Trojaner-Board - Savings Sidekick wie los werden?

Hallo erst einmal danke für deine Unterstützung.
Habe alles nach deinen Anweisungen ausgeführt,
bekam aber nach dem scan nur eine Otl.txt
hofe diese genügt oder ich habe etwas falsch gemacht.

Code:

OTL logfile created on: 10.01.2013 18:19:44 - Run 2

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\Ralf Maier\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.5512)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

1,99 Gb Total Physical Memory | 1,54 Gb Available Physical Memory | 77,14% Memory free

3,33 Gb Paging File | 3,04 Gb Available in Paging File | 91,27% Paging File free

Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 105,10 Gb Total Space | 26,05 Gb Free Space | 24,78% Space Free | Partition Type: NTFS

Drive D: | 29,19 Gb Total Space | 16,88 Gb Free Space | 57,81% Space Free | Partition Type: NTFS

 

Computer Name: RALF | User Name: Ralf Maier | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2013.01.10 18:17:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Ralf Maier\Desktop\OTL.exe

PRC - [2012.09.12 16:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- c:\Programme\Microsoft Security Client\MsMpEng.exe

PRC - [2012.09.12 16:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Security Client\msseces.exe

PRC - [2011.12.12 00:00:00 | 000,122,000 | ---- | M] (Seiko Epson Corporation) -- C:\WINDOWS\system32\escsvc.exe

PRC - [2011.11.02 08:02:00 | 000,246,368 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIILE.EXE

PRC - [2011.10.31 14:25:08 | 001,058,400 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Programme\EPSON Software\Event Manager\EEventManager.exe

PRC - [2011.02.23 21:19:22 | 000,371,200 | ---- | M] (shbox.de) -- C:\Programme\FreePDF_XP\fpassist.exe

PRC - [2010.10.16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe

PRC - [2010.02.25 18:42:02 | 000,716,616 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe

PRC - [2010.02.25 18:40:18 | 001,047,880 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

PRC - [2009.05.14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Programme\Gemeinsame Dateien\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

PRC - [2009.03.26 09:20:40 | 000,315,392 | -H-- | M] (DeviceVM) -- C:\QSTART.SYS\config\DVMExportService.exe

PRC - [2009.01.04 12:57:28 | 004,462,464 | ---- | M] (Lenovo(Beijing)Limited) -- C:\Program Files\Lenovo\Energy Management\utility.exe

PRC - [2008.12.26 10:05:46 | 001,277,952 | ---- | M] (Lenovo (Beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\Energy Management.exe

PRC - [2008.09.27 10:00:24 | 000,430,080 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe

PRC - [2008.04.14 13:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2006.12.19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Programme\Gemeinsame Dateien\EPSON\EBAPI\eEBSvc.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2010.03.15 11:28:22 | 000,141,824 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll

MOD - [2009.02.27 15:41:26 | 000,311,296 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\pdfshell.DEU

MOD - [2008.05.21 17:33:22 | 000,045,056 | ---- | M] () -- C:\Program Files\Lenovo\Energy Management\KbdHook.dll

MOD - [2008.01.03 18:23:06 | 000,167,936 | ---- | M] () -- C:\Program Files\Lenovo\OneKey App\System Repair\LenovoAPI.dll

MOD - [2005.06.24 03:05:02 | 000,045,056 | ---- | M] () -- C:\Program Files\Lenovo\Energy Management\HookLib.dll

 

 
 ========== Services (SafeList) ==========

 

SRV - File not found [Auto | Stopped] -- C:\Programme\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe /s Norton Internet Security /m C:\Programme\Norton Internet Security\Engine\16.0.0.125\diMaster.dll /prefetch:1 -- (Norton Internet Security)

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)

SRV - [2012.12.07 20:08:55 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012.11.09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2012.09.12 16:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)

SRV - [2011.12.12 00:00:00 | 000,122,000 | ---- | M] (Seiko Epson Corporation) [Auto | Running] -- C:\WINDOWS\system32\escsvc.exe -- (EpsonScanSvc)

SRV - [2010.10.16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)

SRV - [2010.06.07 11:22:00 | 003,549,224 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\system32\GameMon.des -- (npggsvc)

SRV - [2010.03.27 15:52:51 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)

SRV - [2010.02.25 18:40:18 | 001,047,880 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)

SRV - [2010.02.25 18:37:08 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)

SRV - [2009.05.14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)

SRV - [2009.03.26 09:20:40 | 000,315,392 | -H-- | M] (DeviceVM) [Auto | Running] -- C:\QSTART.SYS\config\DVMExportService.exe -- (DvmMDES)

