:35.0765 1608        VgaSave        (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
14:12:35.0875 1608        VgaSave - ok
14:12:35.0906 1608        viaagp          (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
14:12:36.0015 1608        viaagp - ok
14:12:36.0031 1608        ViaIde          (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
14:12:36.0125 1608        ViaIde - ok
14:12:36.0140 1608        VolSnap        (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
14:12:36.0250 1608        VolSnap - ok
14:12:36.0343 1608        VSS            (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
14:12:36.0468 1608        VSS - ok
14:12:36.0609 1608        w29n51          (f0608f3b5b6d16f4870e867f9d069b6b) C:\WINDOWS\system32\DRIVERS\w29n51.sys
14:12:36.0781 1608        w29n51 - ok
14:12:36.0890 1608        W32Time        (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
14:12:37.0000 1608        W32Time - ok
14:12:37.0062 1608        Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:12:37.0171 1608        Wanarp - ok
14:12:37.0187 1608        wanatw - ok
14:12:37.0203 1608        WDICA - ok
14:12:37.0265 1608        wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
14:12:37.0375 1608        wdmaud - ok
14:12:37.0437 1608        WebClient      (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
14:12:37.0546 1608        WebClient - ok
14:12:37.0625 1608        winmgmt        (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
14:12:37.0750 1608        winmgmt - ok
14:12:37.0828 1608        WmdmPmSN        (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
14:12:37.0890 1608        WmdmPmSN - ok
14:12:37.0953 1608        Wmi            (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
14:12:38.0046 1608        Wmi - ok
14:12:38.0078 1608        WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:12:38.0203 1608        WmiApSrv - ok
14:12:38.0312 1608        WMPNetworkSvc  (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
14:12:38.0421 1608        WMPNetworkSvc - ok
14:12:38.0500 1608        WpdUsb          (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
14:12:38.0531 1608        WpdUsb - ok
14:12:38.0562 1608        WS2IFSL        (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
14:12:38.0687 1608        WS2IFSL - ok
14:12:38.0828 1608        wscsvc          (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
14:12:38.0953 1608        wscsvc - ok
14:12:39.0046 1608        wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
14:12:39.0156 1608        wuauserv - ok
14:12:39.0218 1608        WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:12:39.0250 1608        WudfPf - ok
14:12:39.0281 1608        WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:12:39.0328 1608        WudfRd - ok
14:12:39.0375 1608        WudfSvc        (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
14:12:39.0390 1608        WudfSvc - ok
14:12:39.0468 1608        WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
14:12:39.0625 1608        WZCSVC - ok
14:12:39.0734 1608        xmlprov        (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
14:12:39.0843 1608        xmlprov - ok
14:12:39.0890 1608        MBR (0x1B8)    (67d07fa51dcd5a4397248f397bb779ae) \Device\Harddisk0\DR0
14:12:43.0265 1608        \Device\Harddisk0\DR0 - ok
14:12:43.0296 1608        Boot (0x1200)  (e59f0cb02c3c4e1ecb898cd5abe3eb35) \Device\Harddisk0\DR0\Partition0
14:12:43.0312 1608        \Device\Harddisk0\DR0\Partition0 - ok
14:12:43.0328 1608        Boot (0x1200)  (e8c8b62123fae8a469368f9d5e703bc6) \Device\Harddisk0\DR0\Partition1
14:12:43.0328 1608        \Device\Harddisk0\DR0\Partition1 - ok
14:12:43.0343 1608        ============================================================
14:12:43.0343 1608        Scan finished
14:12:43.0343 1608        ============================================================
14:12:43.0453 2712        Detected object count: 14
14:12:43.0453 2712        Actual detected object count: 14

Und hier Nr. 2:

Code:
14:09:23.0140 0584        TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
14:09:23.0312 0584        ============================================================
14:09:23.0312 0584        Current date / time: 2012/06/03 14:09:23.0312
14:09:23.0312 0584        SystemInfo:
14:09:23.0312 0584       
14:09:23.0312 0584        OS Version: 5.1.2600 ServicePack: 3.0
14:09:23.0312 0584        Product type: Workstation
14:09:23.0312 0584        ComputerName: ACER-F17C439E3C
14:09:23.0312 0584        UserName: Sarah
14:09:23.0312 0584        Windows directory: C:\WINDOWS
14:09:23.0312 0584        System windows directory: C:\WINDOWS
14:09:23.0312 0584        Processor architecture: Intel x86
14:09:23.0312 0584        Number of processors: 1
14:09:23.0312 0584        Page size: 0x1000
14:09:23.0312 0584        Boot type: Normal boot
14:09:23.0312 0584        ============================================================
14:09:25.0625 0584        Drive \Device\Harddisk0\DR0 - Size: 0x174A446000 (93.16 Gb), SectorSize: 0x200, Cylinders: 0x2F81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
14:09:25.0625 0584        ============================================================
14:09:25.0625 0584        \Device\Harddisk0\DR0:
14:09:25.0625 0584        MBR partitions:
14:09:25.0625 0584        \Device\Harddisk0\DR0\Partition0: MBR, Type 0xC, StartLBA 0x5DE2BF, BlocksNum 0x59FE872
14:09:25.0640 0584        \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x5FDCB70, BlocksNum 0x5A742D1
14:09:25.0640 0584        ============================================================
14:09:25.0843 0584        C: <-> \Device\Harddisk0\DR0\Partition0
14:09:25.0843 0584        D: <-> \Device\Harddisk0\DR0\Partition1
14:09:25.0859 0584        ============================================================
14:09:25.0859 0584        Initialize success
14:09:25.0859 0584        ============================================================
14:10:08.0000 0652        Deinitialize success
Einen schönen Sonntag noch und vielen Dank

Sarah

cosinus 03.06.2012 13:38
Logs sind unvollständig. Und wieso hast du zwei Logs vom TDSS-Killer :(
Das erste Log sollte richtig sein, allerdings fehlt da die untere Zusammenfassung
Das zweite passt irgendwie garnicht ins Schema, viel zu kurz

juppxy 03.06.2012 13:50
Mhm, ich glaube, ich bin einfach nur ein Tolpatsch - ich habs jetzt nochmal gemacht, und jetzt kam nur eine log dabei raus:

Code:
14:45:25.0125 1748        TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
14:45:25.0234 1748        ============================================================
14:45:25.0234 1748        Current date / time: 2012/06/03 14:45:25.0234
