Trojaner-Board - Wegen Trojaner funktioniert der Task Manager nicht mehr (PUM.Hijack.TaskManager)

So, hier ist das Scan-Ergebnis:

OTL Logfile:

Code:

OTL logfile created on: 28.06.2012 18:33:07 - Run 1

OTL by OldTimer - Version 3.2.53.0     Folder = C:\Dokumente und Einstellungen\Papa\Eigene Dateien\Downloads

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

1022,37 Mb Total Physical Memory | 481,16 Mb Available Physical Memory | 47,06% Memory free

2,40 Gb Paging File | 1,81 Gb Available in Paging File | 75,48% Paging File free

Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 88,29 Gb Total Space | 42,67 Gb Free Space | 48,33% Space Free | Partition Type: NTFS

 

Computer Name: D93B392J | User Name: Papa | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2012.06.28 18:30:23 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Papa\Eigene Dateien\Downloads\OTL.exe

PRC - [2012.05.24 13:28:56 | 000,055,184 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe

PRC - [2012.05.08 22:14:01 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe

PRC - [2012.05.08 22:14:00 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe

PRC - [2012.05.08 22:14:00 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe

PRC - [2012.05.08 22:14:00 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe

PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2012.04.04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe

PRC - [2012.01.18 15:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe

PRC - [2009.05.14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Programme\Gemeinsame Dateien\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

PRC - [2009.03.31 09:39:36 | 000,233,472 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe

PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2007.08.09 09:27:52 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe

PRC - [2006.04.06 15:57:54 | 000,380,928 | ---- | M] (Dell Inc.) -- C:\Programme\Dell\QuickSet\NicConfigSvc.exe

PRC - [2005.12.28 13:04:56 | 000,262,217 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\Wireless\Bin\WLKEEPER.exe

PRC - [2005.12.28 12:56:16 | 000,602,182 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Wireless\Bin\iFrmewrk.exe

PRC - [2005.12.28 12:55:40 | 000,667,718 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Wireless\Bin\ZCfgSvc.exe

PRC - [2005.12.28 12:52:32 | 000,397,381 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Wireless\Bin\Dot1XCfg.exe

PRC - [2005.11.16 22:35:16 | 000,397,312 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe

PRC - [2005.08.12 15:43:58 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Programme\ATI Technologies\ATI.ACE\CLI.exe

PRC - [2005.06.10 11:44:02 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe

PRC - [2005.01.27 02:02:00 | 000,086,016 | ---- | M] () -- C:\Programme\Dell\Media Experience\DMXLauncher.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2012.06.14 19:31:01 | 000,843,776 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_fac08d85\system.drawing.dll

MOD - [2012.06.14 19:30:45 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_60108c45\system.windows.forms.dll

MOD - [2012.06.14 19:30:17 | 000,471,040 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll

MOD - [2012.05.08 22:14:01 | 000,398,288 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll

MOD - [2012.01.12 00:57:36 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_d9909f1e\mscorlib.dll

MOD - [2012.01.12 00:57:13 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_c3667d61\system.xml.dll

MOD - [2012.01.12 00:56:53 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_7e6de60c\system.dll

MOD - [2012.01.12 00:56:35 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll

MOD - [2012.01.12 00:56:34 | 001,269,760 | ---- | M] () -- c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll

MOD - [2012.01.12 00:56:32 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll

MOD - [2011.06.24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll

MOD - [2011.06.24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll

MOD - [2005.12.28 13:11:34 | 000,876,544 | ---- | M] () -- C:\Programme\Intel\Wireless\Bin\Libeay32.dll

MOD - [2005.12.28 13:11:34 | 000,208,965 | ---- | M] () -- C:\Programme\Intel\Wireless\Bin\iWMSProv.dll

MOD - [2005.12.28 13:11:34 | 000,053,322 | ---- | M] () -- C:\Programme\Intel\Wireless\Bin\IntStngs.dll

MOD - [2005.11.16 11:05:08 | 000,970,862 | ---- | M] () -- C:\Programme\Intel\Wireless\Bin\acAuth.dll

MOD - [2005.01.27 02:02:00 | 000,086,016 | ---- | M] () -- C:\Programme\Dell\Media Experience\DMXLauncher.exe

MOD - [2004.08.13 14:03:34 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll

MOD - [2004.08.13 14:03:34 | 000,372,736 | ---- | M] () -- c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll

MOD - [2004.08.13 14:03:34 | 000,323,584 | ---- | M] () -- c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll

MOD - [2004.08.13 14:02:46 | 000,233,472 | ---- | M] () -- c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_de_b77a5c561934e089\mscorlib.resources.dll

MOD - [2004.08.13 14:02:46 | 000,180,224 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms.resources\1.0.5000.0_de_b77a5c561934e089\system.windows.forms.resources.dll

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)

SRV - [2012.06.24 12:56:30 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012.06.20 09:02:20 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012.05.24 13:28:56 | 000,055,184 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)

SRV - [2012.05.08 22:14:01 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2012.05.08 22:14:00 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2011.07.20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)

SRV - [2009.05.14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)

SRV - [2009.03.31 09:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)

SRV - [2008.04.07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

SRV - [2007.08.09 09:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)

SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

SRV - [2006.04.06 15:57:54 | 000,380,928 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Programme\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)

SRV - [2005.12.28 13:04:56 | 000,262,217 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER) Intel(R)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)

DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] --  -- (Changer)

DRV - [2012.05.08 22:14:01 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)

DRV - [2012.05.08 22:14:01 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)

DRV - [2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)

DRV - [2011.12.15 16:00:00 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)

DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)

DRV - [2009.03.31 09:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)

DRV - [2009.03.20 10:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)

DRV - [2009.03.20 10:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)

DRV - [2009.03.20 10:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)

DRV - [2007.09.17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)

DRV - [2006.02.16 07:39:00 | 001,421,312 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)

DRV - [2005.12.28 14:22:08 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)

DRV - [2005.12.04 17:55:30 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel(R)

DRV - [2005.11.16 22:36:00 | 001,047,816 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)

DRV - [2005.10.14 16:40:18 | 000,307,968 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)

DRV - [2005.10.14 16:40:18 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)

DRV - [2005.10.14 16:40:18 | 000,028,544 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)

DRV - [2005.08.12 18:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\APPDRV.SYS -- (APPDRV)

DRV - [2005.08.05 17:32:16 | 000,045,312 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)

DRV - [2005.07.22 04:02:12 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)

DRV - [2005.07.22 04:01:08 | 000,201,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)

DRV - [2005.07.22 04:01:00 | 000,717,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)

DRV - [2004.02.13 17:46:00 | 000,017,153 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-3240873840-885149338-1370247657-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/

IE - HKU\S-1-5-21-3240873840-885149338-1370247657-1006\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-3240873840-885149338-1370247657-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC

IE - HKU\S-1-5-21-3240873840-885149338-1370247657-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3240873840-885149338-1370247657-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 
 ========== FireFox ==========

 

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {4DC70064-89E2-4a55-8FC6-E8CDEAE3612C}:0.6.7

FF - user.js - File not found

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.06.20 09:02:22 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.06.14 19:18:09 | 000,000,000 | ---D | M]

 

[2011.03.12 15:24:58 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Mozilla\Extensions

[2012.06.27 10:24:05 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Mozilla\Firefox\Profiles\4j0qeuz2.default\extensions

[2011.03.12 15:31:51 | 000,000,000 | ---D | M] (Ad blocker) -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Mozilla\Firefox\Profiles\4j0qeuz2.default\extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3612C}

[2012.06.27 10:24:05 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Mozilla\Firefox\Profiles\4j0qeuz2.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

[2012.06.14 19:18:14 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions

[2012.06.14 19:18:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

[2012.06.20 09:02:22 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll

[2012.04.27 09:33:14 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml

[2012.04.27 09:33:14 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml

[2012.04.27 09:33:14 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml

[2012.04.27 09:33:14 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml

[2012.04.27 09:33:14 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml

[2012.04.27 09:33:14 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2004.08.04 15:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)

O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)

O3 - HKLM\..\Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - No CLSID value found.

