Trojaner-Board - Schweizer Eidgenossenschaft Trojaner

Guten Tag Liebes Team!

Wenn ich den Laptop starte kommt ein weisser Bildschirm und ein Text von der schweizer Eidgenossenschaft, dass ich 100chfr per Paypal zahlen soll :/ .

Habe jetzt mit OTL den Scan gemacht und poste im folgenden die otl.txt .

Hoffe auf eine Antwort, liebe Grüsse BernfOTL Logfile:

Code:

OTL logfile created on: 12/2/2012 6:46:10 PM - Run

OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE

Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 87.00% Memory free

2.00 Gb Paging File | 2.00 Gb Available in Paging File | 96.00% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 48.83 Gb Total Space | 32.48 Gb Free Space | 66.51% Space Free | Partition Type: NTFS

Drive D: | 184.05 Gb Total Space | 161.98 Gb Free Space | 88.01% Space Free | Partition Type: NTFS

Drive E: | 6.67 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Drive F: | 7.47 Gb Total Space | 6.68 Gb Free Space | 89.39% Space Free | Partition Type: FAT32

Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 

Computer Name: REATOGO | User Name: SYSTEM

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

Using ControlSet: ControlSet001
 

========== Win32 Services (SafeList) ==========
 

SRV - [2012/04/24 13:58:08 | 000,919,824 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Programme\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor) Intel(R)

SRV - [2012/04/24 12:55:46 | 000,870,672 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)

SRV - [2012/04/24 12:32:50 | 000,481,552 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Programme\Gemeinsame Dateien\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)

SRV - [2011/06/28 07:00:07 | 000,269,480 | ---- | M] (Avira GmbH) [Auto] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2011/04/29 12:37:53 | 000,136,360 | ---- | M] (Avira GmbH) [Auto] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)

SRV - [2009/06/03 10:16:42 | 000,207,400 | ---- | M] (ActivIdentity) [Auto] -- C:\Programme\Gemeinsame Dateien\ActivIdentity\ac.sharedstore.exe -- (ac.sharedstore)

SRV - [2008/04/18 08:54:02 | 000,354,840 | R--- | M] (Intel Corporation) [Auto] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTMON.EXE -- (IAANTMON) Intel(R)

SRV - [2007/12/11 06:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto] -- C:\WINDOWS\system32\agrsmsvc.exe -- (AgereModemAudio)

SRV - [2006/10/26 13:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)

SRV - [2006/10/26 08:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

SRV - [2005/01/31 07:03:32 | 000,159,744 | ---- | M] (Sage Sesam Ltd) [Auto] -- C:\Programme\Sesam\Security\SPISLMGR.exe -- (SESAM Licence Manager)

SRV - [2005/01/31 07:03:18 | 000,208,896 | ---- | M] (Sage Sesam Ltd) [Auto] -- C:\Programme\Sesam\Servers\LicSrv.exe -- (SESAM Licence Server)

SRV - [2004/05/28 03:30:32 | 000,376,832 | ---- | M] (Sage Sesam Ltd) [Auto] -- C:\Programme\Sesam\Servers\UsrMgmS.exe -- (SESAM User Management Server)

SRV - [2004/03/03 13:26:58 | 000,069,632 | ---- | M] (Sage Sesam Ltd) [Auto] -- C:\Programme\Sesam\Security\SvcCtrl.exe -- (SESAM Service Agent) 
 

 ========== Driver Services (SafeList) ==========
 

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)

DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)

DRV - File not found [Kernel | System] -- -- (PCIDump)

DRV - File not found [Kernel | System] -- -- (lbrtfdc)

DRV - File not found [Kernel | System] -- -- (i2omgmt)

DRV - File not found [Kernel | System] -- -- (Changer)

DRV - [2012/01/23 07:33:50 | 007,477,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NETwNx32.sys -- (NETwNx32) ___ Intel(R)

DRV - [2011/06/28 07:00:07 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)

DRV - [2011/06/28 07:00:07 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)

DRV - [2011/03/12 11:57:59 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)

DRV - [2010/06/17 08:27:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)

DRV - [2010/06/17 08:26:52 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)

DRV - [2010/06/14 03:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)

DRV - [2010/05/19 15:15:04 | 000,013,952 | ---- | M] (Intel Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)

DRV - [2010/04/26 21:25:16 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)

DRV - [2010/04/26 21:25:16 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)

DRV - [2010/04/26 21:25:16 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)

DRV - [2010/03/01 08:56:28 | 000,482,176 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ATSwpWDF.sys -- (ATSwpWDF)

DRV - [2010/02/25 08:19:24 | 000,009,216 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey)

DRV - [2010/02/25 08:19:12 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)

DRV - [2009/05/30 18:41:26 | 000,209,960 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k) Broadcom NetLink (TM)

DRV - [2008/07/23 05:31:38 | 000,044,800 | ---- | M] (Infineon Technologies AG) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ifxtpm.sys -- (IFXTPM)

DRV - [2008/04/28 00:14:54 | 003,626,112 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) Intel(R)

DRV - [2008/04/10 11:27:34 | 001,804,160 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)

DRV - [2008/03/31 11:04:30 | 000,023,040 | R--- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Accelerometer.sys -- (Accelerometer)

DRV - [2008/03/31 11:04:30 | 000,017,664 | R--- | M] (Hewlett-Packard Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\hpdskflt.sys -- (hpdskflt)

DRV - [2008/03/28 05:14:02 | 000,024,064 | R--- | M] (Sonic Focus, Inc) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfaudio.sys -- (SFAUDIO)

DRV - [2008/02/29 10:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)

DRV - [2007/06/20 22:40:02 | 000,056,448 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SCR3XX2K.sys -- (SCR3XX2K)

DRV - [2003/06/18 11:10:06 | 000,013,056 | R--- | M] (C Technologies) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MyPenPro.sys -- (MyPenPro)
 
 

========== Standard Registry (SafeList) ========== 
 

 ========== Internet Explorer ==========
 
 
 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVer sion\Internet Settings: "ProxyEnable" = 0
 
 
 

IE - HKU\wolfe_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/

IE - HKU\wolfe_ON_C\Software\Microsoft\Windows\CurrentV ersion\Internet Settings: "ProxyEnable" = 0
 

========== FireFox ==========
 
 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpda te3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpda te3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Dokumente und Einstellungen\wolfe\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21 .123\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Dokumente und Einstellungen\wolfe\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21 .123\npGoogleUpdate3.dll (Google Inc.)
 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011/06/28 07:28:14 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins
 

[2011/06/28 07:28:23 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\wolfe\Anwendungsdaten\mozilla\Extens ions

[2011/06/28 07:28:14 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions

[2011/10/10 05:51:43 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

File not found (No name found) --

[2011/01/18 06:58:38 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF

[2011/06/15 23:32:37 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll

[2010/01/01 03:00:00 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml

[2010/01/01 03:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml

[2010/01/01 03:00:00 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml

[2010/01/01 03:00:00 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml

[2010/01/01 03:00:00 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml

[2010/01/01 03:00:00 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 

O1 HOSTS File: ([2006/02/28 06:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll ()

O3 - HKU\wolfe_ON_C\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll ()

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [AccelerometerSysTrayApplet] C:\WINDOWS\system32\accelerometerST.exe (Hewlett-Packard Corporation)

O4 - HKLM..\Run: [accrdsub] C:\Programme\ActivIdentity\ActivClient\accrdsub.ex e (ActivIdentity)

O4 - HKLM..\Run: [acevents] C:\Programme\ActivIdentity\ActivClient\acevents.ex e (ActivIdentity)

O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Programme\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE (Intel Corporation)

O4 - HKLM..\Run: [IntelWireless] C:\Programme\Gemeinsame Dateien\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)

O4 - HKLM..\Run: [IntelZeroConfig] C:\Programme\Intel\WiFi\bin\ZCfgSvc.exe (Intel(R) Corporation)