14:45:25.0234 1748        SystemInfo:
14:45:25.0234 1748       
14:45:25.0234 1748        OS Version: 5.1.2600 ServicePack: 3.0
14:45:25.0234 1748        Product type: Workstation
14:45:25.0234 1748        ComputerName: ACER-F17C439E3C
14:45:25.0234 1748        UserName: Sarah
14:45:25.0234 1748        Windows directory: C:\WINDOWS
14:45:25.0234 1748        System windows directory: C:\WINDOWS
14:45:25.0234 1748        Processor architecture: Intel x86
14:45:25.0234 1748        Number of processors: 1
14:45:25.0234 1748        Page size: 0x1000
14:45:25.0234 1748        Boot type: Normal boot
14:45:25.0234 1748        ============================================================
14:45:26.0453 1748        Drive \Device\Harddisk0\DR0 - Size: 0x174A446000 (93.16 Gb), SectorSize: 0x200, Cylinders: 0x2F81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
14:45:26.0453 1748        ============================================================
14:45:26.0453 1748        \Device\Harddisk0\DR0:
14:45:26.0468 1748        MBR partitions:
14:45:26.0468 1748        \Device\Harddisk0\DR0\Partition0: MBR, Type 0xC, StartLBA 0x5DE2BF, BlocksNum 0x59FE872
14:45:26.0500 1748        \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x5FDCB70, BlocksNum 0x5A742D1
14:45:26.0500 1748        ============================================================
14:45:26.0609 1748        C: <-> \Device\Harddisk0\DR0\Partition0
14:45:26.0609 1748        D: <-> \Device\Harddisk0\DR0\Partition1
14:45:26.0609 1748        ============================================================
14:45:26.0609 1748        Initialize success
14:45:26.0609 1748        ============================================================
14:45:32.0734 0240        ============================================================
14:45:32.0734 0240        Scan started
14:45:32.0734 0240        Mode: Manual; SigCheck; TDLFS;
14:45:32.0734 0240        ============================================================
14:45:32.0937 0240        Abiosdsk - ok
14:45:32.0984 0240        abp480n5        (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
14:45:33.0281 0240        abp480n5 - ok
14:45:33.0312 0240        ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:45:33.0421 0240        ACPI - ok
14:45:33.0437 0240        ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
14:45:33.0578 0240        ACPIEC - ok
14:45:33.0593 0240        adpu160m        (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
14:45:33.0718 0240        adpu160m - ok
14:45:33.0781 0240        aec            (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
14:45:33.0906 0240        aec - ok
14:45:33.0937 0240        AFD            (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
14:45:33.0984 0240        AFD - ok
14:45:34.0078 0240        AgereSoftModem  (ceffa3db1657293322e0bdea7d99e754) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
14:45:34.0203 0240        AgereSoftModem - ok
14:45:34.0218 0240        agp440          (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
14:45:34.0359 0240        agp440 - ok
14:45:34.0390 0240        agpCPQ          (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
14:45:34.0500 0240        agpCPQ - ok
14:45:34.0500 0240        Aha154x        (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
14:45:34.0578 0240        Aha154x - ok
14:45:34.0593 0240        aic78u2        (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
14:45:34.0718 0240        aic78u2 - ok
14:45:34.0734 0240        aic78xx        (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
14:45:34.0859 0240        aic78xx - ok
14:45:35.0000 0240        Alerter        (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
14:45:35.0125 0240        Alerter - ok
14:45:35.0203 0240        ALG            (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
14:45:35.0312 0240        ALG - ok
14:45:35.0328 0240        AliIde          (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
14:45:35.0437 0240        AliIde - ok
14:45:35.0468 0240        alim1541        (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
14:45:35.0578 0240        alim1541 - ok
14:45:35.0593 0240        amdagp          (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
14:45:35.0703 0240        amdagp - ok
14:45:35.0718 0240        amsint          (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
14:45:35.0765 0240        amsint - ok
14:45:35.0765 0240        anbmService - ok
14:45:35.0859 0240        AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Programme\Avira\AntiVir Desktop\sched.exe
14:45:35.0875 0240        AntiVirSchedulerService - ok
14:45:35.0906 0240        AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Programme\Avira\AntiVir Desktop\avguard.exe
14:45:35.0906 0240        AntiVirService - ok
14:45:35.0953 0240        AntiVirWebService (676894fa57b671fec5c3f05f8929e03b) C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE
14:45:36.0000 0240        AntiVirWebService - ok
14:45:36.0109 0240        AppMgmt        (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
14:45:36.0218 0240        AppMgmt - ok
14:45:36.0265 0240        Arp1394        (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
14:45:36.0375 0240        Arp1394 - ok
14:45:36.0406 0240        asc            (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
14:45:36.0546 0240        asc - ok
14:45:36.0546 0240        asc3350p        (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
14:45:36.0625 0240        asc3350p - ok
14:45:36.0625 0240        asc3550        (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
14:45:36.0750 0240        asc3550 - ok
14:45:36.0875 0240        aspnet_state    (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
14:45:36.0890 0240        aspnet_state - ok
14:45:36.0937 0240        AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:45:37.0031 0240        AsyncMac - ok
14:45:37.0046 0240        atapi          (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
14:45:37.0156 0240        atapi - ok
14:45:37.0171 0240        Atdisk - ok
14:45:37.0203 0240        Atmarpc        (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:45:37.0312 0240        Atmarpc - ok
14:45:37.0406 0240        AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
14:45:37.0515 0240        AudioSrv - ok
14:45:37.0546 0240        audstub        (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
14:45:37.0656 0240        audstub - ok
14:45:37.0703 0240        avgntflt        (d5541f0afb767e85fc412fc609d96a74) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
14:45:37.0750 0240        avgntflt - ok