O4 - HKLM..\Run: []  File not found

O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [ATICCC] C:\Programme\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)

O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - HKLM..\Run: [DMXLauncher] C:\Programme\Dell\Media Experience\DMXLauncher.exe ()

O4 - HKLM..\Run: [IntelWireless] C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)

O4 - HKLM..\Run: [IntelZeroConfig] C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)

O4 - HKLM..\Run: [ISUSPM Startup] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\isuspm.exe (InstallShield Software Corporation)

O4 - HKLM..\Run: [ISUSScheduler] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [NPSStartup]  File not found

O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)

O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKU\S-1-5-21-3240873840-885149338-1370247657-1006..\Run: [AutoStartNPSAgent] C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-3240873840-885149338-1370247657-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)

O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.4.2/jinstall-1_4_2_03-windows-i586.cab (Java Plug-in 1.4.2_03)

O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1E0B5D0C-267D-4577-945F-26A5DDC73FFA}: DhcpNameServer = 192.168.2.1

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)

O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home

O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp

O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp

O27 - HKLM IFEO\taskmgr.exe: Debugger - P9KDMF.EXE File not found

O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2004.08.13 13:54:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 

NetSvcs: 6to4 -  File not found

NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found

NetSvcs: Ias -  File not found

NetSvcs: Iprip -  File not found

NetSvcs: Irmon -  File not found

NetSvcs: NWCWorkstation -  File not found

NetSvcs: Nwsapagent -  File not found

NetSvcs: WmdmPmSp -  File not found

 

MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^Alexander^Startmenü^Programme^Autostart^OpenOffice.org 3.3.lnk - C:\Programme\OpenOffice.org 3\program\quickstart.exe - ()

MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Windows Search.lnk - C:\Programme\Windows Desktop Search\WindowsSearch.exe - (Microsoft Corporation)

MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^Papa^Startmenü^Programme^Autostart^OpenOffice.org 3.3.lnk - C:\Programme\OpenOffice.org 3\program\quickstart.exe - ()

MsConfig - StartUpReg: BrowserChoice - hkey= - key= -  File not found

MsConfig - StartUpReg: Dell QuickSet - hkey= - key= - C:\Programme\Dell\QuickSet\quickset.exe (Dell Inc)

MsConfig - StartUpReg: EEventManager - hkey= - key= - C:\Programme\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)

MsConfig - StartUpReg: EPSON SX230 Series - hkey= - key= -  File not found

MsConfig - StartUpReg: HP Software Update - hkey= - key= - C:\Programme\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Company)

MsConfig - StartUpReg: ModemOnHold - hkey= - key= - C:\Programme\NetWaiting\netwaiting.exe ()

MsConfig - State: "system.ini" - 0

MsConfig - State: "win.ini" - 0

MsConfig - State: "bootini" - 0

MsConfig - State: "services" - 0

MsConfig - State: "startup" - 2

 

 

 

ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)

ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1

ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370)

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4

ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation

ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1

ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe

ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)

ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser

ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install

ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework

ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner

ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1

ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\INF\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

 

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)

Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)

Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)

Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.06.28 00:16:58 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Papa\Recent

[2012.06.27 10:25:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Papa\dwhelper

[2012.06.26 22:09:53 | 000,000,000 | ---D | C] -- C:\Programme\ESET

[2012.06.26 16:47:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\pokerth

[2012.06.22 16:06:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Papa\Desktop\Neuer Ordner

[2012.06.22 09:36:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Malwarebytes

[2012.06.22 09:36:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware

[2012.06.22 09:36:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes

[2012.06.22 09:36:07 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2012.06.22 09:36:07 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware

[2012.06.15 13:38:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\PokerTH

[2012.06.15 13:37:33 | 000,000,000 | ---D | C] -- C:\Programme\PokerTH-0.9.4

[2012.06.15 13:14:24 | 000,000,000 | ---D | C] -- C:\Programme\GameTop.com

[2012.06.14 20:19:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\iTunes

[2012.06.14 20:17:22 | 000,000,000 | ---D | C] -- C:\Programme\iPod

[2012.05.30 21:52:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ElsterFormular

[2012.05.30 21:51:45 | 000,000,000 | ---D | C] -- C:\Programme\ElsterFormular

[2012.05.30 21:41:43 | 000,000,000 | ---D | C] -- C:\temp

[2012.05.30 21:06:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Epson

[2012.05.30 20:59:23 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\EPSON

[2012.05.30 20:57:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Papa\Lokale Einstellungen\Anwendungsdaten\ABBYY

[2012.05.30 20:56:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ABBYY FineReader 9.0 Sprint

[2012.05.30 20:49:32 | 000,000,000 | ---D | C] -- C:\Programme\ABBYY FineReader 9.0 Sprint

[2012.05.30 20:49:31 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\ABBYY

[2012.05.30 20:49:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ABBYY

[2012.05.30 20:46:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\UDL

[2012.05.30 20:44:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\InstallShield

[2012.05.30 20:42:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Epson Software

[2012.05.30 20:42:12 | 000,000,000 | ---D | C] -- C:\Programme\Epson Software

[2012.05.30 20:41:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON

[2012.05.30 20:40:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\EPSON

[2012.05.30 20:40:41 | 000,000,000 | ---D | C] -- C:\Programme\epson

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.06.28 18:05:17 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2012.06.28 18:05:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2012.06.28 18:05:06 | 1072,103,424 | -HS- | M] () -- C:\hiberfil.sys

[2012.06.28 07:56:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2012.06.27 21:44:15 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2012.06.27 21:39:52 | 000,048,640 | ---- | M] () -- C:\Dokumente und Einstellungen\Papa\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012.06.22 13:41:52 | 000,003,766 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys

[2012.06.22 13:41:51 | 000,000,088 | RHS- | M] () -- C:\WINDOWS\System32\A1DD740E5C.sys

[2012.06.22 12:17:37 | 000,002,163 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Safari.lnk

[2012.06.14 20:20:00 | 000,001,522 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk

[2012.06.14 19:42:58 | 000,307,600 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2012.05.30 21:55:17 | 000,115,188 | ---- | M] () -- C:\Dokumente und Einstellungen\Papa\ESt2011_WEISSHORN_Karl-Heinz_und_WEISSHORN_Magdalena.elfo

[2012.05.30 21:52:36 | 000,000,854 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ElsterFormular.lnk

[2012.05.30 21:16:33 | 000,000,000 | ---- | M] () -- C:\WINDOWS\EEventManager.INI

[2012.05.30 20:46:40 | 000,001,772 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Epson Easy Photo Print.lnk

[2012.05.30 20:44:22 | 000,000,306 | ---- | M] () -- C:\WINDOWS\setup.iss

[2012.05.30 20:43:21 | 000,001,943 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Benutzerhandbuch - Grundlagen EPSON SX230 Series.lnk

[2012.05.30 20:43:14 | 000,001,945 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Benutzerhandbuch EPSON SX230 Series.lnk

[2012.05.30 20:40:50 | 000,000,665 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\EPSON Scan.lnk

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2012.06.22 09:09:04 | 000,048,640 | ---- | C] () -- C:\Dokumente und Einstellungen\Papa\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012.06.14 20:20:00 | 000,001,522 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk

[2012.05.30 21:52:36 | 000,000,854 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ElsterFormular.lnk

[2012.05.30 21:16:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI

[2012.05.30 20:46:40 | 000,001,772 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Epson Easy Photo Print.lnk

[2012.05.30 20:44:15 | 000,000,306 | ---- | C] () -- C:\WINDOWS\setup.iss

[2012.05.30 20:43:21 | 000,001,943 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Benutzerhandbuch - Grundlagen EPSON SX230 Series.lnk

[2012.05.30 20:43:14 | 000,001,945 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Benutzerhandbuch EPSON SX230 Series.lnk

[2012.05.30 20:40:50 | 000,000,665 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\EPSON Scan.lnk

[2012.05.17 22:09:36 | 000,115,188 | ---- | C] () -- C:\Dokumente und Einstellungen\Papa\ESt2011_WEISSHORN_Karl-Heinz_und_WEISSHORN_Magdalena.elfo

[2012.02.16 16:19:53 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2011.09.29 21:23:08 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll

[2011.09.29 21:23:08 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys

[2011.09.29 21:22:53 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\$_hpcst$.hpc

[2011.06.23 17:11:13 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2011.05.16 20:26:51 | 000,109,907 | ---- | C] () -- C:\Dokumente und Einstellungen\Papa\ESt2010_WEISSHORN_Karl-Heinz_und_WEISSHORN_Magdalena.elfo

[2011.03.16 16:52:05 | 000,064,380 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat

[2011.03.12 15:23:10 | 000,000,137 | ---- | C] () -- C:\Dokumente und Einstellungen\Papa\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat

[2011.03.11 19:18:06 | 000,003,766 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys

[2011.03.11 19:18:06 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\A1DD740E5C.sys

[2011.03.08 19:37:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2006.05.25 00:33:31 | 000,000,004 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QSLLPSVCShare

 
 ========== LOP Check ==========

 

[2012.05.30 21:51:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\elsterformular

[2012.05.30 20:59:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON

[2011.09.29 22:34:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite

[2012.05.30 20:46:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\UDL

[2011.03.18 12:43:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

[2012.03.25 17:50:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\elsterformular

[2012.05.30 21:06:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Epson

[2011.03.12 15:56:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\OpenOffice.org

[2011.12.20 20:26:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Opera

[2011.09.29 22:34:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\PC Suite

[2012.06.26 16:47:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\pokerth

[2011.09.29 21:22:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Samsung

[2012.05.17 21:30:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Windows Search

[2011.03.09 17:00:01 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\ISP-Anmeldungserinnerung 1.job