O4 - HKLM..\Run: [NPSStartup] File not found

O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKU\wolfe_ON_C..\Run: [DAEMON Tools Lite] C:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk = C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)

O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\MyPen Pro.lnk = C:\Programme\C-CHANNEL\MyPen Pro\MyPenPro.exe (C Technologies AB (publ))

O4 - Startup: C:\Dokumente und Einstellungen\wolfe\Startmenü\Programme\Autostart\ Pervasive.SQL Workgroup Engine.lnk = C:\PVSW\Bin\w3dbsmgr.exe ()

O4 - Startup: C:\Dokumente und Einstellungen\wolfe\Startmenü\Programme\Autostart\ Sage Sesam Service Monitor.lnk = C:\Programme\Sesam\Servers\LicMon.exe (Sage Sesam Ltd)

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVer sion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\C urrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows \CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\wolfe_ON_C\SOFTWARE\Microsoft\Windows\CurrentV ersion\policies\Explorer: NoDriveTypeAutoRun = 145

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsu...?1295350956187 (WUWebControl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKU\wolfe_ON_C Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKU\wolfe_ON_C Winlogon: Shell - (C:\Dokumente und Einstellungen\wolfe\Anwendungsdaten\skype.dat) - C:\Dokumente und Einstellungen\wolfe\Anwendungsdaten\skype.dat ()

O20 - Winlogon\Notify\ackpbsc: DllName - C:\Programme\ActivIdentity\ActivClient\ackpbsc.dll - C:\Programme\ActivIdentity\ActivClient\ackpbsc.dll (ActivIdentity)

O20 - Winlogon\Notify\acunlock: DllName - C:\Programme\ActivIdentity\ActivClient\acunlock.dl l - C:\Programme\ActivIdentity\ActivClient\acunlock.dl l (ActivIdentity)

O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home

O24 - Desktop WallPaper:

O24 - Desktop BackupWallPaper:

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2011/01/17 13:00:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2008/05/06 07:26:23 | 000,000,309 | R--- | M] () - E:\autorun.inf -- [ CDFS ]

O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]

O33 - MountPoints2\{711dd861-2265-11e0-aa4c-d7ab9600e407}\Shell - "" = AutoRun

O33 - MountPoints2\{711dd861-2265-11e0-aa4c-d7ab9600e407}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{711dd861-2265-11e0-aa4c-d7ab9600e407}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a

O33 - MountPoints2\{97122c1f-728a-11e0-aa95-002264571579}\Shell - "" = AutoRun

O33 - MountPoints2\{97122c1f-728a-11e0-aa95-002264571579}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{97122c1f-728a-11e0-aa95-002264571579}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a

O33 - MountPoints2\F\Shell - "" = AutoRun

O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- [2007/10/23 08:45:40 | 001,336,632 | R--- | M] ()

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

Beitrag bearbeiten/löschen
 

 NetSvcs: 6to4 - File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - File not found

NetSvcs: Irmon - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found
 

Drivers32: aux - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)

Drivers32: midi - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)

Drivers32: midimapper - C:\WINDOWS\System32\midimap.dll (Microsoft Corporation)

Drivers32: mixer - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)

Drivers32: msacm.imaadpcm - C:\WINDOWS\System32\imaadp32.acm (Microsoft Corporation)

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.msadpcm - C:\WINDOWS\System32\msadp32.acm (Microsoft Corporation)

Drivers32: msacm.msaudio1 - C:\WINDOWS\System32\msaud32.acm (Microsoft Corporation)

Drivers32: msacm.msg711 - C:\WINDOWS\System32\msg711.acm (Microsoft Corporation)

Drivers32: msacm.msg723 - C:\WINDOWS\System32\msg723.acm (Microsoft Corporation)

Drivers32: msacm.msgsm610 - C:\WINDOWS\System32\msgsm32.acm (Microsoft Corporation)

Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)

Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)

Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)

Drivers32: VIDC.I420 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)

Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)

Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

Drivers32: VIDC.IYUV - C:\WINDOWS\System32\iyuv_32.dll (Microsoft Corporation)

Drivers32: vidc.M261 - C:\WINDOWS\System32\msh261.drv (Microsoft Corporation)

Drivers32: vidc.M263 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)

Drivers32: vidc.mrle - C:\WINDOWS\System32\msrle32.dll (Microsoft Corporation)

Drivers32: vidc.msvc - C:\WINDOWS\System32\msvidc32.dll (Microsoft Corporation)

Drivers32: VIDC.UYVY - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)

Drivers32: VIDC.YUY2 - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)

Drivers32: VIDC.YVU9 - C:\WINDOWS\System32\tsbyuv.dll (Microsoft Corporation)

Drivers32: VIDC.YVYU - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)

Drivers32: wave - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)

Drivers32: wavemapper - C:\WINDOWS\System32\msacm32.drv (Microsoft Corporation)
 

========== Files/Folders - Created Within 30 Days ==========
 

[2012/12/02 18:07:50 | 000,000,000 | ---D | C] -- C:\_OTL

[2012/11/24 08:33:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\wolfe\Desktop\spanien volleyball

[2012/11/14 06:56:34 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\LocalService\Favoriten

[2012/11/14 06:56:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Adobe

[2012/11/10 08:46:43 | 000,066,048 | ---- | C] (SEIKO EPSON CORP.) -- C:\Dokumente und Einstellungen\wolfe\easkwtpqpry.exe

[2012/11/10 08:46:42 | 000,055,808 | ---- | C] (SEIKO EPSON CORP.) -- C:\Dokumente und Einstellungen\wolfe\wbiluarhgrauqrajdycyio.exe

[2012/10/31 09:45:47 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\lsass.exe

[2011/01/17 17:44:41 | 000,176,128 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll

[2011/01/17 17:44:37 | 000,180,224 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
 

========== Files - Modified Within 30 Days ==========
 

[2012/12/02 12:24:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2012/12/02 12:24:00 | 000,000,004 | ---- | M] () -- C:\Dokumente und Einstellungen\wolfe\Anwendungsdaten\skype.ini

[2012/12/02 12:22:18 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2012/12/02 11:06:02 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2012/12/02 10:44:02 | 000,001,210 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-220523388-1801674531-1003UA.job

[2012/12/02 10:32:41 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2012/11/29 19:46:20 | 000,002,342 | ---- | M] () -- C:\Dokumente und Einstellungen\wolfe\Anwendungsdaten\Microsoft\Inte rnet Explorer\Quick Launch\Google Chrome.lnk

[2012/11/29 13:44:00 | 000,001,158 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-220523388-1801674531-1003Core.job

[2012/11/23 10:45:45 | 000,002,241 | ---- | M] () -- C:\Dokumente und Einstellungen\wolfe\Desktop\Skype.lnk

[2012/11/22 06:23:46 | 000,419,554 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat

[2012/11/22 06:23:46 | 000,404,302 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2012/11/22 06:23:46 | 000,076,402 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat

[2012/11/22 06:23:46 | 000,063,522 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2012/11/18 11:24:26 | 083,023,306 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\dsgsdgdsgdsgw.pad

[2012/11/09 09:32:08 | 000,053,760 | ---- | M] () -- C:\Dokumente und Einstellungen\wolfe\0.23424533847462592.exe

[2012/11/04 09:39:46 | 000,109,056 | ---- | M] () -- C:\Dokumente und Einstellungen\wolfe\dildptvfbm.exe

[2012/11/04 09:39:46 | 000,089,600 | ---- | M] () -- C:\Dokumente und Einstellungen\wolfe\rojwxdnhuhitlfbrxmht.exe
 

========== Files Created - No Company Name ==========
 

[2012/11/29 09:48:07 | 000,000,004 | ---- | C] () -- C:\Dokumente und Einstellungen\wolfe\Anwendungsdaten\skype.ini

[2012/11/09 09:32:07 | 000,053,760 | ---- | C] () -- C:\Dokumente und Einstellungen\wolfe\0.23424533847462592.exe