14:45:37.0781 0240        avipbb          (7d967a682d4694df7fa57d63a2db01fe) C:\WINDOWS\system32\DRIVERS\avipbb.sys
14:45:37.0796 0240        avipbb - ok
14:45:37.0828 0240        avkmgr          (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys
14:45:37.0828 0240        avkmgr - ok
14:45:37.0875 0240        b57w2k          (b9543b0c771feab7ca095303007a159c) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
14:45:37.0921 0240        b57w2k - ok
14:45:37.0953 0240        Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
14:45:38.0078 0240        Beep - ok
14:45:38.0171 0240        BITS            (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
14:45:38.0296 0240        BITS - ok
14:45:38.0390 0240        Browser        (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
14:45:38.0500 0240        Browser - ok
14:45:38.0546 0240        BrScnUsb        (92a964547b96d697e5e9ed43b4297f5a) C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys
14:45:38.0593 0240        BrScnUsb - ok
14:45:38.0656 0240        btaudio        (6acd0c20891e5aeb553595411346b651) C:\WINDOWS\system32\drivers\btaudio.sys
14:45:38.0734 0240        btaudio ( UnsignedFile.Multi.Generic ) - warning
14:45:38.0734 0240        btaudio - detected UnsignedFile.Multi.Generic (1)
14:45:38.0750 0240        BTDriver        (c28d56499a050c43f4f6616d1f9d9aeb) C:\WINDOWS\system32\DRIVERS\btport.sys
14:45:38.0781 0240        BTDriver ( UnsignedFile.Multi.Generic ) - warning
14:45:38.0781 0240        BTDriver - detected UnsignedFile.Multi.Generic (1)
14:45:38.0828 0240        BthEnum        (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
14:45:38.0937 0240        BthEnum - ok
14:45:38.0968 0240        BthPan          (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
14:45:39.0078 0240        BthPan - ok
14:45:39.0140 0240        BTHPORT        (592e1cedbe314d0ef184dc6f46141e76) C:\WINDOWS\system32\Drivers\BTHport.sys
14:45:39.0187 0240        BTHPORT - ok
14:45:39.0234 0240        BthServ        (26c601ef7525e31379744abfc6f35a1b) C:\WINDOWS\System32\bthserv.dll
14:45:39.0343 0240        BthServ - ok
14:45:39.0359 0240        BTHUSB          (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
14:45:39.0468 0240        BTHUSB - ok
14:45:39.0562 0240        BTKRNL          (ad43bb2d7bd92ff55b568cfe7404ce7a) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
14:45:39.0671 0240        BTKRNL ( UnsignedFile.Multi.Generic ) - warning
14:45:39.0671 0240        BTKRNL - detected UnsignedFile.Multi.Generic (1)
14:45:39.0703 0240        BTSERIAL        (bec73a460c1f4a77a4e4081090762453) C:\WINDOWS\system32\drivers\btserial.sys
14:45:39.0718 0240        BTSERIAL ( UnsignedFile.Multi.Generic ) - warning
14:45:39.0718 0240        BTSERIAL - detected UnsignedFile.Multi.Generic (1)
14:45:39.0750 0240        BTSLBCSP        (cf7051b21b3faa33cb78ee0b56129d1c) C:\WINDOWS\system32\drivers\btslbcsp.sys
14:45:39.0765 0240        BTSLBCSP ( UnsignedFile.Multi.Generic ) - warning
14:45:39.0765 0240        BTSLBCSP - detected UnsignedFile.Multi.Generic (1)
14:45:39.0890 0240        btwdins        (3ac1a3ad155fc9b0c3adde8e10411785) c:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
14:45:39.0921 0240        btwdins ( UnsignedFile.Multi.Generic ) - warning
14:45:39.0921 0240        btwdins - detected UnsignedFile.Multi.Generic (1)
14:45:39.0953 0240        BTWDNDIS        (bd9b026ffe8cc4cc9eead94cfff73aa7) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
14:45:39.0984 0240        BTWDNDIS ( UnsignedFile.Multi.Generic ) - warning
14:45:39.0984 0240        BTWDNDIS - detected UnsignedFile.Multi.Generic (1)
14:45:40.0015 0240        BTWUSB          (d46543449fe424de9efe8333f60bdfa6) C:\WINDOWS\system32\Drivers\btwusb.sys
14:45:40.0031 0240        BTWUSB ( UnsignedFile.Multi.Generic ) - warning
14:45:40.0031 0240        BTWUSB - detected UnsignedFile.Multi.Generic (1)
14:45:40.0078 0240        cbidf          (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
14:45:40.0203 0240        cbidf - ok
14:45:40.0203 0240        cbidf2k        (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
14:45:40.0312 0240        cbidf2k - ok
14:45:40.0328 0240        cd20xrnt        (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
14:45:40.0390 0240        cd20xrnt - ok
14:45:40.0421 0240        Cdaudio        (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
14:45:40.0531 0240        Cdaudio - ok
14:45:40.0593 0240        Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
14:45:40.0703 0240        Cdfs - ok
14:45:40.0718 0240        Cdrom          (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:45:40.0828 0240        Cdrom - ok
14:45:40.0843 0240        Changer - ok
14:45:40.0968 0240        CiSvc          (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
14:45:41.0078 0240        CiSvc - ok
14:45:41.0187 0240        ClipSrv        (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
14:45:41.0312 0240        ClipSrv - ok
14:45:41.0406 0240        clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:45:41.0421 0240        clr_optimization_v2.0.50727_32 - ok
14:45:41.0437 0240        CmBatt          (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
14:45:41.0562 0240        CmBatt - ok
14:45:41.0593 0240        CmdIde          (c687f81290303d90099b027a6474f99f) C:\WINDOWS\system32\DRIVERS\cmdide.sys
14:45:41.0703 0240        CmdIde - ok
14:45:41.0718 0240        Compbatt        (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
14:45:41.0812 0240        Compbatt - ok
14:45:41.0859 0240        COMSysApp - ok
14:45:41.0906 0240        Cpqarray        (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
14:45:42.0031 0240        Cpqarray - ok
14:45:42.0031 0240        cpudrv - ok
14:45:42.0140 0240        CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
14:45:42.0265 0240        CryptSvc - ok
14:45:42.0281 0240        dac2w2k        (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
14:45:42.0390 0240        dac2w2k - ok
14:45:42.0406 0240        dac960nt        (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
14:45:42.0531 0240        dac960nt - ok
14:45:42.0609 0240        DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
14:45:42.0718 0240        DcomLaunch - ok
14:45:42.0734 0240        Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
14:45:42.0843 0240        Dhcp - ok
14:45:42.0875 0240        Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
14:45:42.0984 0240        Disk - ok
14:45:43.0031 0240        dmadmin - ok
14:45:43.0171 0240        dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
14:45:43.0343 0240        dmboot - ok
14:45:43.0390 0240        dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