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 
 < %ALLUSERSPROFILE%\Application Data\*. >

 
 < %ALLUSERSPROFILE%\Application Data\*.exe /s >

 
 < %APPDATA%\*. >

[2011.03.13 19:28:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Adobe

[2011.07.22 15:44:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Apple Computer

[2006.05.25 00:47:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\ATI

[2012.02.12 21:58:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Avira

[2006.05.25 00:40:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Corel

[2011.07.23 00:04:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Corel Photo Album

[2011.03.26 23:01:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\CyberLink

[2012.03.25 17:50:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\elsterformular

[2012.05.30 21:06:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Epson

[2012.02.26 16:54:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Google

[2004.08.13 14:00:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Identities

[2012.05.30 20:44:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\InstallShield

[2006.05.25 00:35:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Intel

[2011.03.12 19:29:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Macromedia

[2012.06.22 09:36:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Malwarebytes

[2011.09.02 21:35:29 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Microsoft

[2011.03.12 15:24:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Mozilla

[2011.03.12 15:56:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\OpenOffice.org

[2011.12.20 20:26:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Opera

[2011.09.29 22:34:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\PC Suite

[2012.06.26 16:47:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\pokerth

[2011.09.29 21:22:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Samsung

[2006.05.25 00:28:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Sun

[2011.12.28 22:50:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\vlc

[2012.05.17 21:30:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Windows Search

 
 < %APPDATA%\*.exe /s >

[2011.09.29 22:29:31 | 000,069,632 | ---- | M] () -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Samsung\New PC Studio\DriverChecker.exe

[2011.09.29 22:06:21 | 089,280,248 | ---- | M] (Samsung Electronics Co., Ltd.                                ) -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Samsung\New PC Studio\LiveUpdate\Setup_For_Full_Update_IH2_7.exe

[2011.10.07 21:12:31 | 000,530,432 | ---- | M] () -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Samsung\New PC Studio\LiveUpdate\Setup_Full_Update_NPS2_10064_2.exe

 
 < %SYSTEMDRIVE%\*.exe >

 
 < MD5 for: AGP440.SYS  >

[2004.08.04 15:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys

[2004.08.04 15:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys

[2011.03.08 19:04:40 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

[2011.03.08 19:04:40 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys

[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\i386\agp440.sys

[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys

[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

[2004.08.04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

 
 < MD5 for: ATAPI.SYS  >

[2004.08.04 15:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys

[2004.08.04 15:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys

[2011.03.08 19:04:40 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys

[2011.03.08 19:04:40 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys

[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\i386\atapi.sys

[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys

[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys

 
 < MD5 for: EVENTLOG.DLL  >

[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\i386\eventlog.dll

[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll

[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll

[2004.08.04 15:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

 
 < MD5 for: NETLOGON.DLL  >

[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\i386\netlogon.dll

[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll

[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll

[2004.08.04 15:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtUninstallKB968389_1$\netlogon.dll

[2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll

[2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll

[2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

[2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$NtUninstallKB975467_1$\netlogon.dll

 
 < MD5 for: SCECLI.DLL  >

[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\i386\scecli.dll

[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll

[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll

[2004.08.04 15:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll

 
 < MD5 for: USER32.DLL  >

[2004.08.04 15:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll

[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\i386\user32.dll

[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll

[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll

 
 < MD5 for: USERINIT.EXE  >

[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\i386\userinit.exe

[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe

[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe

[2004.08.04 15:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

 
 < MD5 for: WINLOGON.EXE  >

[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

[2004.08.04 15:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe

[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\i386\winlogon.exe

[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe

[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe

 
 < MD5 for: WS2IFSL.SYS  >

[2004.08.04 15:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\i386\ws2ifsl.sys

[2004.08.04 15:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys

 
 < %systemroot%\system32\drivers\*.sys /lockedfiles >

 
 < %systemroot%\System32\config\*.sav >

[2004.08.13 13:46:20 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav

[2004.08.13 13:46:20 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav

[2004.08.13 13:46:20 | 000,417,792 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

 
 < %systemroot%\*. /mp /s >

 
 < %systemroot%\system32\*.dll /lockedfiles >

[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
 

< End of report >

--- --- ---

Hab den TDSS-Killer durchgeführt und er hat auch einiges gefunden:

Code:

17:09:10.0359 1328        TDSS rootkit removing tool 2.7.44.0 Jul  2 2012 20:01:08

17:09:10.0640 1328        ============================================================

17:09:10.0640 1328        Current date / time: 2012/07/03 17:09:10.0640

17:09:10.0640 1328        SystemInfo:

17:09:10.0640 1328        

17:09:10.0640 1328        OS Version: 5.1.2600 ServicePack: 3.0

17:09:10.0640 1328        Product type: Workstation

17:09:10.0640 1328        ComputerName: D93B392J

17:09:10.0640 1328        UserName: Alexander

17:09:10.0640 1328        Windows directory: C:\WINDOWS

17:09:10.0640 1328        System windows directory: C:\WINDOWS

17:09:10.0640 1328        Processor architecture: Intel x86

17:09:10.0640 1328        Number of processors: 2

17:09:10.0640 1328        Page size: 0x1000

17:09:10.0640 1328        Boot type: Normal boot

17:09:10.0640 1328        ============================================================

17:09:22.0593 1328        Drive \Device\Harddisk0\DR0 - Size: 0x16F0649400 (91.76 Gb), SectorSize: 0x200, Cylinders: 0x2ECA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

17:09:22.0640 1328        ============================================================

17:09:22.0640 1328        \Device\Harddisk0\DR0:

17:09:22.0640 1328        MBR partitions:

17:09:22.0640 1328        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2B24B, BlocksNum 0xB0926C5

17:09:22.0640 1328        ============================================================

17:09:22.0984 1328        C: <-> \Device\Harddisk0\DR0\Partition0

17:09:23.0531 1328        ============================================================

17:09:23.0531 1328        Initialize success

17:09:23.0531 1328        ============================================================

17:11:29.0109 3364        ============================================================

17:11:29.0109 3364        Scan started

17:11:29.0109 3364        Mode: Manual; SigCheck; TDLFS; 

17:11:29.0109 3364        ============================================================

17:11:29.0468 3364        ABBYY.Licensing.FineReader.Sprint.9.0 (b33cf4de909a5b30f526d82053a63c8e) C:\Programme\Gemeinsame Dateien\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

17:11:29.0796 3364        ABBYY.Licensing.FineReader.Sprint.9.0 - ok

17:11:29.0906 3364        Abiosdsk - ok

17:11:29.0953 3364        abp480n5        (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS

17:11:31.0859 3364        abp480n5 - ok

17:11:31.0921 3364        ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys

17:11:32.0171 3364        ACPI - ok

17:11:32.0234 3364        ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys

17:11:32.0375 3364        ACPIEC - ok

17:11:32.0531 3364        AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

17:11:32.0531 3364        AdobeFlashPlayerUpdateSvc - ok

17:11:32.0546 3364        adpu160m        (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys

17:11:32.0671 3364        adpu160m - ok

17:11:32.0718 3364        aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

17:11:32.0890 3364        aec - ok

17:11:32.0968 3364        AegisP          (12dafd934641dcf61e446313bc261ec2) C:\WINDOWS\system32\DRIVERS\AegisP.sys

17:11:32.0984 3364        AegisP ( UnsignedFile.Multi.Generic ) - warning

17:11:32.0984 3364        AegisP - detected UnsignedFile.Multi.Generic (1)

17:11:33.0046 3364        AFD             (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

17:11:33.0109 3364        AFD - ok

17:11:33.0156 3364        agp440          (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys

17:11:33.0281 3364        agp440 - ok

17:11:33.0281 3364        agpCPQ          (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys

17:11:33.0421 3364        agpCPQ - ok

17:11:33.0437 3364        Aha154x         (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys

17:11:33.0500 3364        Aha154x - ok

17:11:33.0515 3364        aic78u2         (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys

17:11:33.0656 3364        aic78u2 - ok

17:11:33.0671 3364        aic78xx         (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys

17:11:33.0812 3364        aic78xx - ok

17:11:33.0859 3364        Alerter         (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll

17:11:33.0984 3364        Alerter - ok

17:11:34.0015 3364        ALG             (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe

17:11:34.0125 3364        ALG - ok

17:11:34.0125 3364        AliIde          (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys

17:11:34.0281 3364        AliIde - ok

17:11:34.0312 3364        alim1541        (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys

17:11:34.0421 3364        alim1541 - ok

17:11:34.0421 3364        amdagp          (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys

17:11:34.0546 3364        amdagp - ok

17:11:34.0546 3364        amsint          (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys

17:11:34.0609 3364        amsint - ok

17:11:34.0828 3364        AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Programme\Avira\AntiVir Desktop\sched.exe