[2012/11/04 09:39:46 | 000,109,056 | ---- | C] () -- C:\Dokumente und Einstellungen\wolfe\dildptvfbm.exe

[2012/11/04 09:39:45 | 000,089,600 | ---- | C] () -- C:\Dokumente und Einstellungen\wolfe\rojwxdnhuhitlfbrxmht.exe

[2012/11/01 11:35:59 | 000,109,056 | ---- | C] () -- C:\Dokumente und Einstellungen\wolfe\dtresfflsceez.exe

[2012/11/01 11:35:58 | 000,087,040 | ---- | C] () -- C:\Dokumente und Einstellungen\wolfe\obsnwslxjacspgadmxxzjeiwq.exe

[2012/10/31 09:45:47 | 083,023,306 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\dsgsdgdsgdsgw.pad

[2012/10/18 10:48:59 | 000,000,230 | ---- | C] () -- C:\WINDOWS\CCPen200.ini

[2011/06/28 07:28:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2011/03/16 05:47:35 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat

[2011/03/14 16:34:48 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll

[2011/03/14 16:34:48 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys

[2011/03/14 16:34:43 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\wolfe\Anwendungsdaten\$_hpcst$.hpc

[2011/01/22 10:47:00 | 000,000,184 | ---- | C] () -- C:\WINDOWS\bti.ini

[2011/01/22 10:46:36 | 000,043,760 | ---- | C] () -- C:\WINDOWS\System32\nwlocale.dll

[2011/01/18 13:49:14 | 000,012,288 | ---- | C] () -- C:\Dokumente und Einstellungen\wolfe\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/01/17 17:44:41 | 001,804,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys

[2011/01/17 17:44:41 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys

[2011/01/17 17:44:41 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2uvc.ini

[2011/01/17 17:44:09 | 000,000,571 | ---- | C] () -- C:\WINDOWS\HBCIKRNL.INI

[2011/01/17 15:28:29 | 001,991,464 | R--- | C] () -- C:\WINDOWS\System32\igkrng500.bin

[2011/01/17 15:28:29 | 000,432,400 | R--- | C] () -- C:\WINDOWS\System32\igcompkrng500.bin

[2011/01/17 15:28:29 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4953.dll

[2011/01/17 13:03:48 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2011/01/17 12:58:21 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2011/01/17 12:39:36 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2011/01/17 12:38:39 | 000,264,616 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2007/10/25 11:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys

[2006/02/28 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2006/02/28 06:00:00 | 000,419,554 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat

[2006/02/28 06:00:00 | 000,404,302 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2006/02/28 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2006/02/28 06:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat

[2006/02/28 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2006/02/28 06:00:00 | 000,076,647 | ---- | C] () -- C:\Dokumente und Einstellungen\wolfe\Anwendungsdaten\skype.dat

[2006/02/28 06:00:00 | 000,076,402 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat

[2006/02/28 06:00:00 | 000,063,522 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2006/02/28 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2006/02/28 06:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat

[2006/02/28 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2006/02/28 06:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2006/02/28 06:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin

[2006/02/28 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[2002/05/28 12:55:42 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2002/05/28 12:54:40 | 000,004,605 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
 

========== LOP Check ==========

Beitrag bearbeiten/löschen
 

 [2012/08/13 12:06:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\wolfe\Anwendungsdaten\.jfwupdate

[2012/08/13 12:06:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\wolfe\Anwendungsdaten\.Kanton TG

[2011/03/12 11:58:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\wolfe\Anwendungsdaten\DAEMON Tools Lite

[2011/03/14 16:50:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\wolfe\Anwendungsdaten\Samsung

[2011/03/13 06:14:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite

[2011/03/14 16:35:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung
 

========== Purity Check ==========
 
 
 

========== Custom Scans ==========
 
 

< %SYSTEMDRIVE%\*.* >

[2011/01/17 13:00:35 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT

[2011/01/17 12:49:23 | 000,000,211 | -HS- | M] () -- C:\boot.ini

[2006/02/28 06:00:00 | 000,004,952 | RHS- | M] () -- C:\bootfont.bin

[2011/01/18 15:31:59 | 000,000,164 | ---- | M] () -- C:\chicony.log

[2011/01/17 13:00:35 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS

[2011/01/18 15:25:39 | 000,000,161 | ---- | M] () -- C:\esuinst.log

[2011/01/18 15:23:05 | 000,000,198 | ---- | M] () -- C:\esu_xpsp2.log

[2011/01/18 15:29:56 | 000,064,962 | ---- | M] () -- C:\intel_chipset.log

[2011/01/18 15:30:55 | 000,256,984 | ---- | M] () -- C:\intel_msm.log

[2011/01/17 13:00:35 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2011/01/17 13:00:35 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2006/02/28 06:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM

[2011/01/17 16:18:58 | 000,251,712 | RHS- | M] () -- C:\ntldr

[2012/12/02 17:34:42 | 000,055,736 | ---- | M] () -- C:\OTL.Txt

[2012/12/02 12:22:08 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys

[2011/01/18 15:25:39 | 000,000,227 | ---- | M] () -- C:\sedinst2.log

[2011/01/18 15:35:14 | 000,000,087 | ---- | M] () -- C:\setup.log

[2011/01/18 15:33:27 | 000,000,187 | ---- | M] () -- C:\syntpad.log
 

< %systemroot%\system32\*.wt >
 

< %systemroot%\system32\*.ruy >
 

< %systemroot%\Fonts\*.com >
 

< %systemroot%\Fonts\*.dll >
 

< %systemroot%\Fonts\*.ini >

[2011/01/17 13:00:21 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini
 

< %systemroot%\Fonts\*.ini2 >
 

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

[2006/10/26 13:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr .dll
 

< %systemroot%\REPAIR\*.bak1 >
 

< %systemroot%\REPAIR\*.ini >
 

< %systemroot%\system32\*.jpg >
 

< %systemroot%\*.scr >
 

< %systemroot%\*._sy >
 

Invalid Environment Variable: %APPDATA%\Adobe\Update\*.*
 

Invalid Environment Variable: %ALLUSERSPROFILE%\Favorites\*.*
 

Invalid Environment Variable: %APPDATA%\Microsoft\*.*
 

< %PROGRAMFILES%\*.* >
 

Invalid Environment Variable: %APPDATA%\Update\*.*
 

< %systemroot%\*. /mp /s >
 

< CREATERESTOREPOINT >
 

< %systemroot%\system32\*.dll /lockedfiles >

[2008/04/14 01:52:10 | 000,147,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dnsapi.dll

[2009/03/07 22:39:48 | 011,063,808 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll

[2009/03/07 22:32:22 | 001,985,024 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iertutil.dll

[2008/04/14 01:52:20 | 000,280,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\mstask.dll

[2008/04/14 01:52:22 | 000,067,072 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ntdsapi.dll

[2008/04/14 01:52:26 | 008,502,272 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shell32.dll
 

< %systemroot%\Tasks\*.job /lockedfiles >
 

< %systemroot%\System32\config\*.sav >

[2011/01/17 13:37:56 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav

[2011/01/17 13:37:56 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav

[2011/01/17 13:37:56 | 000,458,752 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
 

< %systemroot%\system32\user32.dll /md5 >

[2008/04/14 01:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
 

< %systemroot%\system32\ws2_32.dll /md5 >

[2008/04/14 01:52:34 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=6A35E2D6F5F052C84EC2CEB296389439 -- C:\WINDOWS\system32\ws2_32.dll
 

< %systemroot%\system32\ws2help.dll /md5 >

[2008/04/14 01:52:34 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=C7D8A0517CBF16B84F657DE87EBE9D4B -- C:\WINDOWS\system32\ws2help.dll
 
 

< MD5 for: EXPLORER.EXE >

[2006/02/28 06:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=22FE1BE02EADDE1632E478E4125639E0 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

[2008/04/14 01:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe

[2008/04/14 01:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
 

< MD5 for: WINLOGON.EXE >

[2006/02/28 06:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe

[2008/04/14 01:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe

[2008/04/14 01:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
 

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows\WindowsUpdate\AU >
 

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< End of report >

--- --- ---
Beitrag bearbeiten/löschen

Danke für die schnelle Antwort!