14:45:43.0500 0240        dmio - ok
14:45:43.0531 0240        dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
14:45:43.0656 0240        dmload - ok
14:45:43.0734 0240        dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
14:45:43.0859 0240        dmserver - ok
14:45:43.0875 0240        DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
14:45:44.0000 0240        DMusic - ok
14:45:44.0046 0240        Dnscache        (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
14:45:44.0093 0240        Dnscache - ok
14:45:44.0156 0240        dnscon - ok
14:45:44.0218 0240        Dot3svc        (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
14:45:44.0328 0240        Dot3svc - ok
14:45:44.0359 0240        dpti2o          (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
14:45:44.0484 0240        dpti2o - ok
14:45:44.0515 0240        drmkaud        (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
14:45:44.0656 0240        drmkaud - ok
14:45:44.0859 0240        EapHost        (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
14:45:45.0015 0240        EapHost - ok
14:45:45.0093 0240        EpmPsd          (d68564fcfbdfc04280cdbbb37cf7ef7f) C:\WINDOWS\system32\drivers\epm-psd.sys
14:45:45.0125 0240        EpmPsd ( UnsignedFile.Multi.Generic ) - warning
14:45:45.0125 0240        EpmPsd - detected UnsignedFile.Multi.Generic (1)
14:45:45.0218 0240        EpmShd          (b2d71ba438701b5f0368b958bea2dc62) C:\WINDOWS\system32\drivers\epm-shd.sys
14:45:45.0234 0240        EpmShd ( UnsignedFile.Multi.Generic ) - warning
14:45:45.0234 0240        EpmShd - detected UnsignedFile.Multi.Generic (1)
14:45:45.0328 0240        ERSvc          (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
14:45:45.0453 0240        ERSvc - ok
14:45:45.0625 0240        Eventlog        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
14:45:45.0671 0240        Eventlog - ok
14:45:45.0921 0240        EventSystem    (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
14:45:46.0015 0240        EventSystem - ok
14:45:46.0062 0240        Fastfat        (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
14:45:46.0203 0240        Fastfat - ok
14:45:46.0312 0240        FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
14:45:46.0375 0240        FastUserSwitchingCompatibility - ok
14:45:46.0468 0240        Fax            (08b8b302af0d1b3b8543429bbac8f21f) C:\WINDOWS\system32\fxssvc.exe
14:45:46.0593 0240        Fax - ok
14:45:46.0656 0240        Fdc            (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
14:45:46.0750 0240        Fdc - ok
14:45:46.0765 0240        Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
14:45:46.0890 0240        Fips - ok
14:45:46.0890 0240        Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
14:45:47.0000 0240        Flpydisk - ok
14:45:47.0031 0240        FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
14:45:47.0156 0240        FltMgr - ok
14:45:47.0250 0240        FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
14:45:47.0265 0240        FontCache3.0.0.0 - ok
14:45:47.0265 0240        Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:45:47.0406 0240        Fs_Rec - ok
14:45:47.0421 0240        Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:45:47.0531 0240        Ftdisk - ok
14:45:47.0562 0240        Gpc            (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:45:47.0656 0240        Gpc - ok
14:45:47.0796 0240        gupdate        (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
14:45:47.0812 0240        gupdate - ok
14:45:47.0828 0240        gupdatem        (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
14:45:47.0828 0240        gupdatem - ok
14:45:47.0859 0240        HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:45:47.0968 0240        HDAudBus - ok
14:45:48.0031 0240        helpsvc        (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:45:48.0125 0240        helpsvc - ok
14:45:48.0187 0240        HidServ - ok
14:45:48.0296 0240        hkmsvc          (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
14:45:48.0406 0240        hkmsvc - ok
14:45:48.0437 0240        hpn            (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
14:45:48.0546 0240        hpn - ok
14:45:48.0593 0240        HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
14:45:48.0656 0240        HTTP - ok
14:45:48.0750 0240        HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
14:45:48.0859 0240        HTTPFilter - ok
14:45:48.0890 0240        hwdatacard      (008ada74e3028fced5145f4f74230d4b) C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
14:45:48.0937 0240        hwdatacard - ok
14:45:48.0984 0240        i2omgmt        (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
14:45:49.0093 0240        i2omgmt - ok
14:45:49.0109 0240        i2omp          (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
14:45:49.0250 0240        i2omp - ok
14:45:49.0265 0240        i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:45:49.0390 0240        i8042prt - ok
14:45:49.0453 0240        ialm            (737da0be27652c4482ac5cde099bfce9) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
14:45:49.0562 0240        ialm - ok
14:45:49.0671 0240        idsvc          (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:45:49.0750 0240        idsvc - ok
14:45:49.0781 0240        Imapi          (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
14:45:49.0890 0240        Imapi - ok
14:45:50.0031 0240        ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
14:45:50.0140 0240        ImapiService - ok
14:45:50.0203 0240        ini910u        (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
14:45:50.0328 0240        ini910u - ok
14:45:50.0406 0240        int15.sys      (4d8d5b1c895ea0f2a721b98a7ce198f1) C:\Programme\Acer\eRecovery\int15.sys
14:45:50.0421 0240        int15.sys ( UnsignedFile.Multi.Generic ) - warning
14:45:50.0421 0240        int15.sys - detected UnsignedFile.Multi.Generic (1)
14:45:50.0421 0240        IntelIde        (69c4e3c9e67a1f103b94e14fdd5f3213) C:\WINDOWS\system32\DRIVERS\intelide.sys
14:45:50.0531 0240        IntelIde - ok
14:45:50.0562 0240        intelppm        (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:45:50.0687 0240        intelppm - ok
14:45:50.0718 0240        Ip6Fw          (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
14:45:50.0828 0240        Ip6Fw - ok
14:45:50.0875 0240        IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:45:50.0968 0240        IpFilterDriver - ok
14:45:51.0015 0240        IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:45:51.0125 0240        IpInIp - ok