SRV - [2008.09.27 10:00:24 | 000,430,080 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe -- (System_Repair_UpdateMonitor)

SRV - [2006.12.19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)

SRV - [2006.10.26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RtsUCcid.sys -- (USBCCID)

DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\NIS\1000000.07D\SRTSPX.SYS -- (SRTSPX)

DRV - File not found [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\NIS\1000000.07D\SRTSP.SYS -- (SRTSP)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rts516xIR.sys -- (RtsUIR)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\PCASp50.sys -- (PCASp50)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.SYS -- (NAVEX15)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.SYS -- (NAVENG)

DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] --  -- (Changer)

DRV - [2010.06.14 08:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)

DRV - [2010.05.24 08:28:55 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)

DRV - [2010.02.25 10:18:08 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)

DRV - [2009.08.18 11:09:12 | 001,183,600 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BisonC07.sys -- (Cam5607)

DRV - [2009.07.20 12:08:26 | 005,795,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)

DRV - [2009.06.29 17:00:50 | 000,112,640 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)

DRV - [2009.06.29 17:00:50 | 000,102,656 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbfake.sys -- (hwusbfake)

DRV - [2009.04.10 04:33:14 | 000,165,888 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtsUStor.sys -- (RSUSBSTOR)

DRV - [2009.04.09 12:38:30 | 000,102,400 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)

DRV - [2009.03.27 07:33:42 | 000,130,816 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)

DRV - [2008.09.10 19:14:48 | 001,386,624 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)

DRV - [2008.08.28 17:39:08 | 000,048,192 | ---- | M] (Lenovo) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tvtumon.sys -- (tvtumon)

DRV - [2008.08.05 13:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)

DRV - [2008.01.11 14:58:42 | 000,009,472 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AcpiVpc.sys -- (ACPIVPC)

DRV - [2008.01.10 09:59:08 | 000,081,192 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WSVD.sys -- (WSVD)

DRV - [2007.05.23 09:33:58 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WimFltr.sys -- (WimFltr)

DRV - [2006.01.04 08:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)

DRV - [2005.11.03 15:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfvfs02.sys -- (sfvfs02)

DRV - [2005.08.10 13:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01)

DRV - [2005.05.16 14:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.lenovo.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/ [binary data]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.live.com/

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&FORM=LENIE

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://s4.freeaquazoo.de/

IE - HKCU\..\SearchScopes,DefaultScope = {0D7562AE-8EF6-416d-A838-AB665251703A}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = hxxp://www.daemon-search.com/search/web?q={searchTerms}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "Facemoods Search"

FF - prefs.js..browser.search.defaulturl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"

FF - prefs.js..browser.startup.homepage: "https://mail.google.com/mail/?tab=wm#inbox|hxxp://www.google.com/ig?hl=DE"

FF - prefs.js..extensions.enabledAddons: notreal.ccoptions%40environmentalchemistry.com:16.0.1

FF - prefs.js..extensions.enabledAddons: %7B0538E3E3-7E9B-4d49-8831-A227C80A7AD3%7D:2.2.2

FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0033-ABCDEFFEDCBA%7D:6.0.33

FF - prefs.js..extensions.enabledAddons: %7B20a82645-c095-46ed-80e3-08825760534b%7D:0.0.0

FF - prefs.js..extensions.enabledAddons: jqs%40sun.com:1.0

FF - prefs.js..extensions.enabledAddons: %7B5384767E-00D9-40E9-B72F-9CC39D655D6F%7D:1.4.2.1

FF - prefs.js..extensions.enabledAddons: %7B4BBDD651-70CF-4821-84F8-2B918CF89CA3%7D:7.1.0

FF - prefs.js..extensions.enabledAddons: %7B19503e42-ca3c-4c27-b1e2-9cdb2170ee34%7D:1.5.3

FF - prefs.js..extensions.enabledAddons: %7BD46E8522-6E86-44b1-A622-58C0668AD78E%7D:16.0.2

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.10

FF - prefs.js..extensions.enabledItems: de-DE@dictionaries.addons.mozilla.org:2.0.2

FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.3.3

FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.19

FF - prefs.js..extensions.enabledItems: {1280606b-2510-4fe0-97ef-9b5a22eafe41}:1.0.9

FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1

FF - prefs.js..extensions.enabledItems: {b9615918-d3de-44a4-ab65-76df7ea1f1c1}:0.3.18

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {4BBDD651-70CF-4821-84F8-2B918CF89CA3}:6.3.3.2