Im folgenden der tdsskiller log:

DANKE!

22:56:34.0781 1556 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
22:56:34.0843 1556 ============================================================
22:56:34.0843 1556 Current date / time: 2012/12/05 22:56:34.0843
22:56:34.0843 1556 SystemInfo:
22:56:34.0843 1556
22:56:34.0843 1556 OS Version: 5.1.2600 ServicePack: 3.0
22:56:34.0843 1556 Product type: Workstation
22:56:34.0843 1556 ComputerName: WOLF
22:56:34.0843 1556 UserName: wolfe
22:56:34.0843 1556 Windows directory: C:\WINDOWS
22:56:34.0843 1556 System windows directory: C:\WINDOWS
22:56:34.0843 1556 Processor architecture: Intel x86
22:56:34.0843 1556 Number of processors: 2
22:56:34.0843 1556 Page size: 0x1000
22:56:34.0843 1556 Boot type: Normal boot
22:56:34.0843 1556 ============================================================
22:56:35.0562 1556 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:56:35.0562 1556 Drive \Device\Harddisk1\DR3 - Size: 0xED400000 (3.71 Gb), SectorSize: 0x200, Cylinders: 0x1E3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:56:35.0562 1556 ============================================================
22:56:35.0562 1556 \Device\Harddisk0\DR0:
22:56:35.0562 1556 MBR partitions:
22:56:35.0562 1556 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A7927
22:56:35.0578 1556 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x61A79A5, BlocksNum 0x17018D1B
22:56:35.0578 1556 \Device\Harddisk1\DR3:
22:56:35.0578 1556 MBR partitions:
22:56:35.0578 1556 \Device\Harddisk1\DR3\Partition1: MBR, Type 0xB, StartLBA 0x1F80, BlocksNum 0x768080
22:56:35.0578 1556 ============================================================
22:56:35.0609 1556 C: <-> \Device\Harddisk0\DR0\Partition1
22:56:35.0640 1556 D: <-> \Device\Harddisk0\DR0\Partition2
22:56:35.0640 1556 ============================================================
22:56:35.0640 1556 Initialize success
22:56:35.0640 1556 ============================================================
23:00:39.0171 2100 ============================================================
23:00:39.0171 2100 Scan started
23:00:39.0171 2100 Mode: Manual; SigCheck; TDLFS;
23:00:39.0171 2100 ============================================================
23:00:39.0703 2100 ================ Scan system memory ========================
23:00:39.0703 2100 System memory - ok
23:00:39.0703 2100 ================ Scan services =============================
23:00:39.0781 2100 Abiosdsk - ok
23:00:39.0796 2100 abp480n5 - ok
23:00:39.0843 2100 [ 00659E56339389469473AEC41587E706 ] ac.sharedstore C:\Programme\Gemeinsame Dateien\ActivIdentity\ac.sharedstore.exe
23:00:40.0015 2100 ac.sharedstore - ok
23:00:40.0078 2100 [ 6C2E405D98E6342A9D66A2493E7AB15E ] Accelerometer C:\WINDOWS\system32\DRIVERS\Accelerometer.sys
23:00:40.0312 2100 Accelerometer - ok
23:00:40.0343 2100 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
23:00:40.0796 2100 ACPI - ok
23:00:40.0812 2100 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
23:00:40.0906 2100 ACPIEC - ok
23:00:40.0937 2100 [ FF60DB2ACA88543C025EACBA25CEE5C1 ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys
23:00:41.0000 2100 ADIHdAudAddService - ok
23:00:41.0000 2100 adpu160m - ok
23:00:41.0000 2100 [ FFF87A9B1AB36EE4B7BEC98A4CB01B79 ] AEAudio C:\WINDOWS\system32\drivers\AEAudio.sys
23:00:41.0046 2100 AEAudio - ok
23:00:41.0078 2100 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
23:00:41.0171 2100 aec - ok
23:00:41.0187 2100 [ 322D0E36693D6E24A2398BEE62A268CD ] AFD C:\WINDOWS\System32\drivers\afd.sys
23:00:41.0281 2100 AFD - ok
23:00:41.0296 2100 [ 8ED60797908FD394EEE0D6949F493224 ] AgereModemAudio C:\WINDOWS\system32\agrsmsvc.exe
23:00:41.0312 2100 AgereModemAudio - ok
23:00:41.0359 2100 [ 38325C6AA8EAE011897D61CE48EC6435 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
23:00:41.0484 2100 AgereSoftModem - ok
23:00:41.0484 2100 Aha154x - ok
23:00:41.0484 2100 aic78u2 - ok
23:00:41.0484 2100 aic78xx - ok
23:00:41.0515 2100 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
23:00:41.0640 2100 Alerter - ok
23:00:41.0656 2100 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
23:00:41.0734 2100 ALG - ok
23:00:41.0734 2100 AliIde - ok
23:00:41.0734 2100 amsint - ok
23:00:41.0781 2100 [ C27D46B06D340293670450FCE9DFB166 ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
23:00:41.0781 2100 AntiVirSchedulerService - ok
23:00:41.0796 2100 [ 72D90E56563165984224493069C69ED4 ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
23:00:41.0796 2100 AntiVirService - ok
23:00:41.0828 2100 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
23:00:41.0937 2100 AppMgmt - ok
23:00:41.0953 2100 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
23:00:42.0031 2100 Arp1394 - ok
23:00:42.0031 2100 asc - ok
23:00:42.0046 2100 asc3350p - ok
23:00:42.0046 2100 asc3550 - ok
23:00:42.0109 2100 [ D33C507942299753868204CC7642FA27 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
23:00:42.0125 2100 aspnet_state - ok
23:00:42.0140 2100 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:00:42.0234 2100 AsyncMac - ok
23:00:42.0265 2100 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
23:00:42.0375 2100 atapi - ok
23:00:42.0390 2100 Atdisk - ok
23:00:42.0406 2100 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
23:00:42.0515 2100 Atmarpc - ok
23:00:42.0562 2100 [ 1EC637725AEBE586508626BA50AF3324 ] ATSwpWDF C:\WINDOWS\system32\Drivers\ATSwpWDF.sys
23:00:42.0578 2100 ATSwpWDF - ok
23:00:42.0609 2100 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
23:00:42.0671 2100 AudioSrv - ok
23:00:42.0703 2100 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
23:00:42.0781 2100 audstub - ok
23:00:42.0828 2100 [ 0B497C79824F8E1BF22FA6AACD3DE3A0 ] avgio C:\Programme\Avira\AntiVir Desktop\avgio.sys
23:00:42.0828 2100 avgio - ok
23:00:42.0843 2100 [ 1E4114685DE1FFA9675E09C6A1FB3F4B ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
23:00:42.0859 2100 avgntflt - ok
23:00:42.0859 2100 [ 0F78D3DAE6DEDD99AE54C9491C62ADF2 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
23:00:42.0875 2100 avipbb - ok
23:00:42.0906 2100 [ FBC80C5AD5D6995614CD99D505EC812D ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
23:00:42.0921 2100 b57w2k - ok
23:00:42.0968 2100 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
23:00:43.0046 2100 Beep - ok
23:00:43.0093 2100 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
23:00:43.0203 2100 BITS - ok
23:00:43.0234 2100 [ B42057F06BBB98B31876C0B3F2B54E33 ] Browser C:\WINDOWS\System32\browser.dll
23:00:43.0312 2100 Browser - ok
23:00:43.0328 2100 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
23:00:43.0453 2100 cbidf2k - ok
23:00:43.0468 2100 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
23:00:43.0578 2100 CCDECODE - ok
23:00:43.0578 2100 cd20xrnt - ok
23:00:43.0593 2100 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
23:00:43.0703 2100 Cdaudio - ok
23:00:43.0765 2100 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
23:00:43.0875 2100 Cdfs - ok
23:00:43.0906 2100 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
23:00:44.0000 2100 Cdrom - ok
23:00:44.0000 2100 Changer - ok
23:00:44.0015 2100 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
23:00:44.0078 2100 CiSvc - ok
23:00:44.0093 2100 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
23:00:44.0156 2100 ClipSrv - ok
23:00:44.0218 2100 [ 3C4D595E7F9B747325AEF28B4ADCAAE5 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:00:44.0281 2100 clr_optimization_v2.0.50727_32 - ok