14:45:51.0156 0240        IpNat          (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:45:51.0265 0240        IpNat - ok
14:45:51.0296 0240        IPSec          (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:45:51.0390 0240        IPSec - ok
14:45:51.0437 0240        irda            (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
14:45:51.0562 0240        irda - ok
14:45:51.0578 0240        IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
14:45:51.0687 0240        IRENUM - ok
14:45:51.0750 0240        Irmon          (2efe1db1ec58a26b0c14bfda122e246f) C:\WINDOWS\System32\irmon.dll
14:45:51.0843 0240        Irmon - ok
14:45:51.0875 0240        isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:45:52.0000 0240        isapnp - ok
14:45:52.0109 0240        JavaQuickStarterService (1834c96fb1f9280bcf6ddfa6de8338bf) C:\Programme\Java\jre6\bin\jqs.exe
14:45:52.0125 0240        JavaQuickStarterService - ok
14:45:52.0140 0240        Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:45:52.0250 0240        Kbdclass - ok
14:45:52.0312 0240        kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
14:45:52.0421 0240        kmixer - ok
14:45:52.0437 0240        KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
14:45:52.0484 0240        KSecDD - ok
14:45:52.0546 0240        lanmanserver    (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
14:45:52.0578 0240        lanmanserver - ok
14:45:52.0609 0240        lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
14:45:52.0656 0240        lanmanworkstation - ok
14:45:52.0671 0240        lbrtfdc - ok
14:45:52.0718 0240        LmHosts        (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
14:45:52.0828 0240        LmHosts - ok
14:45:52.0875 0240        Messenger      (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
14:45:52.0984 0240        Messenger - ok
14:45:53.0015 0240        mnmdd          (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
14:45:53.0140 0240        mnmdd - ok
14:45:53.0203 0240        mnmsrvc        (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
14:45:53.0312 0240        mnmsrvc - ok
14:45:53.0328 0240        Modem          (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
14:45:53.0453 0240        Modem - ok
14:45:53.0468 0240        Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:45:53.0593 0240        Mouclass - ok
14:45:53.0625 0240        MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
14:45:53.0734 0240        MountMgr - ok
14:45:53.0796 0240        MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
14:45:53.0812 0240        MozillaMaintenance - ok
14:45:53.0828 0240        mraid35x        (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
14:45:53.0953 0240        mraid35x - ok
14:45:53.0968 0240        MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:45:54.0093 0240        MRxDAV - ok
14:45:54.0140 0240        MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:45:54.0250 0240        MRxSmb - ok
14:45:54.0343 0240        MSDTC          (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
14:45:54.0453 0240        MSDTC - ok
14:45:54.0468 0240        Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
14:45:54.0578 0240        Msfs - ok
14:45:54.0671 0240        MSIServer - ok
14:45:54.0718 0240        MSKSSRV        (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:45:54.0828 0240        MSKSSRV - ok
14:45:54.0859 0240        MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:45:54.0953 0240        MSPCLOCK - ok
14:45:54.0968 0240        MSPQM          (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
14:45:55.0093 0240        MSPQM - ok
14:45:55.0109 0240        mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:45:55.0203 0240        mssmbios - ok
14:45:55.0218 0240        Mup            (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
14:45:55.0265 0240        Mup - ok
14:45:55.0390 0240        napagent        (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
14:45:55.0500 0240        napagent - ok
14:45:55.0531 0240        NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
14:45:55.0640 0240        NDIS - ok
14:45:55.0656 0240        NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:45:55.0671 0240        NdisTapi - ok
14:45:55.0703 0240        Ndisuio        (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:45:55.0812 0240        Ndisuio - ok
14:45:55.0828 0240        NdisWan        (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:45:55.0937 0240        NdisWan - ok
14:45:55.0984 0240        NDProxy        (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
14:45:56.0015 0240        NDProxy - ok
14:45:56.0046 0240        NetBIOS        (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
14:45:56.0156 0240        NetBIOS - ok
14:45:56.0218 0240        NetBT          (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
14:45:56.0328 0240        NetBT - ok
14:45:56.0421 0240        NetDDE          (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
14:45:56.0546 0240        NetDDE - ok
14:45:56.0546 0240        NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
14:45:56.0656 0240        NetDDEdsdm - ok
14:45:56.0703 0240        Netlogon        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
14:45:56.0828 0240        Netlogon - ok
14:45:56.0875 0240        Netman          (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
14:45:56.0984 0240        Netman - ok
14:45:57.0031 0240        NetManager - ok
14:45:57.0140 0240        NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:45:57.0140 0240        NetTcpPortSharing - ok
14:45:57.0187 0240        NIC1394        (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
14:45:57.0312 0240        NIC1394 - ok
14:45:57.0343 0240        Nla            (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
14:45:57.0406 0240        Nla - ok
14:45:57.0421 0240        Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
14:45:57.0515 0240        Npfs - ok
14:45:57.0546 0240        NSCIRDA        (2adc0ca9945c65284b3d19bc18765974) C:\WINDOWS\system32\DRIVERS\nscirda.sys
14:45:57.0640 0240        NSCIRDA - ok
14:45:57.0750 0240        Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
14:45:57.0859 0240        Ntfs - ok
14:45:57.0906 0240        NTIDrvr        (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
14:45:57.0937 0240        NTIDrvr ( UnsignedFile.Multi.Generic ) - warning
14:45:57.0937 0240        NTIDrvr - detected UnsignedFile.Multi.Generic (1)
14:45:57.0953 0240        NtLmSsp        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
14:45:58.0062 0240        NtLmSsp - ok
14:45:58.0187 0240        NtmsSvc        (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