17:11:34.0843 3364        AntiVirSchedulerService - ok

17:11:34.0921 3364        AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Programme\Avira\AntiVir Desktop\avguard.exe

17:11:34.0921 3364        AntiVirService - ok

17:11:34.0984 3364        APPDRV          (ec94e05b76d033b74394e7b2175103cf) C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS

17:11:34.0984 3364        APPDRV ( UnsignedFile.Multi.Generic ) - warning

17:11:34.0984 3364        APPDRV - detected UnsignedFile.Multi.Generic (1)

17:11:35.0140 3364        Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe

17:11:35.0156 3364        Apple Mobile Device - ok

17:11:35.0218 3364        AppMgmt         (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll

17:11:35.0421 3364        AppMgmt - ok

17:11:35.0468 3364        Arp1394         (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

17:11:35.0593 3364        Arp1394 - ok

17:11:35.0671 3364        asc             (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys

17:11:35.0828 3364        asc - ok

17:11:35.0828 3364        asc3350p        (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys

17:11:35.0921 3364        asc3350p - ok

17:11:35.0921 3364        asc3550         (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys

17:11:36.0062 3364        asc3550 - ok

17:11:36.0171 3364        aspnet_state    (e1a1206a4fb19b675e947b29ccd25fba) C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe

17:11:36.0203 3364        aspnet_state ( UnsignedFile.Multi.Generic ) - warning

17:11:36.0203 3364        aspnet_state - detected UnsignedFile.Multi.Generic (1)

17:11:36.0203 3364        AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

17:11:36.0312 3364        AsyncMac - ok

17:11:36.0328 3364        atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

17:11:36.0437 3364        atapi - ok

17:11:36.0437 3364        Atdisk - ok

17:11:36.0531 3364        Ati HotKey Poller (954c1d5b84d1cf925999a4c27e2ab34d) C:\WINDOWS\system32\Ati2evxx.exe

17:11:36.0703 3364        Ati HotKey Poller - ok

17:11:36.0859 3364        ati2mtag        (bebeb471617782d138b6f92e7c3fab1c) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys

17:11:37.0093 3364        ati2mtag - ok

17:11:37.0125 3364        Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

17:11:37.0312 3364        Atmarpc - ok

17:11:37.0375 3364        AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll

17:11:37.0484 3364        AudioSrv - ok

17:11:37.0515 3364        audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

17:11:37.0625 3364        audstub - ok

17:11:37.0703 3364        avgntflt        (d5541f0afb767e85fc412fc609d96a74) C:\WINDOWS\system32\DRIVERS\avgntflt.sys

17:11:37.0734 3364        avgntflt - ok

17:11:37.0765 3364        avipbb          (7d967a682d4694df7fa57d63a2db01fe) C:\WINDOWS\system32\DRIVERS\avipbb.sys

17:11:37.0781 3364        avipbb - ok

17:11:37.0796 3364        avkmgr          (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys

17:11:37.0812 3364        avkmgr - ok

17:11:37.0921 3364        bcm4sbxp        (c768c8a463d32c219ce291645a0621a4) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys

17:11:38.0000 3364        bcm4sbxp - ok

17:11:38.0062 3364        Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

17:11:38.0187 3364        Beep - ok

17:11:38.0250 3364        BITS            (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll

17:11:38.0437 3364        BITS - ok

17:11:38.0640 3364        Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Programme\Bonjour\mDNSResponder.exe

17:11:38.0656 3364        Bonjour Service - ok

17:11:38.0703 3364        Browser         (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll

17:11:38.0843 3364        Browser - ok

17:11:38.0875 3364        cbidf           (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys

17:11:39.0093 3364        cbidf - ok

17:11:39.0093 3364        cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

17:11:39.0218 3364        cbidf2k - ok

17:11:39.0234 3364        cd20xrnt        (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys

17:11:39.0312 3364        cd20xrnt - ok

17:11:39.0343 3364        Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

17:11:39.0484 3364        Cdaudio - ok

17:11:39.0515 3364        Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

17:11:39.0609 3364        Cdfs - ok

17:11:39.0671 3364        Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

17:11:39.0812 3364        Cdrom - ok

17:11:39.0812 3364        Changer - ok

17:11:39.0843 3364        CiSvc           (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe

17:11:39.0984 3364        CiSvc - ok

17:11:40.0031 3364        ClipSrv         (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe

17:11:40.0187 3364        ClipSrv - ok

17:11:40.0218 3364        CmBatt          (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

17:11:40.0359 3364        CmBatt - ok

17:11:40.0390 3364        CmdIde          (c687f81290303d90099b027a6474f99f) C:\WINDOWS\system32\DRIVERS\cmdide.sys

17:11:40.0531 3364        CmdIde - ok

17:11:40.0531 3364        Compbatt        (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys

17:11:40.0656 3364        Compbatt - ok

17:11:40.0656 3364        COMSysApp - ok

17:11:40.0687 3364        Cpqarray        (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys

17:11:40.0796 3364        Cpqarray - ok

17:11:40.0859 3364        CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll

17:11:40.0984 3364        CryptSvc - ok

17:11:41.0031 3364        dac2w2k         (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys

17:11:41.0140 3364        dac2w2k - ok

17:11:41.0171 3364        dac960nt        (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys

17:11:41.0312 3364        dac960nt - ok

17:11:41.0390 3364        DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll

17:11:41.0500 3364        DcomLaunch - ok

17:11:41.0562 3364        Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll

17:11:41.0703 3364        Dhcp - ok

17:11:41.0734 3364        Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

17:11:41.0875 3364        Disk - ok

17:11:41.0875 3364        dmadmin - ok

17:11:41.0953 3364        dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys

17:11:42.0156 3364        dmboot - ok

17:11:42.0171 3364        dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys

17:11:42.0296 3364        dmio - ok

17:11:42.0343 3364        dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

17:11:42.0500 3364        dmload - ok

17:11:42.0531 3364        dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll

17:11:42.0671 3364        dmserver - ok

17:11:42.0703 3364        DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

17:11:42.0843 3364        DMusic - ok

17:11:42.0890 3364        Dnscache        (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll

17:11:43.0046 3364        Dnscache - ok

17:11:43.0093 3364        Dot3svc         (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll

17:11:43.0203 3364        Dot3svc - ok

17:11:43.0234 3364        dpti2o          (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys

17:11:43.0375 3364        dpti2o - ok

17:11:43.0390 3364        drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

17:11:43.0515 3364        drmkaud - ok

17:11:43.0562 3364        drvmcdb         (e814854e6b246ccf498874839ab64d77) C:\WINDOWS\system32\drivers\drvmcdb.sys

17:11:43.0578 3364        drvmcdb ( UnsignedFile.Multi.Generic ) - warning

17:11:43.0578 3364        drvmcdb - detected UnsignedFile.Multi.Generic (1)

17:11:43.0593 3364        drvnddm         (ee83a4ebae70bc93cf14879d062f548b) C:\WINDOWS\system32\drivers\drvnddm.sys

17:11:43.0593 3364        drvnddm ( UnsignedFile.Multi.Generic ) - warning

17:11:43.0593 3364        drvnddm - detected UnsignedFile.Multi.Generic (1)

17:11:43.0625 3364        E100B           (a6de5342417fec3c0aa8efebb899c431) C:\WINDOWS\system32\DRIVERS\e100b325.sys

17:11:43.0750 3364        E100B - ok

17:11:43.0765 3364        EapHost         (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll

17:11:43.0890 3364        EapHost - ok

17:11:43.0953 3364        ERSvc           (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll

17:11:44.0078 3364        ERSvc - ok

17:11:44.0140 3364        Eventlog        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe

17:11:44.0203 3364        Eventlog - ok

17:11:44.0265 3364        EventSystem     (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll

17:11:44.0343 3364        EventSystem - ok

17:11:44.0484 3364        EvtEng          (ed9c755312f29d55b8c815eec7115635) C:\Programme\Intel\Wireless\Bin\EvtEng.exe

17:11:44.0515 3364        EvtEng ( UnsignedFile.Multi.Generic ) - warning

17:11:44.0515 3364        EvtEng - detected UnsignedFile.Multi.Generic (1)

17:11:44.0593 3364        Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

17:11:44.0765 3364        Fastfat - ok

17:11:44.0843 3364        FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll

17:11:44.0906 3364        FastUserSwitchingCompatibility - ok

17:11:44.0953 3364        Fax             (08b8b302af0d1b3b8543429bbac8f21f) C:\WINDOWS\system32\fxssvc.exe

17:11:45.0078 3364        Fax - ok

17:11:45.0109 3364        Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

17:11:45.0203 3364        Fdc - ok

17:11:45.0234 3364        Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys

17:11:45.0359 3364        Fips - ok

17:11:45.0375 3364        Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

17:11:45.0515 3364        Flpydisk - ok

17:11:45.0546 3364        FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

17:11:45.0718 3364        FltMgr - ok

17:11:45.0765 3364        FsUsbExDisk     (790a4ca68f44be35967b3df61f3e4675) C:\WINDOWS\system32\FsUsbExDisk.SYS