23:00:44.0296 2100 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
23:00:44.0375 2100 CmBatt - ok
23:00:44.0375 2100 CmdIde - ok
23:00:44.0453 2100 [ C7A0E61D5714AC20DE52D4F66EC773B8 ] Com4QLBEx C:\Programme\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
23:00:44.0453 2100 Com4QLBEx - ok
23:00:44.0468 2100 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
23:00:44.0546 2100 Compbatt - ok
23:00:44.0546 2100 COMSysApp - ok
23:00:44.0546 2100 Cpqarray - ok
23:00:44.0578 2100 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
23:00:44.0656 2100 CryptSvc - ok
23:00:44.0656 2100 dac2w2k - ok
23:00:44.0671 2100 dac960nt - ok
23:00:44.0703 2100 [ E970C2296916BF4A2F958680016FE312 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
23:00:44.0796 2100 DcomLaunch - ok
23:00:44.0828 2100 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
23:00:44.0921 2100 Dhcp - ok
23:00:44.0921 2100 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
23:00:45.0015 2100 Disk - ok
23:00:45.0015 2100 dmadmin - ok
23:00:45.0093 2100 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
23:00:45.0234 2100 dmboot - ok
23:00:45.0250 2100 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
23:00:45.0328 2100 dmio - ok
23:00:45.0359 2100 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
23:00:45.0437 2100 dmload - ok
23:00:45.0468 2100 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
23:00:45.0546 2100 dmserver - ok
23:00:45.0562 2100 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
23:00:45.0640 2100 DMusic - ok
23:00:45.0656 2100 [ 8C9ED3B2834AAE63081AB2DA831C6FE9 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
23:00:45.0734 2100 Dnscache - ok
23:00:45.0750 2100 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
23:00:45.0843 2100 Dot3svc - ok
23:00:45.0843 2100 dpti2o - ok
23:00:45.0875 2100 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
23:00:45.0953 2100 drmkaud - ok
23:00:45.0984 2100 [ 555E54AC2F601A8821CEF58961653991 ] dtsoftbus01 C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
23:00:45.0984 2100 dtsoftbus01 - ok
23:00:46.0015 2100 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
23:00:46.0078 2100 EapHost - ok
23:00:46.0109 2100 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
23:00:46.0187 2100 ERSvc - ok
23:00:46.0218 2100 [ 4BB6A83640F1D1792AD21CE767B621C6 ] Eventlog C:\WINDOWS\system32\services.exe
23:00:46.0296 2100 Eventlog - ok
23:00:46.0312 2100 [ 0F3EDAEE1EF97CF3DB2BE23A7289B78C ] EventSystem C:\WINDOWS\system32\es.dll
23:00:46.0390 2100 EventSystem - ok
23:00:46.0484 2100 [ B5DEC98E17E2A70A0A0BE542ED36F279 ] EvtEng C:\Programme\Intel\WiFi\bin\EvtEng.exe
23:00:46.0515 2100 EvtEng - ok
23:00:46.0546 2100 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
23:00:46.0640 2100 Fastfat - ok
23:00:46.0671 2100 [ 40602EBFBE06AA075C8E4560743F6883 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
23:00:46.0750 2100 FastUserSwitchingCompatibility - ok
23:00:46.0765 2100 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
23:00:46.0828 2100 Fdc - ok
23:00:46.0875 2100 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
23:00:46.0953 2100 Fips - ok
23:00:46.0968 2100 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
23:00:47.0031 2100 Flpydisk - ok
23:00:47.0062 2100 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
23:00:47.0140 2100 FltMgr - ok
23:00:47.0171 2100 [ CBE5F69A5E5B918225F420BA748F3742 ] FsUsbExDisk C:\WINDOWS\system32\FsUsbExDisk.SYS
23:00:47.0187 2100 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
23:00:47.0187 2100 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
23:00:47.0203 2100 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:00:47.0281 2100 Fs_Rec - ok
23:00:47.0312 2100 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
23:00:47.0390 2100 Ftdisk - ok
23:00:47.0390 2100 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
23:00:47.0468 2100 Gpc - ok
23:00:47.0531 2100 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
23:00:47.0531 2100 gupdate - ok
23:00:47.0546 2100 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
23:00:47.0546 2100 gupdatem - ok
23:00:47.0578 2100 [ FC657B7751729EFE54E2FF24F50E5BAB ] HBtnKey C:\WINDOWS\system32\DRIVERS\cpqbttn.sys
23:00:47.0625 2100 HBtnKey - ok
23:00:47.0640 2100 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
23:00:47.0734 2100 HDAudBus - ok
23:00:47.0765 2100 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
23:00:47.0843 2100 helpsvc - ok
23:00:47.0875 2100 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll
23:00:47.0953 2100 HidServ - ok
23:00:47.0968 2100 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
23:00:48.0046 2100 hidusb - ok
23:00:48.0078 2100 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
23:00:48.0156 2100 hkmsvc - ok
23:00:48.0171 2100 [ E8A95DF23097BCA840814D42F2EE5164 ] hpdskflt C:\WINDOWS\system32\DRIVERS\hpdskflt.sys
23:00:48.0187 2100 hpdskflt - ok
23:00:48.0187 2100 hpn - ok
23:00:48.0218 2100 [ 35956140E686D53BF676CF0C778880FC ] HpqKbFiltr C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys
23:00:48.0296 2100 HpqKbFiltr - ok
23:00:48.0328 2100 [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex C:\Programme\Hewlett-Packard\Shared\hpqwmiex.exe
23:00:48.0328 2100 hpqwmiex - ok
23:00:48.0375 2100 [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
23:00:48.0453 2100 HTTP - ok
23:00:48.0484 2100 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
23:00:48.0562 2100 HTTPFilter - ok
23:00:48.0562 2100 i2omgmt - ok
23:00:48.0562 2100 i2omp - ok
23:00:48.0593 2100 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
23:00:48.0687 2100 i8042prt - ok
23:00:48.0765 2100 [ 3AD7614C487C948ADD435662265750FB ] IAANTMON C:\Programme\Intel\Intel Matrix Storage Manager\IAANTMon.exe
23:00:48.0765 2100 IAANTMON - ok
23:00:48.0937 2100 [ F592A1B020723CFBD3D2722514066449 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
23:00:49.0281 2100 ialm - ok
23:00:49.0312 2100 [ DB0CC620B27A928D968C1A1E9CD9CB87 ] iaStor C:\WINDOWS\system32\DRIVERS\iaStor.sys
23:00:49.0328 2100 iaStor - ok
23:00:49.0359 2100 [ 91C5E9F49F32110CED27E2F902FAD607 ] IFXTPM C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS
23:00:49.0390 2100 IFXTPM - ok
23:00:49.0390 2100 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
23:00:49.0468 2100 Imapi - ok
23:00:49.0500 2100 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
23:00:49.0578 2100 ImapiService - ok
23:00:49.0578 2100 ini910u - ok
23:00:49.0578 2100 IntelIde - ok
23:00:49.0593 2100 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
23:00:49.0687 2100 intelppm - ok
23:00:49.0687 2100 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
23:00:49.0781 2100 Ip6Fw - ok
23:00:49.0796 2100 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:00:49.0875 2100 IpFilterDriver - ok
23:00:49.0890 2100 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
23:00:49.0968 2100 IpInIp - ok
23:00:50.0015 2100 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
23:00:50.0093 2100 IpNat - ok
23:00:50.0093 2100 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
23:00:50.0171 2100 IPSec - ok
23:00:50.0187 2100 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
23:00:50.0250 2100 IRENUM - ok
23:00:50.0265 2100 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
23:00:50.0343 2100 isapnp - ok