14:45:58.0359 0240        NtmsSvc - ok
14:45:58.0406 0240        Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
14:45:58.0515 0240        Null - ok
14:45:58.0546 0240        NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:45:58.0671 0240        NwlnkFlt - ok
14:45:58.0687 0240        NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:45:58.0796 0240        NwlnkFwd - ok
14:45:58.0828 0240        ohci1394        (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
14:45:58.0937 0240        ohci1394 - ok
14:45:58.0953 0240        osaio          (9d1177c2a8de936b33d85ff75e8cbf1a) C:\WINDOWS\system32\drivers\osaio.sys
14:45:58.0984 0240        osaio ( UnsignedFile.Multi.Generic ) - warning
14:45:58.0984 0240        osaio - detected UnsignedFile.Multi.Generic (1)
14:45:59.0000 0240        osanbm          (3245bee5176697faf0744a2e1288dc77) C:\WINDOWS\system32\drivers\osanbm.sys
14:45:59.0000 0240        osanbm ( UnsignedFile.Multi.Generic ) - warning
14:45:59.0000 0240        osanbm - detected UnsignedFile.Multi.Generic (1)
14:45:59.0109 0240        ose            (7a56cf3e3f12e8af599963b16f50fb6a) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
14:45:59.0125 0240        ose - ok
14:45:59.0156 0240        Parport        (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
14:45:59.0265 0240        Parport - ok
14:45:59.0281 0240        PartMgr        (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
14:45:59.0390 0240        PartMgr - ok
14:45:59.0421 0240        ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
14:45:59.0531 0240        ParVdm - ok
14:45:59.0546 0240        PCI            (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
14:45:59.0640 0240        PCI - ok
14:45:59.0656 0240        PCIDump - ok
14:45:59.0671 0240        PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
14:45:59.0812 0240        PCIIde - ok
14:45:59.0843 0240        Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
14:45:59.0953 0240        Pcmcia - ok
14:45:59.0968 0240        PDCOMP - ok
14:45:59.0968 0240        PDFRAME - ok
14:45:59.0984 0240        PDRELI - ok
14:46:00.0000 0240        PDRFRAME - ok
14:46:00.0015 0240        perc2          (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
14:46:00.0140 0240        perc2 - ok
14:46:00.0156 0240        perc2hib        (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
14:46:00.0265 0240        perc2hib - ok
14:46:00.0328 0240        PlugPlay        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
14:46:00.0375 0240        PlugPlay - ok
14:46:00.0406 0240        PolicyAgent    (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
14:46:00.0500 0240        PolicyAgent - ok
14:46:00.0531 0240        PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:46:00.0640 0240        PptpMiniport - ok
14:46:00.0656 0240        ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
14:46:00.0765 0240        ProtectedStorage - ok
14:46:00.0781 0240        PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
14:46:00.0890 0240        PSched - ok
14:46:00.0906 0240        Ptilink        (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:46:01.0015 0240        Ptilink - ok
14:46:01.0031 0240        ql1080          (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
14:46:01.0140 0240        ql1080 - ok
14:46:01.0156 0240        Ql10wnt        (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
14:46:01.0281 0240        Ql10wnt - ok
14:46:01.0281 0240        ql12160        (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
14:46:01.0406 0240        ql12160 - ok
14:46:01.0421 0240        ql1240          (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
14:46:01.0531 0240        ql1240 - ok
14:46:01.0546 0240        ql1280          (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
14:46:01.0671 0240        ql1280 - ok
14:46:01.0687 0240        RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:46:01.0812 0240        RasAcd - ok
14:46:01.0875 0240        RasAuto        (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
14:46:01.0968 0240        RasAuto - ok
14:46:02.0000 0240        Rasirda        (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
14:46:02.0062 0240        Rasirda - ok
14:46:02.0078 0240        Rasl2tp        (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:46:02.0187 0240        Rasl2tp - ok
14:46:02.0265 0240        RasMan          (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
14:46:02.0359 0240        RasMan - ok
14:46:02.0375 0240        RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:46:02.0484 0240        RasPppoe - ok
14:46:02.0500 0240        Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
14:46:02.0625 0240        Raspti - ok
14:46:02.0656 0240        Rdbss          (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:46:02.0781 0240        Rdbss - ok
14:46:02.0781 0240        RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:46:02.0890 0240        RDPCDD - ok
14:46:02.0968 0240        rdpdr          (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:46:03.0078 0240        rdpdr - ok
14:46:03.0109 0240        RDPWD          (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
14:46:03.0125 0240        RDPWD - ok
14:46:03.0171 0240        RDSessMgr      (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
14:46:03.0296 0240        RDSessMgr - ok
14:46:03.0328 0240        redbook        (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
14:46:03.0437 0240        redbook - ok
14:46:03.0562 0240        RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
14:46:03.0656 0240        RemoteAccess - ok
14:46:04.0546 0240        RemoteRegistry  (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
14:46:04.0656 0240        RemoteRegistry - ok
14:46:04.0687 0240        RFCOMM          (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
14:46:04.0812 0240        RFCOMM - ok
14:46:04.0859 0240        RpcLocator      (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
14:46:04.0968 0240        RpcLocator - ok
14:46:05.0046 0240        RpcSs          (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
14:46:05.0093 0240        RpcSs - ok
14:46:05.0140 0240        RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
14:46:05.0281 0240        RSVP - ok
14:46:05.0312 0240        SamSs          (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
14:46:05.0406 0240        SamSs - ok
14:46:05.0437 0240        sbp2port        (b244960e5a1db8e9d5d17086de37c1e4) C:\WINDOWS\system32\DRIVERS\sbp2port.sys
14:46:05.0546 0240        sbp2port - ok
14:46:05.0593 0240        SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