17:11:45.0781 3364        FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning

17:11:45.0781 3364        FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)

17:11:45.0812 3364        FsUsbExService  (d3f9205cc4cb07553f2f9472c767ea87) C:\WINDOWS\system32\FsUsbExService.Exe

17:11:45.0875 3364        FsUsbExService ( UnsignedFile.Multi.Generic ) - warning

17:11:45.0875 3364        FsUsbExService - detected UnsignedFile.Multi.Generic (1)

17:11:45.0937 3364        Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

17:11:46.0062 3364        Fs_Rec - ok

17:11:46.0125 3364        Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

17:11:46.0250 3364        Ftdisk - ok

17:11:46.0312 3364        GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

17:11:46.0328 3364        GEARAspiWDM - ok

17:11:46.0406 3364        Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

17:11:46.0546 3364        Gpc - ok

17:11:46.0609 3364        gusvc           (c1b577b2169900f4cf7190c39f085794) C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe

17:11:46.0625 3364        gusvc - ok

17:11:46.0656 3364        HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

17:11:46.0828 3364        HDAudBus - ok

17:11:46.0968 3364        helpsvc         (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

17:11:47.0078 3364        helpsvc - ok

17:11:47.0078 3364        HidServ - ok

17:11:47.0140 3364        HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

17:11:47.0265 3364        HidUsb - ok

17:11:47.0312 3364        hkmsvc          (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll

17:11:47.0421 3364        hkmsvc - ok

17:11:47.0453 3364        hpn             (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys

17:11:47.0578 3364        hpn - ok

17:11:47.0593 3364        HPZid412        (9f1d80908658eb7f1bf70809e0b51470) C:\WINDOWS\system32\DRIVERS\HPZid412.sys

17:11:47.0671 3364        HPZid412 - ok

17:11:47.0703 3364        HPZipr12        (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

17:11:47.0734 3364        HPZipr12 - ok

17:11:47.0734 3364        HPZius12        (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINDOWS\system32\DRIVERS\HPZius12.sys

17:11:47.0875 3364        HPZius12 - ok

17:11:47.0937 3364        HSFHWAZL        (1c8caa80e91fb71864e9426f9eed048d) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys

17:11:48.0031 3364        HSFHWAZL - ok

17:11:48.0125 3364        HSF_DPV         (698204d9c2832e53633e53a30a53fc3d) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys

17:11:48.0281 3364        HSF_DPV - ok

17:11:48.0359 3364        HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

17:11:48.0421 3364        HTTP - ok

17:11:48.0453 3364        HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll

17:11:48.0578 3364        HTTPFilter - ok

17:11:48.0640 3364        i2omgmt         (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys

17:11:48.0750 3364        i2omgmt - ok

17:11:48.0765 3364        i2omp           (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys

17:11:48.0890 3364        i2omp - ok

17:11:48.0921 3364        i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

17:11:49.0046 3364        i8042prt - ok

17:11:49.0062 3364        Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

17:11:49.0171 3364        Imapi - ok

17:11:49.0234 3364        ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe

17:11:49.0343 3364        ImapiService - ok

17:11:49.0390 3364        ini910u         (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys

17:11:49.0531 3364        ini910u - ok

17:11:49.0562 3364        IntelIde        (69c4e3c9e67a1f103b94e14fdd5f3213) C:\WINDOWS\system32\DRIVERS\intelide.sys

17:11:49.0687 3364        IntelIde - ok

17:11:49.0734 3364        intelppm        (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys

17:11:49.0859 3364        intelppm - ok

17:11:49.0890 3364        Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

17:11:49.0984 3364        Ip6Fw - ok

17:11:50.0031 3364        IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

17:11:50.0140 3364        IpFilterDriver - ok

17:11:50.0156 3364        IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

17:11:50.0250 3364        IpInIp - ok

17:11:50.0281 3364        IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

17:11:50.0390 3364        IpNat - ok

17:11:50.0562 3364        iPod Service    (e6be7a41a28d8f2db174957454d32448) C:\Programme\iPod\bin\iPodService.exe

17:11:50.0609 3364        iPod Service - ok

17:11:50.0656 3364        IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

17:11:50.0812 3364        IPSec - ok

17:11:50.0843 3364        IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

17:11:51.0015 3364        IRENUM - ok

17:11:51.0062 3364        isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys

17:11:51.0218 3364        isapnp - ok

17:11:51.0375 3364        JavaQuickStarterService (de5d05fd449798ef88cc34ad4b1e7f85) C:\Programme\Java\jre6\bin\jqs.exe

17:11:51.0390 3364        JavaQuickStarterService - ok

17:11:51.0406 3364        Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

17:11:51.0515 3364        Kbdclass - ok

17:11:51.0546 3364        kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

17:11:51.0671 3364        kmixer - ok

17:11:51.0703 3364        KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

17:11:51.0781 3364        KSecDD - ok

17:11:51.0843 3364        lanmanserver    (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll

17:11:51.0890 3364        lanmanserver - ok

17:11:51.0921 3364        lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll

17:11:51.0968 3364        lanmanworkstation - ok

17:11:51.0968 3364        lbrtfdc - ok

17:11:52.0046 3364        LmHosts         (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll

17:11:52.0187 3364        LmHosts - ok

17:11:52.0250 3364        MBAMProtector   (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys

17:11:52.0265 3364        MBAMProtector - ok

17:11:52.0375 3364        MBAMService     (ba400ed640bca1eae5c727ae17c10207) C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe

17:11:52.0437 3364        MBAMService - ok

17:11:52.0500 3364        mdmxsdk         (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

17:11:52.0531 3364        mdmxsdk - ok

17:11:52.0578 3364        Messenger       (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll

17:11:52.0750 3364        Messenger - ok

17:11:52.0796 3364        mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

17:11:52.0906 3364        mnmdd - ok

17:11:52.0968 3364        mnmsrvc         (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe

17:11:53.0093 3364        mnmsrvc - ok

17:11:53.0140 3364        Modem           (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys

17:11:53.0281 3364        Modem - ok

17:11:53.0296 3364        Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys

17:11:53.0453 3364        Mouclass - ok

17:11:53.0515 3364        mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys

17:11:53.0687 3364        mouhid - ok

17:11:53.0718 3364        MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

17:11:53.0875 3364        MountMgr - ok

17:11:53.0953 3364        MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe

17:11:53.0984 3364        MozillaMaintenance - ok

17:11:54.0000 3364        mraid35x        (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys

17:11:54.0109 3364        mraid35x - ok

17:11:54.0125 3364        MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

17:11:54.0250 3364        MRxDAV - ok

17:11:54.0328 3364        MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

17:11:54.0406 3364        MRxSmb - ok

17:11:54.0453 3364        MSDTC           (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe

17:11:54.0593 3364        MSDTC - ok

17:11:54.0609 3364        Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

17:11:54.0765 3364        Msfs - ok

17:11:54.0765 3364        MSIServer - ok

17:11:54.0781 3364        MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

17:11:54.0968 3364        MSKSSRV - ok

17:11:55.0000 3364        MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

17:11:55.0109 3364        MSPCLOCK - ok

17:11:55.0125 3364        MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

17:11:55.0250 3364        MSPQM - ok

17:11:55.0281 3364        mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

17:11:55.0390 3364        mssmbios - ok

17:11:55.0437 3364        Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

17:11:55.0484 3364        Mup - ok

17:11:55.0578 3364        napagent        (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll

17:11:55.0703 3364        napagent - ok

17:11:55.0734 3364        NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

17:11:55.0859 3364        NDIS - ok

17:11:55.0921 3364        NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

17:11:55.0984 3364        NdisTapi - ok

17:11:56.0046 3364        Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

17:11:56.0187 3364        Ndisuio - ok

17:11:56.0187 3364        NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

17:11:56.0328 3364        NdisWan - ok

17:11:56.0390 3364        NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

17:11:56.0468 3364        NDProxy - ok

17:11:56.0500 3364        NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

17:11:56.0609 3364        NetBIOS - ok

17:11:56.0640 3364        NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

17:11:56.0765 3364        NetBT - ok

17:11:56.0828 3364        NetDDE          (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe

17:11:56.0984 3364        NetDDE - ok

17:11:56.0984 3364        NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe

17:11:57.0109 3364        NetDDEdsdm - ok

17:11:57.0156 3364        Netlogon        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe

17:11:57.0281 3364        Netlogon - ok

17:11:57.0296 3364        Netman          (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll

17:11:57.0437 3364        Netman - ok

17:11:57.0453 3364        NIC1394         (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

17:11:57.0562 3364        NIC1394 - ok

17:11:57.0781 3364        NICCONFIGSVC    (11d8a00c7eff1aaec8e8464769c84a3d) C:\Programme\Dell\QuickSet\NICCONFIGSVC.exe