23:00:50.0406 2100 [ E731921DB2E17DCD3DB472FAD5549C57 ] JavaQuickStarterService C:\Programme\Java\jre6\bin\jqs.exe
23:00:50.0421 2100 JavaQuickStarterService - ok
23:00:50.0453 2100 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
23:00:50.0531 2100 Kbdclass - ok
23:00:50.0562 2100 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
23:00:50.0625 2100 kbdhid - ok
23:00:50.0671 2100 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
23:00:50.0750 2100 kmixer - ok
23:00:50.0781 2100 [ 1705745D900DABF2D89F90EBADDC7517 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
23:00:50.0875 2100 KSecDD - ok
23:00:50.0890 2100 [ D6EB4916B203CBE525F8EFF5FD5AB16C ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
23:00:50.0968 2100 lanmanserver - ok
23:00:50.0984 2100 [ C0DB1E9367681ECD7ECCA9615C1D0F9B ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
23:00:51.0046 2100 lanmanworkstation - ok
23:00:51.0046 2100 lbrtfdc - ok
23:00:51.0062 2100 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
23:00:51.0125 2100 LmHosts - ok
23:00:51.0203 2100 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe
23:00:51.0218 2100 McComponentHostService - ok
23:00:51.0234 2100 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
23:00:51.0312 2100 Messenger - ok
23:00:51.0343 2100 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe
23:00:51.0359 2100 Microsoft Office Groove Audit Service - ok
23:00:51.0390 2100 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
23:00:51.0468 2100 mnmdd - ok
23:00:51.0500 2100 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
23:00:51.0578 2100 mnmsrvc - ok
23:00:51.0609 2100 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
23:00:51.0687 2100 Modem - ok
23:00:51.0703 2100 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
23:00:51.0828 2100 Mouclass - ok
23:00:51.0843 2100 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
23:00:51.0968 2100 mouhid - ok
23:00:51.0968 2100 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
23:00:52.0078 2100 MountMgr - ok
23:00:52.0093 2100 mraid35x - ok
23:00:52.0093 2100 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
23:00:52.0187 2100 MRxDAV - ok
23:00:52.0218 2100 [ 68755F0FF16070178B54674FE5B847B0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:00:52.0343 2100 MRxSmb - ok
23:00:52.0359 2100 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
23:00:52.0437 2100 MSDTC - ok
23:00:52.0453 2100 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
23:00:52.0515 2100 Msfs - ok
23:00:52.0531 2100 MSIServer - ok
23:00:52.0546 2100 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:00:52.0625 2100 MSKSSRV - ok
23:00:52.0656 2100 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:00:52.0734 2100 MSPCLOCK - ok
23:00:52.0750 2100 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
23:00:52.0828 2100 MSPQM - ok
23:00:52.0843 2100 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
23:00:52.0937 2100 mssmbios - ok
23:00:52.0953 2100 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
23:00:53.0015 2100 MSTEE - ok
23:00:53.0031 2100 [ 2F625D11385B1A94360BFC70AAEFDEE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
23:00:53.0093 2100 Mup - ok
23:00:53.0140 2100 [ 0DD85367062E6A35948DFD9815E17385 ] MyPenPro C:\WINDOWS\system32\Drivers\MyPenPro.sys
23:00:53.0156 2100 MyPenPro ( UnsignedFile.Multi.Generic ) - warning
23:00:53.0156 2100 MyPenPro - detected UnsignedFile.Multi.Generic (1)
23:00:53.0187 2100 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
23:00:53.0281 2100 NABTSFEC - ok
23:00:53.0312 2100 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
23:00:53.0406 2100 napagent - ok
23:00:53.0421 2100 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
23:00:53.0515 2100 NDIS - ok
23:00:53.0531 2100 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
23:00:53.0593 2100 NdisIP - ok
23:00:53.0609 2100 [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:00:53.0718 2100 NdisTapi - ok
23:00:53.0750 2100 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:00:53.0859 2100 Ndisuio - ok
23:00:53.0875 2100 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:00:53.0984 2100 NdisWan - ok
23:00:53.0984 2100 [ 6215023940CFD3702B46ABC304E1D45A ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
23:00:54.0109 2100 NDProxy - ok
23:00:54.0125 2100 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
23:00:54.0218 2100 NetBIOS - ok
23:00:54.0234 2100 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
23:00:54.0359 2100 NetBT - ok
23:00:54.0375 2100 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
23:00:54.0484 2100 NetDDE - ok
23:00:54.0500 2100 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
23:00:54.0578 2100 NetDDEdsdm - ok
23:00:54.0609 2100 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
23:00:54.0671 2100 Netlogon - ok
23:00:54.0703 2100 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
23:00:54.0781 2100 Netman - ok
23:00:54.0890 2100 [ 0888844230083CE3B47395102BCA8207 ] NETw5x32 C:\WINDOWS\system32\DRIVERS\NETw5x32.sys
23:00:55.0156 2100 NETw5x32 - ok
23:00:55.0375 2100 [ DF282FE0D05CFA1115ED29D670195A15 ] NETwNx32 C:\WINDOWS\system32\DRIVERS\NETwNx32.sys
23:00:55.0843 2100 NETwNx32 - ok
23:00:55.0859 2100 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
23:00:56.0062 2100 NIC1394 - ok
23:00:56.0109 2100 [ F12B9D9A069331877D006CC81B4735F9 ] Nla C:\WINDOWS\System32\mswsock.dll
23:00:56.0187 2100 Nla - ok
23:00:56.0218 2100 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
23:00:56.0296 2100 Npfs - ok
23:00:56.0328 2100 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
23:00:56.0453 2100 Ntfs - ok
23:00:56.0453 2100 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
23:00:56.0531 2100 NtLmSsp - ok
23:00:56.0546 2100 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
23:00:56.0640 2100 NtmsSvc - ok
23:00:56.0656 2100 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
23:00:56.0734 2100 Null - ok
23:00:56.0765 2100 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
23:00:56.0843 2100 NwlnkFlt - ok
23:00:56.0859 2100 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
23:00:56.0937 2100 NwlnkFwd - ok
23:00:57.0015 2100 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
23:00:57.0046 2100 odserv - ok
23:00:57.0093 2100 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
23:00:57.0171 2100 ohci1394 - ok
23:00:57.0234 2100 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
23:00:57.0250 2100 ose - ok
23:00:57.0281 2100 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
23:00:57.0343 2100 Parport - ok
23:00:57.0359 2100 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
23:00:57.0437 2100 PartMgr - ok
23:00:57.0468 2100 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
23:00:57.0578 2100 ParVdm - ok
23:00:57.0578 2100 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
23:00:57.0687 2100 PCI - ok
23:00:57.0687 2100 PCIDump - ok
23:00:57.0703 2100 PCIIde - ok
23:00:57.0734 2100 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
23:00:57.0812 2100 Pcmcia - ok
23:00:57.0812 2100 PDCOMP - ok
23:00:57.0828 2100 PDFRAME - ok
23:00:57.0828 2100 PDRELI - ok
23:00:57.0828 2100 PDRFRAME - ok
23:00:57.0828 2100 perc2 - ok
23:00:57.0828 2100 perc2hib - ok
23:00:57.0859 2100 [ 4BB6A83640F1D1792AD21CE767B621C6 ] PlugPlay C:\WINDOWS\system32\services.exe
23:00:57.0921 2100 PlugPlay - ok
23:00:57.0937 2100 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