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29

FF - prefs.js..extensions.enabledItems: {D46E8522-6E86-44b1-A622-58C0668AD78E}:3.6.0

 

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Dokumente und Einstellungen\Ralf Maier\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Dokumente und Einstellungen\Ralf Maier\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.12.07 20:08:59 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.12.07 20:06:17 | 000,000,000 | ---D | M]

 

[2010.03.27 20:30:22 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\Mozilla\Extensions

[2013.01.10 14:56:36 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\Mozilla\Firefox\Profiles\equvl8h9.default\extensions

[2012.10.09 14:15:36 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\Mozilla\Firefox\Profiles\equvl8h9.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}

[2013.01.04 17:31:16 | 000,000,000 | ---D | M] (FEBE) -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\Mozilla\Firefox\Profiles\equvl8h9.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}

[2012.12.12 08:46:42 | 000,000,000 | ---D | M] (EPUBReader) -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\Mozilla\Firefox\Profiles\equvl8h9.default\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}

[2012.11.20 14:48:04 | 000,000,000 | ---D | M] ("Savings Sidekick") -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\Mozilla\Firefox\Profiles\equvl8h9.default\extensions\crossriderapp5060@crossrider.com

[2012.10.14 16:15:07 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\Mozilla\Firefox\Profiles\equvl8h9.default\extensions\de-DE@dictionaries.addons.mozilla.org

[2012.11.20 14:48:03 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\Mozilla\Firefox\Profiles\equvl8h9.default\extensions\crossriderapp5060@crossrider.com\chrome\content\extensionCode

[2012.12.05 14:57:58 | 000,159,639 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\Mozilla\Firefox\Profiles\equvl8h9.default\extensions\notreal.ccoptions@environmentalchemistry.com.xpi

[2013.01.10 14:56:36 | 000,347,812 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\Mozilla\Firefox\Profiles\equvl8h9.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi

[2012.11.23 18:02:50 | 000,804,627 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\Mozilla\Firefox\Profiles\equvl8h9.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

[2012.12.05 14:57:59 | 001,101,634 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\Mozilla\Firefox\Profiles\equvl8h9.default\extensions\{D46E8522-6E86-44b1-A622-58C0668AD78E}.xpi

[2008.11.17 17:14:06 | 000,001,362 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\Mozilla\Firefox\Profiles\equvl8h9.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}\chrome\skin\xpinstallItemGeneric.png

[2010.05.24 08:28:58 | 000,002,059 | ---- | M] () -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\Mozilla\Firefox\Profiles\equvl8h9.default\searchplugins\daemon-search.xml

[2008.03.29 12:02:42 | 000,002,649 | ---- | M] () -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\Mozilla\Firefox\Profiles\equvl8h9.default\searchplugins\RocketDivisionSearch.xml

[2012.12.07 20:06:14 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions

[2012.12.07 20:06:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

[2012.12.07 20:06:14 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\inspector@mozilla.org

[2012.07.29 10:41:13 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF

[2010.03.31 02:35:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION

[2012.12.07 20:08:59 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll

[2012.06.18 14:28:06 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml

[2012.08.31 16:35:34 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml

[2012.06.18 14:28:06 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml

[2012.06.18 14:28:06 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml

[2012.06.18 14:28:06 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml

[2012.06.18 14:28:06 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml

 
 ========== Chrome  ==========

 

CHR - homepage: hxxp://www.google.com/

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},

CHR - homepage: hxxp://www.google.com/

CHR - plugin: Shockwave Flash (Enabled) = C:\Dokumente und Einstellungen\Ralf Maier\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\23.0.1271.95\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll

CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:\Programme\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Dokumente und Einstellungen\Ralf Maier\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Dokumente und Einstellungen\Ralf Maier\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\23.0.1271.95\pdf.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll

CHR - plugin: Google Update (Enabled) = C:\Dokumente und Einstellungen\Ralf Maier\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.69\npGoogleUpdate3.dll

CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Programme\VideoLAN\VLC\npvlc.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Programme\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

CHR - Extension: Savings Sidekick = C:\Dokumente und Einstellungen\Ralf Maier\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo\1.20.36_0\crossrider

CHR - Extension: Savings Sidekick = C:\Dokumente und Einstellungen\Ralf Maier\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo\1.20.36_0\

CHR - Extension: AdBlock = C:\Dokumente und Einstellungen\Ralf Maier\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.49_0\

 

O1 HOSTS File: ([2008.04.14 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\EPSON Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)

O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\EPSON Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.