17:11:57.0796 3364        NICCONFIGSVC ( UnsignedFile.Multi.Generic ) - warning

17:11:57.0796 3364        NICCONFIGSVC - detected UnsignedFile.Multi.Generic (1)

17:11:57.0875 3364        Nla             (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll

17:11:57.0921 3364        Nla - ok

17:11:57.0921 3364        Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

17:11:58.0031 3364        Npfs - ok

17:11:58.0109 3364        Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

17:11:58.0375 3364        Ntfs - ok

17:11:58.0453 3364        NtLmSsp         (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe

17:11:58.0546 3364        NtLmSsp - ok

17:11:58.0593 3364        NtmsSvc         (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll

17:11:58.0781 3364        NtmsSvc - ok

17:11:58.0828 3364        Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

17:11:58.0968 3364        Null - ok

17:11:59.0093 3364        nv              (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

17:11:59.0359 3364        nv - ok

17:11:59.0515 3364        NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

17:11:59.0703 3364        NwlnkFlt - ok

17:11:59.0703 3364        NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

17:11:59.0812 3364        NwlnkFwd - ok

17:12:00.0046 3364        odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE

17:12:00.0109 3364        odserv - ok

17:12:00.0156 3364        ohci1394        (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

17:12:00.0281 3364        ohci1394 - ok

17:12:00.0343 3364        omci            (b17228142cec9b3c222239fd935a37ca) C:\WINDOWS\system32\DRIVERS\omci.sys

17:12:00.0359 3364        omci ( UnsignedFile.Multi.Generic ) - warning

17:12:00.0359 3364        omci - detected UnsignedFile.Multi.Generic (1)

17:12:00.0421 3364        ose             (5a432a042dae460abe7199b758e8606c) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE

17:12:00.0453 3364        ose - ok

17:12:00.0484 3364        Parport         (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys

17:12:00.0703 3364        Parport - ok

17:12:00.0703 3364        PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

17:12:00.0843 3364        PartMgr - ok

17:12:00.0906 3364        ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys

17:12:01.0046 3364        ParVdm - ok

17:12:01.0078 3364        pccsmcfd        (175cc28dcf819f78caa3fbd44ad9e52a) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys

17:12:01.0156 3364        pccsmcfd - ok

17:12:01.0171 3364        PCI             (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys

17:12:01.0296 3364        PCI - ok

17:12:01.0296 3364        PCIDump - ok

17:12:01.0312 3364        PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys

17:12:01.0453 3364        PCIIde - ok

17:12:01.0453 3364        Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys

17:12:01.0578 3364        Pcmcia - ok

17:12:01.0578 3364        PDCOMP - ok

17:12:01.0593 3364        PDFRAME - ok

17:12:01.0593 3364        PDRELI - ok

17:12:01.0609 3364        PDRFRAME - ok

17:12:01.0625 3364        perc2           (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys

17:12:01.0750 3364        perc2 - ok

17:12:01.0765 3364        perc2hib        (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys

17:12:01.0890 3364        perc2hib - ok

17:12:01.0984 3364        PlugPlay        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe

17:12:02.0046 3364        PlugPlay - ok

17:12:02.0093 3364        Pml Driver HPZ12 (2d091a99624fb9e7eef0a86d872ec0c3) C:\WINDOWS\system32\HPZipm12.exe

17:12:02.0109 3364        Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

17:12:02.0109 3364        Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

17:12:02.0140 3364        PolicyAgent     (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe

17:12:02.0234 3364        PolicyAgent - ok

17:12:02.0281 3364        PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

17:12:02.0390 3364        PptpMiniport - ok

17:12:02.0390 3364        ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe

17:12:02.0500 3364        ProtectedStorage - ok

17:12:02.0500 3364        PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

17:12:02.0625 3364        PSched - ok

17:12:02.0671 3364        Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

17:12:02.0781 3364        Ptilink - ok

17:12:02.0843 3364        PxHelp20        (86724469cd077901706854974cd13c3e) C:\WINDOWS\system32\Drivers\PxHelp20.sys

17:12:02.0843 3364        PxHelp20 ( UnsignedFile.Multi.Generic ) - warning

17:12:02.0843 3364        PxHelp20 - detected UnsignedFile.Multi.Generic (1)

17:12:02.0875 3364        ql1080          (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys

17:12:02.0984 3364        ql1080 - ok

17:12:02.0984 3364        Ql10wnt         (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys

17:12:03.0125 3364        Ql10wnt - ok

17:12:03.0125 3364        ql12160         (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys

17:12:03.0234 3364        ql12160 - ok

17:12:03.0250 3364        ql1240          (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys

17:12:03.0359 3364        ql1240 - ok

17:12:03.0359 3364        ql1280          (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys

17:12:03.0484 3364        ql1280 - ok

17:12:03.0500 3364        RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

17:12:03.0625 3364        RasAcd - ok

17:12:03.0671 3364        RasAuto         (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll

17:12:03.0812 3364        RasAuto - ok

17:12:03.0843 3364        Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

17:12:03.0953 3364        Rasl2tp - ok

17:12:04.0031 3364        RasMan          (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll

17:12:04.0125 3364        RasMan - ok

17:12:04.0140 3364        RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

17:12:04.0250 3364        RasPppoe - ok

17:12:04.0296 3364        Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

17:12:04.0421 3364        Raspti - ok

17:12:04.0437 3364        Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

17:12:04.0562 3364        Rdbss - ok

17:12:04.0562 3364        RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

17:12:04.0687 3364        RDPCDD - ok

17:12:04.0718 3364        rdpdr           (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

17:12:04.0859 3364        rdpdr - ok

17:12:04.0906 3364        RDPWD           (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys

17:12:04.0968 3364        RDPWD - ok

17:12:05.0015 3364        RDSessMgr       (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe

17:12:05.0171 3364        RDSessMgr - ok

17:12:05.0203 3364        redbook         (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys

17:12:05.0312 3364        redbook - ok

17:12:05.0468 3364        RegSrvc         (6f81c8a63fb824eb8a2401ab45795553) C:\Programme\Intel\Wireless\Bin\RegSrvc.exe

17:12:05.0500 3364        RegSrvc ( UnsignedFile.Multi.Generic ) - warning

17:12:05.0500 3364        RegSrvc - detected UnsignedFile.Multi.Generic (1)

17:12:05.0546 3364        RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll

17:12:05.0718 3364        RemoteAccess - ok

17:12:05.0750 3364        RemoteRegistry  (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll

17:12:05.0843 3364        RemoteRegistry - ok

17:12:05.0875 3364        rimmptsk        (24ed7af20651f9fa1f249482e7c1f165) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys

17:12:05.0921 3364        rimmptsk - ok

17:12:05.0937 3364        rimsptsk        (1bdba2d2d402415a78a4ba766dfe0f7b) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys

17:12:05.0984 3364        rimsptsk - ok

17:12:06.0046 3364        rismxdp         (f774ecd11a064f0debb2d4395418153c) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys

17:12:06.0078 3364        rismxdp - ok

17:12:06.0140 3364        RpcLocator      (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe

17:12:06.0296 3364        RpcLocator - ok

17:12:06.0390 3364        RpcSs           (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll

17:12:06.0515 3364        RpcSs - ok

17:12:06.0562 3364        RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe

17:12:06.0734 3364        RSVP - ok

17:12:06.0812 3364        S24EventMonitor (b792f2c647b1fc3e4987de582ee00fe3) C:\Programme\Intel\Wireless\Bin\S24EvMon.exe

17:12:06.0875 3364        S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning

17:12:06.0875 3364        S24EventMonitor - detected UnsignedFile.Multi.Generic (1)

17:12:06.0937 3364        s24trans        (2e4e912ce95f5ef4d4a5079f6ce367fc) C:\WINDOWS\system32\DRIVERS\s24trans.sys

17:12:06.0968 3364        s24trans ( UnsignedFile.Multi.Generic ) - warning

17:12:06.0968 3364        s24trans - detected UnsignedFile.Multi.Generic (1)

17:12:07.0031 3364        SamSs           (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe

17:12:07.0125 3364        SamSs - ok

17:12:07.0171 3364        SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe

17:12:07.0281 3364        SCardSvr - ok

17:12:07.0343 3364        Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll

17:12:07.0468 3364        Schedule - ok

17:12:07.0531 3364        sdbus           (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys

17:12:07.0656 3364        sdbus - ok

17:12:07.0687 3364        Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

17:12:07.0796 3364        Secdrv - ok

17:12:07.0828 3364        seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll

17:12:07.0953 3364        seclogon - ok

17:12:07.0968 3364        SENS            (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll

17:12:08.0078 3364        SENS - ok

17:12:08.0109 3364        serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

17:12:08.0203 3364        serenum - ok

17:12:08.0265 3364        Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys

17:12:08.0390 3364        Serial - ok

17:12:08.0515 3364        ServiceLayer    (9d38320bb32230349379df5ddbbf7fce) C:\Programme\PC Connectivity Solution\ServiceLayer.exe

17:12:08.0578 3364        ServiceLayer ( UnsignedFile.Multi.Generic ) - warning

17:12:08.0578 3364        ServiceLayer - detected UnsignedFile.Multi.Generic (1)

17:12:08.0609 3364        sffdisk         (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys

17:12:08.0765 3364        sffdisk - ok

17:12:08.0781 3364        sffp_sd         (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys

17:12:08.0906 3364        sffp_sd - ok

17:12:08.0921 3364        Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

17:12:09.0046 3364        Sfloppy - ok

17:12:09.0125 3364        SharedAccess    (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll

17:12:09.0234 3364        SharedAccess - ok

17:12:09.0296 3364        ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll

17:12:09.0375 3364        ShellHWDetection - ok

17:12:09.0375 3364        Simbad - ok

17:12:09.0437 3364        sisagp          (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys

17:12:09.0562 3364        sisagp - ok

17:12:09.0593 3364        Sparrow         (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys

17:12:09.0687 3364        Sparrow - ok

17:12:09.0718 3364        splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

17:12:09.0843 3364        splitter - ok

17:12:09.0906 3364        Spooler         (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe

17:12:09.0937 3364        Spooler - ok

17:12:10.0000 3364        sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys

17:12:10.0109 3364        sr - ok

17:12:10.0171 3364        srservice       (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll

17:12:10.0296 3364        srservice - ok

17:12:10.0375 3364        Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

17:12:10.0437 3364        Srv - ok

17:12:10.0468 3364        sscdbhk5        (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys

17:12:10.0484 3364        sscdbhk5 ( UnsignedFile.Multi.Generic ) - warning

17:12:10.0484 3364        sscdbhk5 - detected UnsignedFile.Multi.Generic (1)

17:12:10.0515 3364        SSDPSRV         (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll

17:12:10.0640 3364        SSDPSRV - ok

17:12:10.0687 3364        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys

17:12:10.0703 3364        ssmdrv - ok

17:12:10.0703 3364        ssrtln          (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys

17:12:10.0765 3364        ssrtln ( UnsignedFile.Multi.Generic ) - warning

17:12:10.0765 3364        ssrtln - detected UnsignedFile.Multi.Generic (1)

17:12:10.0828 3364        ss_bbus         (eaa66218cd39f5bb1b4853a78c67c787) C:\WINDOWS\system32\DRIVERS\ss_bbus.sys

17:12:10.0843 3364        ss_bbus - ok

17:12:10.0890 3364        ss_bmdfl        (91765f99914ed8693d8bc76524f21581) C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys

17:12:10.0890 3364        ss_bmdfl - ok

17:12:10.0906 3364        ss_bmdm         (840e7b738b03c10ee91d9b7d3d6eff15) C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys

17:12:10.0921 3364        ss_bmdm - ok

17:12:11.0031 3364        STHDA           (2a2dc39623adef8ab3703ab9fac4b440) C:\WINDOWS\system32\drivers\sthda.sys

17:12:11.0234 3364        STHDA - ok

17:12:11.0343 3364        stisvc          (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll

17:12:11.0484 3364        stisvc - ok

17:12:11.0531 3364        swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

17:12:11.0656 3364        swenum - ok

17:12:11.0687 3364        swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

17:12:11.0796 3364        swmidi - ok

17:12:11.0796 3364        SwPrv - ok

17:12:11.0828 3364        symc810         (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys

17:12:11.0968 3364        symc810 - ok

17:12:12.0000 3364        symc8xx         (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys

17:12:12.0125 3364        symc8xx - ok

17:12:12.0125 3364        sym_hi          (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys

17:12:12.0250 3364        sym_hi - ok

17:12:12.0250 3364        sym_u3          (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys

17:12:12.0359 3364        sym_u3 - ok

17:12:12.0437 3364        SynTP           (35d5b3632e0bcebe27b391157de05996) C:\WINDOWS\system32\DRIVERS\SynTP.sys

17:12:12.0468 3364        SynTP - ok

17:12:12.0500 3364        sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

17:12:12.0609 3364        sysaudio - ok

17:12:12.0640 3364        SysmonLog       (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe

17:12:12.0750 3364        SysmonLog - ok

17:12:12.0812 3364        TapiSrv         (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll

17:12:12.0937 3364        TapiSrv - ok

17:12:13.0031 3364        Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

17:12:13.0093 3364        Tcpip - ok

17:12:13.0140 3364        TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

17:12:13.0296 3364        TDPIPE - ok

17:12:13.0296 3364        TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

17:12:13.0453 3364        TDTCP - ok

17:12:13.0468 3364        TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

17:12:13.0609 3364        TermDD - ok

17:12:13.0640 3364        TermService     (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll

17:12:13.0796 3364        TermService - ok

17:12:13.0843 3364        tfsnboio        (30698355067d07da5f9eb81132c9fdd6) C:\WINDOWS\system32\dla\tfsnboio.sys

17:12:13.0859 3364        tfsnboio ( UnsignedFile.Multi.Generic ) - warning

17:12:13.0859 3364        tfsnboio - detected UnsignedFile.Multi.Generic (1)

17:12:13.0859 3364        tfsncofs        (fb9d825bb4a2abdf24600f7505050e2b) C:\WINDOWS\system32\dla\tfsncofs.sys

17:12:13.0859 3364        tfsncofs ( UnsignedFile.Multi.Generic ) - warning

17:12:13.0859 3364        tfsncofs - detected UnsignedFile.Multi.Generic (1)

17:12:13.0875 3364        tfsndrct        (cafd8cca11aa1e8b6d2ea1ba8f70ec33) C:\WINDOWS\system32\dla\tfsndrct.sys

17:12:13.0890 3364        tfsndrct ( UnsignedFile.Multi.Generic ) - warning

17:12:13.0890 3364        tfsndrct - detected UnsignedFile.Multi.Generic (1)

17:12:13.0906 3364        tfsndres        (d4400188782aa797598958969c9657d4) C:\WINDOWS\system32\dla\tfsndres.sys

17:12:13.0906 3364        tfsndres ( UnsignedFile.Multi.Generic ) - warning

17:12:13.0921 3364        tfsndres - detected UnsignedFile.Multi.Generic (1)

17:12:13.0921 3364        tfsnifs         (b92f67a71cc8176f331b8aa8d9f555ad) C:\WINDOWS\system32\dla\tfsnifs.sys

17:12:13.0921 3364        tfsnifs ( UnsignedFile.Multi.Generic ) - warning

17:12:13.0921 3364        tfsnifs - detected UnsignedFile.Multi.Generic (1)

17:12:13.0937 3364        tfsnopio        (85985faa9a71e2358fcc2edefc2a3c5c) C:\WINDOWS\system32\dla\tfsnopio.sys

17:12:13.0953 3364        tfsnopio ( UnsignedFile.Multi.Generic ) - warning

17:12:13.0953 3364        tfsnopio - detected UnsignedFile.Multi.Generic (1)

17:12:13.0968 3364        tfsnpool        (bba22094f0f7c210567efdaf11f64495) C:\WINDOWS\system32\dla\tfsnpool.sys

17:12:13.0984 3364        tfsnpool ( UnsignedFile.Multi.Generic ) - warning

17:12:13.0984 3364        tfsnpool - detected UnsignedFile.Multi.Generic (1)

17:12:13.0984 3364        tfsnudf         (81340bef80b9811e98ce64611e67e3ff) C:\WINDOWS\system32\dla\tfsnudf.sys

17:12:14.0000 3364        tfsnudf ( UnsignedFile.Multi.Generic ) - warning

17:12:14.0000 3364        tfsnudf - detected UnsignedFile.Multi.Generic (1)

17:12:14.0015 3364        tfsnudfa        (c035fd116224ccc8325f384776b6a8bb) C:\WINDOWS\system32\dla\tfsnudfa.sys

17:12:14.0031 3364        tfsnudfa ( UnsignedFile.Multi.Generic ) - warning

17:12:14.0031 3364        tfsnudfa - detected UnsignedFile.Multi.Generic (1)

17:12:14.0109 3364        Themes          (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll

17:12:14.0140 3364        Themes - ok

17:12:14.0218 3364        TlntSvr         (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\system32\tlntsvr.exe

17:12:14.0390 3364        TlntSvr - ok

17:12:14.0406 3364        TosIde          (d213a9247dc347f305a2d4cc9b951487) C:\WINDOWS\system32\DRIVERS\toside.sys

17:12:14.0531 3364        TosIde - ok

17:12:14.0578 3364        TrkWks          (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll

17:12:14.0687 3364        TrkWks - ok

17:12:14.0734 3364        Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

17:12:14.0859 3364        Udfs - ok

17:12:14.0906 3364        ultra           (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys

17:12:14.0968 3364        ultra - ok

17:12:15.0000 3364        UMWdf           (c81b8635dee0d3ef5f64b3dd643023a5) C:\WINDOWS\system32\wdfmgr.exe

17:12:15.0062 3364        UMWdf - ok

17:12:15.0140 3364        Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

17:12:15.0281 3364        Update - ok

17:12:15.0328 3364        upnphost        (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll

17:12:15.0468 3364        upnphost - ok

17:12:15.0484 3364        UPS             (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe

17:12:15.0578 3364        UPS - ok

17:12:15.0625 3364        USBAAPL         (eafe1e00739afe6c51487a050e772e17) C:\WINDOWS\system32\Drivers\usbaapl.sys

17:12:15.0703 3364        USBAAPL - ok

17:12:15.0750 3364        usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

17:12:15.0875 3364        usbccgp - ok

17:12:15.0906 3364        usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

17:12:16.0031 3364        usbehci - ok

17:12:16.0093 3364        usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

17:12:16.0203 3364        usbhub - ok

17:12:16.0218 3364        usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

17:12:16.0328 3364        usbprint - ok

17:12:16.0390 3364        usbscan         (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

17:12:16.0484 3364        usbscan - ok

17:12:16.0546 3364        USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

17:12:16.0671 3364        USBSTOR - ok

17:12:16.0703 3364        usbuhci         (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

17:12:16.0828 3364        usbuhci - ok

17:12:16.0828 3364        VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

17:12:16.0968 3364        VgaSave - ok

17:12:17.0000 3364        viaagp          (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys

17:12:17.0109 3364        viaagp - ok

17:12:17.0125 3364        ViaIde          (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys

17:12:17.0250 3364        ViaIde - ok

17:12:17.0281 3364        VolSnap         (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys

17:12:17.0406 3364        VolSnap - ok

17:12:17.0437 3364        VSS             (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe

17:12:17.0625 3364        VSS - ok

17:12:17.0656 3364        w32time         (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll

17:12:17.0781 3364        w32time - ok

17:12:17.0906 3364        w39n51          (b1f126e7e28877106d60e6ff3998d033) C:\WINDOWS\system32\DRIVERS\w39n51.sys

17:12:18.0109 3364        w39n51 - ok

17:12:18.0171 3364        Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

17:12:18.0281 3364        Wanarp - ok

17:12:18.0296 3364        WDICA - ok

17:12:18.0328 3364        wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

17:12:18.0453 3364        wdmaud - ok

17:12:18.0515 3364        WebClient       (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll

17:12:18.0640 3364        WebClient - ok

17:12:18.0734 3364        winachsf        (74cf3f2e4e40c4a2e18d39d6300a5c24) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys

17:12:18.0859 3364        winachsf - ok

17:12:18.0984 3364        winmgmt         (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll

17:12:19.0109 3364        winmgmt - ok

17:12:19.0312 3364        WLANKEEPER      (afb5a2a79bb01699a269c316d8b9bef1) C:\Programme\Intel\Wireless\Bin\WLKeeper.exe

17:12:19.0343 3364        WLANKEEPER ( UnsignedFile.Multi.Generic ) - warning

17:12:19.0343 3364        WLANKEEPER - detected UnsignedFile.Multi.Generic (1)

17:12:19.0390 3364        WmdmPmSN        (a477391b7a8b0a0daabadb17cf533a4b) C:\WINDOWS\system32\mspmsnsv.dll

17:12:19.0421 3364        WmdmPmSN - ok

17:12:19.0515 3364        Wmi             (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll

17:12:19.0656 3364        Wmi - ok

17:12:19.0703 3364        WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe

17:12:19.0828 3364        WmiApSrv - ok

17:12:19.0875 3364        wscsvc          (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll

17:12:19.0984 3364        wscsvc - ok

17:12:19.0984 3364        WSearch - ok

17:12:20.0015 3364        wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll

17:12:20.0109 3364        wuauserv - ok

17:12:20.0218 3364        WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll

17:12:20.0421 3364        WZCSVC - ok

17:12:20.0484 3364        xmlprov         (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll

17:12:20.0640 3364        xmlprov - ok

17:12:20.0671 3364        MBR (0x1B8)     (dea9e81f0228b68c9adaf84c9b0cf931) \Device\Harddisk0\DR0

17:12:21.0328 3364        \Device\Harddisk0\DR0 - ok

17:12:21.0359 3364        Boot (0x1200)   (02b2ed2fc49224a91f6fc32a69b4f4bd) \Device\Harddisk0\DR0\Partition0

17:12:21.0359 3364        \Device\Harddisk0\DR0\Partition0 - ok

17:12:21.0359 3364        ============================================================

17:12:21.0359 3364        Scan finished

17:12:21.0359 3364        ============================================================

17:12:21.0468 3544        Detected object count: 28

17:12:21.0468 3544        Actual detected object count: 28

17:12:48.0296 3544        AegisP ( UnsignedFile.Multi.Generic ) - skipped by user

17:12:48.0296 3544        AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:12:48.0296 3544        APPDRV ( UnsignedFile.Multi.Generic ) - skipped by user

17:12:48.0296 3544        APPDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:12:48.0296 3544        aspnet_state ( UnsignedFile.Multi.Generic ) - skipped by user

17:12:48.0296 3544        aspnet_state ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:12:48.0312 3544        drvmcdb ( UnsignedFile.Multi.Generic ) - skipped by user

17:12:48.0312 3544        drvmcdb ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:12:48.0312 3544        drvnddm ( UnsignedFile.Multi.Generic ) - skipped by user

17:12:48.0312 3544        drvnddm ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:12:48.0312 3544        EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user

17:12:48.0312 3544        EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:12:48.0312 3544        FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user

17:12:48.0312 3544        FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:12:48.0328 3544        FsUsbExService ( UnsignedFile.Multi.Generic ) - skipped by user

17:12:48.0328 3544        FsUsbExService ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:12:48.0328 3544        NICCONFIGSVC ( UnsignedFile.Multi.Generic ) - skipped by user

17:12:48.0328 3544        NICCONFIGSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:12:48.0328 3544        omci ( UnsignedFile.Multi.Generic ) - skipped by user

17:12:48.0328 3544        omci ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:12:48.0343 3544        Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

17:12:48.0343 3544        Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:12:48.0343 3544        PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user

17:12:48.0343 3544        PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:12:48.0343 3544        RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user

17:12:48.0343 3544        RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:12:48.0343 3544        S24EventMonitor ( UnsignedFile.Multi.Generic ) - skipped by user

17:12:48.0343 3544        S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:12:48.0343 3544        s24trans ( UnsignedFile.Multi.Generic ) - skipped by user

17:12:48.0343 3544        s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:12:48.0343 3544        ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user

17:12:48.0343 3544        ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:12:48.0359 3544        sscdbhk5 ( UnsignedFile.Multi.Generic ) - skipped by user

17:12:48.0359 3544        sscdbhk5 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:12:48.0359 3544        ssrtln ( UnsignedFile.Multi.Generic ) - skipped by user

17:12:48.0359 3544        ssrtln ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:12:48.0359 3544        tfsnboio ( UnsignedFile.Multi.Generic ) - skipped by user

17:12:48.0359 3544        tfsnboio ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:12:48.0375 3544        tfsncofs ( UnsignedFile.Multi.Generic ) - skipped by user

17:12:48.0375 3544        tfsncofs ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:12:48.0375 3544        tfsndrct ( UnsignedFile.Multi.Generic ) - skipped by user

17:12:48.0375 3544        tfsndrct ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:12:48.0375 3544        tfsndres ( UnsignedFile.Multi.Generic ) - skipped by user

17:12:48.0375 3544        tfsndres ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:12:48.0390 3544        tfsnifs ( UnsignedFile.Multi.Generic ) - skipped by user

17:12:48.0390 3544        tfsnifs ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:12:48.0390 3544        tfsnopio ( UnsignedFile.Multi.Generic ) - skipped by user

17:12:48.0390 3544        tfsnopio ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:12:48.0390 3544        tfsnpool ( UnsignedFile.Multi.Generic ) - skipped by user

17:12:48.0406 3544        tfsnpool ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:12:48.0406 3544        tfsnudf ( UnsignedFile.Multi.Generic ) - skipped by user

17:12:48.0406 3544        tfsnudf ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:12:48.0406 3544        tfsnudfa ( UnsignedFile.Multi.Generic ) - skipped by user

17:12:48.0406 3544        tfsnudfa ( UnsignedFile.Multi.Generic ) - User select action: Skip 

17:12:48.0421 3544        WLANKEEPER ( UnsignedFile.Multi.Generic ) - skipped by user

17:12:48.0421 3544        WLANKEEPER ( UnsignedFile.Multi.Generic ) - User select action: Skip

Vielen Dank,
Alex