14:46:05.0703 0240        SCardSvr - ok
14:46:05.0750 0240        Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
14:46:05.0859 0240        Schedule - ok
14:46:05.0906 0240        Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:46:06.0015 0240        Secdrv - ok
14:46:06.0093 0240        seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
14:46:06.0218 0240        seclogon - ok
14:46:06.0312 0240        SENS            (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
14:46:06.0406 0240        SENS - ok
14:46:06.0437 0240        serenum        (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
14:46:06.0531 0240        serenum - ok
14:46:06.0562 0240        Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
14:46:06.0671 0240        Serial - ok
14:46:06.0703 0240        Sfloppy        (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
14:46:06.0812 0240        Sfloppy - ok
14:46:06.0937 0240        SharedAccess    (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
14:46:07.0093 0240        SharedAccess - ok
14:46:07.0140 0240        ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
14:46:07.0171 0240        ShellHWDetection - ok
14:46:07.0187 0240        Simbad - ok
14:46:07.0218 0240        sisagp          (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
14:46:07.0328 0240        sisagp - ok
14:46:07.0343 0240        Sparrow        (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
14:46:07.0406 0240        Sparrow - ok
14:46:07.0468 0240        splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
14:46:07.0593 0240        splitter - ok
14:46:07.0625 0240        Spooler        (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
14:46:07.0656 0240        Spooler - ok
14:46:07.0671 0240        sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
14:46:07.0781 0240        sr - ok
14:46:07.0859 0240        srservice      (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
14:46:07.0968 0240        srservice - ok
14:46:08.0015 0240        Srv            (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
14:46:08.0078 0240        Srv - ok
14:46:08.0109 0240        SSDPSRV        (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
14:46:08.0234 0240        SSDPSRV - ok
14:46:08.0281 0240        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
14:46:08.0281 0240        ssmdrv - ok
14:46:08.0343 0240        STacSV          (f70ab08582e06a8bda3e470592d1a394) C:\WINDOWS\system32\STacSV.exe
14:46:08.0375 0240        STacSV - ok
14:46:08.0562 0240        STHDA          (146fac5d70c235cacebeff21b67651ba) C:\WINDOWS\system32\drivers\sthda.sys
14:46:08.0656 0240        STHDA - ok
14:46:08.0750 0240        stisvc          (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
14:46:08.0937 0240        stisvc - ok
14:46:09.0000 0240        swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
14:46:09.0109 0240        swenum - ok
14:46:09.0156 0240        swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
14:46:09.0265 0240        swmidi - ok
14:46:09.0359 0240        SwPrv - ok
14:46:09.0406 0240        symc810        (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
14:46:09.0515 0240        symc810 - ok
14:46:09.0531 0240        symc8xx        (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
14:46:09.0656 0240        symc8xx - ok
14:46:09.0671 0240        sym_hi          (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
14:46:09.0796 0240        sym_hi - ok
14:46:09.0796 0240        sym_u3          (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
14:46:09.0906 0240        sym_u3 - ok
14:46:09.0937 0240        sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
14:46:10.0046 0240        sysaudio - ok
14:46:10.0093 0240        SysmonLog      (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
14:46:10.0203 0240        SysmonLog - ok
14:46:10.0296 0240        TapiSrv        (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
14:46:10.0406 0240        TapiSrv - ok
14:46:10.0453 0240        Tcpip          (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:46:10.0546 0240        Tcpip - ok
14:46:10.0578 0240        TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
14:46:10.0687 0240        TDPIPE - ok
14:46:10.0703 0240        TDTCP          (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
14:46:10.0812 0240        TDTCP - ok
14:46:10.0875 0240        TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
14:46:10.0984 0240        TermDD - ok
14:46:11.0078 0240        TermService    (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
14:46:11.0203 0240        TermService - ok
14:46:11.0250 0240        Themes          (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
14:46:11.0281 0240        Themes - ok
14:46:11.0312 0240        tifm21          (8778a553003a3d37a550a1f9cff6be28) C:\WINDOWS\system32\drivers\tifm21.sys
14:46:11.0343 0240        tifm21 - ok
14:46:11.0437 0240        TlntSvr        (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\system32\tlntsvr.exe
14:46:11.0546 0240        TlntSvr - ok
14:46:11.0578 0240        TosIde          (d213a9247dc347f305a2d4cc9b951487) C:\WINDOWS\system32\DRIVERS\toside.sys
14:46:11.0703 0240        TosIde - ok
14:46:11.0765 0240        TrkWks          (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
14:46:11.0875 0240        TrkWks - ok
14:46:11.0906 0240        Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
14:46:12.0031 0240        Udfs - ok
14:46:12.0046 0240        ultra          (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
14:46:12.0093 0240        ultra - ok
14:46:12.0140 0240        Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
14:46:12.0296 0240        Update - ok
14:46:12.0359 0240        upnphost        (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
14:46:12.0468 0240        upnphost - ok
14:46:12.0531 0240        UPS            (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
14:46:12.0640 0240        UPS - ok
14:46:12.0656 0240        usbccgp        (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:46:12.0765 0240        usbccgp - ok
14:46:12.0796 0240        usbehci        (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:46:12.0906 0240        usbehci - ok
14:46:12.0953 0240        usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:46:13.0078 0240        usbhub - ok
14:46:13.0109 0240        usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:46:13.0203 0240        usbprint - ok
14:46:13.0218 0240        usbscan        (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:46:13.0328 0240        usbscan - ok