23:00:58.0000 2100 PolicyAgent - ok
23:00:58.0031 2100 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
23:00:58.0109 2100 PptpMiniport - ok
23:00:58.0109 2100 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
23:00:58.0171 2100 ProtectedStorage - ok
23:00:58.0171 2100 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
23:00:58.0250 2100 PSched - ok
23:00:58.0281 2100 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
23:00:58.0359 2100 Ptilink - ok
23:00:58.0359 2100 ql1080 - ok
23:00:58.0375 2100 Ql10wnt - ok
23:00:58.0375 2100 ql12160 - ok
23:00:58.0375 2100 ql1240 - ok
23:00:58.0375 2100 ql1280 - ok
23:00:58.0390 2100 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:00:58.0484 2100 RasAcd - ok
23:00:58.0515 2100 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
23:00:58.0593 2100 RasAuto - ok
23:00:58.0609 2100 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
23:00:58.0687 2100 Rasl2tp - ok
23:00:58.0718 2100 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
23:00:58.0796 2100 RasMan - ok
23:00:58.0796 2100 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:00:58.0875 2100 RasPppoe - ok
23:00:58.0875 2100 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
23:00:58.0968 2100 Raspti - ok
23:00:58.0984 2100 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:00:59.0062 2100 Rdbss - ok
23:00:59.0062 2100 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
23:00:59.0140 2100 RDPCDD - ok
23:00:59.0140 2100 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
23:00:59.0250 2100 rdpdr - ok
23:00:59.0296 2100 [ 6728E45B66F93C08F11DE2E316FC70DD ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
23:00:59.0375 2100 RDPWD - ok
23:00:59.0390 2100 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
23:00:59.0484 2100 RDSessMgr - ok
23:00:59.0500 2100 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
23:00:59.0593 2100 redbook - ok
23:00:59.0656 2100 [ 69C66820C92367812948488B0236639E ] RegSrvc C:\Programme\Gemeinsame Dateien\Intel\WirelessCommon\RegSrvc.exe
23:00:59.0671 2100 RegSrvc - ok
23:00:59.0671 2100 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
23:00:59.0765 2100 RemoteAccess - ok
23:00:59.0781 2100 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
23:00:59.0843 2100 RemoteRegistry - ok
23:00:59.0859 2100 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
23:00:59.0953 2100 RpcLocator - ok
23:00:59.0984 2100 [ E970C2296916BF4A2F958680016FE312 ] RpcSs C:\WINDOWS\system32\rpcss.dll
23:01:00.0046 2100 RpcSs - ok
23:01:00.0078 2100 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
23:01:00.0171 2100 RSVP - ok
23:01:00.0203 2100 [ F29F36DF6EE5908A3D87D1EE6850260E ] S24EventMonitor C:\Programme\Intel\WiFi\bin\S24EvMon.exe
23:01:00.0234 2100 S24EventMonitor - ok
23:01:00.0265 2100 [ 27FC71DA659305E260ACBDA15A318399 ] s24trans C:\WINDOWS\system32\DRIVERS\s24trans.sys
23:01:00.0312 2100 s24trans - ok
23:01:00.0328 2100 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
23:01:00.0390 2100 SamSs - ok
23:01:00.0406 2100 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
23:01:00.0484 2100 SCardSvr - ok
23:01:00.0515 2100 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
23:01:00.0593 2100 Schedule - ok
23:01:00.0640 2100 [ FC87D5E0328AFA97BF6D39DF96D5D356 ] SCR3XX2K C:\WINDOWS\system32\DRIVERS\SCR3XX2K.sys
23:01:00.0671 2100 SCR3XX2K - ok
23:01:00.0703 2100 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
23:01:00.0765 2100 Secdrv - ok
23:01:00.0796 2100 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
23:01:00.0859 2100 seclogon - ok
23:01:00.0859 2100 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
23:01:00.0953 2100 SENS - ok
23:01:00.0984 2100 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
23:01:01.0062 2100 serenum - ok
23:01:01.0078 2100 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
23:01:01.0156 2100 Serial - ok
23:01:01.0187 2100 [ 02ADCC6095D260CECC591D372F7B96E4 ] SESAM Licence Manager C:\Programme\Sesam\Security\SPISLMGR.exe
23:01:01.0187 2100 SESAM Licence Manager ( UnsignedFile.Multi.Generic ) - warning
23:01:01.0187 2100 SESAM Licence Manager - detected UnsignedFile.Multi.Generic (1)
23:01:01.0218 2100 [ 138FC00EA88C65E4169C477965E7C100 ] SESAM Licence Server C:\Programme\Sesam\Servers\LicSrv.exe
23:01:01.0218 2100 SESAM Licence Server ( UnsignedFile.Multi.Generic ) - warning
23:01:01.0218 2100 SESAM Licence Server - detected UnsignedFile.Multi.Generic (1)
23:01:01.0234 2100 [ B8A44641E88657857C7043820F91680D ] SESAM Service Agent C:\Programme\Sesam\Security\SvcCtrl.exe
23:01:01.0234 2100 SESAM Service Agent ( UnsignedFile.Multi.Generic ) - warning
23:01:01.0234 2100 SESAM Service Agent - detected UnsignedFile.Multi.Generic (1)
23:01:01.0250 2100 [ DF4735EB623524715316D0DE17B96DA1 ] SESAM User Management Server C:\Programme\Sesam\Servers\UsrMgmS.exe
23:01:01.0265 2100 SESAM User Management Server ( UnsignedFile.Multi.Generic ) - warning
23:01:01.0265 2100 SESAM User Management Server - detected UnsignedFile.Multi.Generic (1)
23:01:01.0296 2100 [ B6401608579B6431994425BA7653F774 ] SFAUDIO C:\WINDOWS\system32\drivers\sfaudio.sys
23:01:01.0312 2100 SFAUDIO - ok
23:01:01.0328 2100 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
23:01:01.0406 2100 Sfloppy - ok
23:01:01.0437 2100 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
23:01:01.0515 2100 SharedAccess - ok
23:01:01.0531 2100 [ 40602EBFBE06AA075C8E4560743F6883 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
23:01:01.0609 2100 ShellHWDetection - ok
23:01:01.0609 2100 Simbad - ok
23:01:01.0640 2100 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
23:01:01.0718 2100 SLIP - ok
23:01:01.0796 2100 [ CF9CDE12FBC19DBA8DE528B7511A2F4F ] SNP2UVC C:\WINDOWS\system32\DRIVERS\snp2uvc.sys
23:01:01.0937 2100 SNP2UVC - ok
23:01:01.0937 2100 Sparrow - ok
23:01:01.0984 2100 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
23:01:02.0093 2100 splitter - ok
23:01:02.0125 2100 [ 39356A9CDB6753A6D13A4072A9F5A4BB ] Spooler C:\WINDOWS\system32\spoolsv.exe
23:01:02.0203 2100 Spooler - ok
23:01:02.0218 2100 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
23:01:02.0296 2100 sr - ok
23:01:02.0296 2100 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
23:01:02.0375 2100 srservice - ok
23:01:02.0375 2100 [ 5252605079810904E31C332E241CD59B ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
23:01:02.0500 2100 Srv - ok
23:01:02.0515 2100 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
23:01:02.0593 2100 SSDPSRV - ok
23:01:02.0625 2100 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
23:01:02.0625 2100 ssmdrv - ok
23:01:02.0656 2100 [ 3F0164FBC0BD1ADBD02DF9759181451A ] ss_bbus C:\WINDOWS\system32\DRIVERS\ss_bbus.sys
23:01:02.0671 2100 ss_bbus - ok
23:01:02.0687 2100 [ B89D62206034E5FE573C80A24DD55675 ] ss_bmdfl C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys
23:01:02.0703 2100 ss_bmdfl - ok
23:01:02.0718 2100 [ 1ED0FCEA586FE2A416EE15196E5631DD ] ss_bmdm C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys
23:01:02.0734 2100 ss_bmdm - ok
23:01:02.0765 2100 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
23:01:02.0890 2100 stisvc - ok
23:01:02.0921 2100 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
23:01:03.0046 2100 streamip - ok
23:01:03.0062 2100 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
23:01:03.0171 2100 swenum - ok
23:01:03.0187 2100 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
23:01:03.0296 2100 swmidi - ok
23:01:03.0296 2100 SwPrv - ok
23:01:03.0296 2100 symc810 - ok
23:01:03.0312 2100 symc8xx - ok
23:01:03.0312 2100 sym_hi - ok
23:01:03.0312 2100 sym_u3 - ok
23:01:03.0375 2100 [ 926E0BB4CAC05D9A0C3B59DC16FE2F1C ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
23:01:03.0421 2100 SynTP - ok
23:01:03.0453 2100 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
23:01:03.0562 2100 sysaudio - ok
23:01:03.0609 2100 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
23:01:03.0718 2100 SysmonLog - ok
23:01:03.0734 2100 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
23:01:03.0843 2100 TapiSrv - ok
23:01:03.0890 2100 [ 93EA8D04EC73A85DB02EB8805988F733 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:01:03.0984 2100 Tcpip - ok
23:01:04.0000 2100 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
23:01:04.0062 2100 TDPIPE - ok
23:01:04.0078 2100 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
23:01:04.0171 2100 TDTCP - ok
23:01:04.0171 2100 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
23:01:04.0250 2100 TermDD - ok
23:01:04.0281 2100 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
23:01:04.0359 2100 TermService - ok
23:01:04.0359 2100 [ 40602EBFBE06AA075C8E4560743F6883 ] Themes C:\WINDOWS\System32\shsvcs.dll
23:01:04.0437 2100 Themes - ok
23:01:04.0453 2100 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
23:01:04.0531 2100 TlntSvr - ok
23:01:04.0546 2100 TosIde - ok
23:01:04.0562 2100 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
23:01:04.0640 2100 TrkWks - ok
23:01:04.0656 2100 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
23:01:04.0734 2100 Udfs - ok
23:01:04.0734 2100 ultra - ok
23:01:04.0781 2100 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
23:01:04.0890 2100 Update - ok
23:01:04.0906 2100 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
23:01:05.0000 2100 upnphost - ok
23:01:05.0000 2100 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
23:01:05.0078 2100 UPS - ok
23:01:05.0125 2100 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
23:01:05.0203 2100 usbccgp - ok
23:01:05.0218 2100 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
23:01:05.0296 2100 usbehci - ok
23:01:05.0312 2100 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
23:01:05.0406 2100 usbhub - ok
23:01:05.0406 2100 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
23:01:05.0468 2100 usbprint - ok
23:01:05.0531 2100 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
23:01:05.0593 2100 usbscan - ok
23:01:05.0609 2100 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
23:01:05.0687 2100 USBSTOR - ok
23:01:05.0703 2100 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
23:01:05.0765 2100 usbuhci - ok
23:01:05.0796 2100 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
23:01:05.0875 2100 usbvideo - ok
23:01:05.0890 2100 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
23:01:05.0968 2100 VgaSave - ok
23:01:05.0968 2100 ViaIde - ok
23:01:06.0015 2100 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
23:01:06.0078 2100 VolSnap - ok
23:01:06.0125 2100 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
23:01:06.0218 2100 VSS - ok
23:01:06.0234 2100 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
23:01:06.0312 2100 W32Time - ok
23:01:06.0328 2100 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:01:06.0406 2100 Wanarp - ok
23:01:06.0453 2100 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
23:01:06.0468 2100 Wdf01000 - ok
23:01:06.0484 2100 WDICA - ok
23:01:06.0515 2100 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
23:01:06.0593 2100 wdmaud - ok
23:01:06.0625 2100 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
23:01:06.0687 2100 WebClient - ok
23:01:06.0750 2100 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
23:01:06.0828 2100 winmgmt - ok
23:01:06.0843 2100 [ 6E18978B749F0696A774DE3F2CB142DD ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
23:01:06.0937 2100 WmdmPmSN - ok
23:01:06.0968 2100 [ 53E1CCF332A2F40B5E08476921CD8B44 ] Wmi C:\WINDOWS\System32\advapi32.dll
23:01:07.0078 2100 Wmi - ok
23:01:07.0093 2100 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
23:01:07.0171 2100 WmiAcpi - ok
23:01:07.0203 2100 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
23:01:07.0281 2100 WmiApSrv - ok
23:01:07.0312 2100 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
23:01:07.0390 2100 wscsvc - ok
23:01:07.0406 2100 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
23:01:07.0468 2100 WSTCODEC - ok
23:01:07.0484 2100 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
23:01:07.0562 2100 wuauserv - ok
23:01:07.0593 2100 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
23:01:07.0703 2100 WZCSVC - ok
23:01:07.0718 2100 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
23:01:07.0812 2100 xmlprov - ok
23:01:07.0812 2100 ================ Scan global ===============================
23:01:07.0843 2100 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
23:01:07.0859 2100 [ 4CD408F799D4A72B0DE1F1116A77A48E ] C:\WINDOWS\system32\winsrv.dll
23:01:07.0859 2100 [ 4CD408F799D4A72B0DE1F1116A77A48E ] C:\WINDOWS\system32\winsrv.dll
23:01:07.0875 2100 [ 4BB6A83640F1D1792AD21CE767B621C6 ] C:\WINDOWS\system32\services.exe
23:01:07.0875 2100 [Global] - ok
23:01:07.0875 2100 ================ Scan MBR ==================================
23:01:07.0890 2100 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
23:01:08.0218 2100 \Device\Harddisk0\DR0 - ok
23:01:08.0234 2100 [ 9EA3C774C540DD0B7FC5D1A94CA173F1 ] \Device\Harddisk1\DR3
23:01:08.0578 2100 \Device\Harddisk1\DR3 - ok
23:01:08.0578 2100 ================ Scan VBR ==================================
23:01:08.0578 2100 [ 9E0AF4295987FE66A51F1AEE5BE2F03A ] \Device\Harddisk0\DR0\Partition1
23:01:08.0578 2100 \Device\Harddisk0\DR0\Partition1 - ok
23:01:08.0609 2100 [ F6A5816315EC61A36A5C05DB41AF7894 ] \Device\Harddisk0\DR0\Partition2
23:01:08.0625 2100 \Device\Harddisk0\DR0\Partition2 - ok
23:01:08.0625 2100 [ C7DDB38E9778DDB6437F2D0A2D6B81D7 ] \Device\Harddisk1\DR3\Partition1
23:01:08.0625 2100 \Device\Harddisk1\DR3\Partition1 - ok
23:01:08.0625 2100 ============================================================
23:01:08.0625 2100 Scan finished
23:01:08.0625 2100 ============================================================
23:01:08.0734 0608 Detected object count: 6
23:01:08.0734 0608 Actual detected object count: 6
23:45:42.0781 0608 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
23:45:42.0781 0608 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:45:42.0781 0608 MyPenPro ( UnsignedFile.Multi.Generic ) - skipped by user
23:45:42.0781 0608 MyPenPro ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:45:42.0781 0608 SESAM Licence Manager ( UnsignedFile.Multi.Generic ) - skipped by user
23:45:42.0781 0608 SESAM Licence Manager ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:45:42.0781 0608 SESAM Licence Server ( UnsignedFile.Multi.Generic ) - skipped by user
23:45:42.0781 0608 SESAM Licence Server ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:45:42.0781 0608 SESAM Service Agent ( UnsignedFile.Multi.Generic ) - skipped by user
23:45:42.0781 0608 SESAM Service Agent ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:45:42.0781 0608 SESAM User Management Server ( UnsignedFile.Multi.Generic ) - skipped by user
23:45:42.0781 0608 SESAM User Management Server ( UnsignedFile.Multi.Generic ) - User select action: Skip