14:46:13.0343 0240        USBSTOR        (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:46:13.0453 0240        USBSTOR - ok
14:46:13.0484 0240        usbuhci        (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:46:13.0593 0240        usbuhci - ok
14:46:13.0609 0240        VgaSave        (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
14:46:13.0718 0240        VgaSave - ok
14:46:13.0750 0240        viaagp          (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
14:46:13.0859 0240        viaagp - ok
14:46:13.0875 0240        ViaIde          (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
14:46:13.0984 0240        ViaIde - ok
14:46:14.0000 0240        VolSnap        (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
14:46:14.0125 0240        VolSnap - ok
14:46:14.0234 0240        VSS            (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
14:46:14.0359 0240        VSS - ok
14:46:14.0484 0240        w29n51          (f0608f3b5b6d16f4870e867f9d069b6b) C:\WINDOWS\system32\DRIVERS\w29n51.sys
14:46:14.0687 0240        w29n51 - ok
14:46:14.0812 0240        W32Time        (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
14:46:14.0937 0240        W32Time - ok
14:46:15.0000 0240        Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:46:15.0125 0240        Wanarp - ok
14:46:15.0125 0240        wanatw - ok
14:46:15.0140 0240        WDICA - ok
14:46:15.0218 0240        wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
14:46:15.0328 0240        wdmaud - ok
14:46:15.0390 0240        WebClient      (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
14:46:15.0484 0240        WebClient - ok
14:46:15.0578 0240        winmgmt        (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
14:46:15.0687 0240        winmgmt - ok
14:46:15.0781 0240        WmdmPmSN        (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
14:46:15.0828 0240        WmdmPmSN - ok
14:46:15.0906 0240        Wmi            (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
14:46:16.0015 0240        Wmi - ok
14:46:16.0062 0240        WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:46:16.0171 0240        WmiApSrv - ok
14:46:16.0281 0240        WMPNetworkSvc  (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
14:46:16.0390 0240        WMPNetworkSvc - ok
14:46:16.0546 0240        WpdUsb          (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
14:46:16.0578 0240        WpdUsb - ok
14:46:16.0625 0240        WS2IFSL        (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
14:46:16.0750 0240        WS2IFSL - ok
14:46:17.0078 0240        wscsvc          (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
14:46:17.0218 0240        wscsvc - ok
14:46:17.0343 0240        wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
14:46:17.0453 0240        wuauserv - ok
14:46:17.0625 0240        WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:46:17.0750 0240        WudfPf - ok
14:46:17.0890 0240        WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:46:17.0984 0240        WudfRd - ok
14:46:18.0140 0240        WudfSvc        (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
14:46:18.0203 0240        WudfSvc - ok
14:46:18.0734 0240        WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
14:46:19.0203 0240        WZCSVC - ok
14:46:19.0593 0240        xmlprov        (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
14:46:19.0734 0240        xmlprov - ok
14:46:19.0765 0240        MBR (0x1B8)    (67d07fa51dcd5a4397248f397bb779ae) \Device\Harddisk0\DR0
14:46:23.0343 0240        \Device\Harddisk0\DR0 - ok
14:46:23.0375 0240        Boot (0x1200)  (5494ca22baa14df0a6617a357d5b006e) \Device\Harddisk0\DR0\Partition0
14:46:23.0390 0240        \Device\Harddisk0\DR0\Partition0 - ok
14:46:23.0406 0240        Boot (0x1200)  (e8c8b62123fae8a469368f9d5e703bc6) \Device\Harddisk0\DR0\Partition1
14:46:23.0406 0240        \Device\Harddisk0\DR0\Partition1 - ok
14:46:23.0406 0240        ============================================================
14:46:23.0406 0240        Scan finished
14:46:23.0406 0240        ============================================================
14:46:23.0515 2604        Detected object count: 14
14:46:23.0515 2604        Actual detected object count: 14
14:46:31.0937 2604        btaudio ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:31.0937 2604        btaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:31.0937 2604        BTDriver ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:31.0937 2604        BTDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:31.0937 2604        BTKRNL ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:31.0937 2604        BTKRNL ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:31.0937 2604        BTSERIAL ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:31.0937 2604        BTSERIAL ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:31.0937 2604        BTSLBCSP ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:31.0937 2604        BTSLBCSP ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:31.0937 2604        btwdins ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:31.0937 2604        btwdins ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:31.0953 2604        BTWDNDIS ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:31.0953 2604        BTWDNDIS ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:31.0953 2604        BTWUSB ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:31.0953 2604        BTWUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:31.0953 2604        EpmPsd ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:31.0953 2604        EpmPsd ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:31.0953 2604        EpmShd ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:31.0953 2604        EpmShd ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:31.0953 2604        int15.sys ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:31.0953 2604        int15.sys ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:31.0953 2604        NTIDrvr ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:31.0953 2604        NTIDrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:31.0953 2604        osaio ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:31.0953 2604        osaio ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:31.0953 2604        osanbm ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:31.0953 2604        osanbm ( UnsignedFile.Multi.Generic ) - User select action: Skip
Ist es jetzt so ok? Sorry, wegen meiner Blödheit...


Alle Zeitangaben in WEZ +1. Es ist jetzt 20:24 Uhr.
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131