O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [EEventManager] C:\Programme\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)

O4 - HKLM..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)

O4 - HKLM..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe (Lenovo(Beijing)Limited)

O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)

O4 - HKLM..\Run: [MSC] c:\Programme\Microsoft Security Client\msseces.exe (Microsoft Corporation)

O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKCU..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIILE.EXE (SEIKO EPSON CORPORATION)

O4 - HKCU..\Run: [EPLTarget\P0000000000000001] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIILE.EXE (SEIKO EPSON CORPORATION)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O9 - Extra Button: LENOVO - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - hxxp://www.lenovo.com File not found

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)

O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AC84A028-5F97-497E-9DD9-12662C809B37}: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home

O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Ralf Maier\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Ralf Maier\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2008.07.03 09:42:13 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\{6050b4a8-c8b8-11df-8f32-002622daeda3}\Shell - "" = AutoRun

O33 - MountPoints2\{6050b4a8-c8b8-11df-8f32-002622daeda3}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{6050b4a8-c8b8-11df-8f32-002622daeda3}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{833f6520-48ea-11dd-a2d1-806d6172696f}\Shell - "" = AutoRun

O33 - MountPoints2\{833f6520-48ea-11dd-a2d1-806d6172696f}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{833f6520-48ea-11dd-a2d1-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe

O33 - MountPoints2\{ff258279-4425-11df-8e5d-002622daeda3}\Shell - "" = AutoRun

O33 - MountPoints2\{ff258279-4425-11df-8e5d-002622daeda3}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{ff258279-4425-11df-8e5d-002622daeda3}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a

O34 - HKLM BootExecute: (autocheck autochk /r \??\E:)

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4

ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offlinebrowsingpaket

ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe

ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework

ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer-Hilfe

ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7

ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser

ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsererweiterungen

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - Zugang zu MSN Site

ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework

ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install

ActiveX: {9309DD7E-EBFE-3C95-8B47-30D3A012F606} - .NET Framework

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML-Datenbindung

ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} - 

ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework

ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer-Hauptschriftarten

ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner

ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1

ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML-Hilfe

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE

ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

 

NetSvcs: 6to4 -  File not found

NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found

NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found

NetSvcs: Ias -  File not found

NetSvcs: Iprip -  File not found

NetSvcs: Irmon -  File not found

NetSvcs: NWCWorkstation -  File not found

NetSvcs: Nwsapagent -  File not found

NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)

NetSvcs: WmdmPmSp -  File not found

 

MsConfig - StartUpReg: Google Update - hkey= - key= - C:\Dokumente und Einstellungen\Ralf Maier\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe (Google Inc.)

MsConfig - State: "system.ini" - 0

MsConfig - State: "win.ini" - 0

MsConfig - State: "bootini" - 0

MsConfig - State: "services" - 0

MsConfig - State: "startup" - 0

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2013.01.10 18:17:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Ralf Maier\Desktop\OTL.exe

[2013.01.10 15:15:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ralf Maier\Desktop\epson

[2013.01.10 14:47:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\Epson

[2013.01.10 14:25:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\UDL

[2013.01.10 14:20:59 | 000,000,000 | ---D | C] -- C:\Programme\EpsonNet

[2013.01.10 13:38:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ralf Maier\Lokale Einstellungen\Anwendungsdaten\ABBYY

[2013.01.10 13:37:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ABBYY FineReader 9.0 Sprint

[2013.01.10 13:37:04 | 000,000,000 | ---D | C] -- C:\Programme\ABBYY FineReader 9.0 Sprint

[2013.01.10 13:37:04 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\ABBYY

[2013.01.10 13:37:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ABBYY

[2013.01.10 13:35:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Epson Software

[2013.01.10 13:33:44 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\EPSON

[2013.01.10 13:33:38 | 000,000,000 | ---D | C] -- C:\Programme\EPSON Software

[2013.01.10 13:33:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ralf Maier\Startmenü\Programme\EPSON Software

[2013.01.10 13:33:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON

[2013.01.10 13:32:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\EPSON

[2013.01.10 13:32:52 | 000,000,000 | ---D | C] -- C:\Programme\epson

[2013.01.05 09:51:16 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Ralf Maier\Recent

[2012.12.19 05:42:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Google Earth

[2012.12.15 19:12:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Ralf Maier\Desktop\Gambia

[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2013.01.10 18:25:16 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx

[2013.01.10 18:25:04 | 000,000,386 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job

[2013.01.10 18:17:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Ralf Maier\Desktop\OTL.exe

[2013.01.10 18:15:09 | 000,000,056 | -HS- | M] () -- C:\_PartitionInfo

[2013.01.10 18:15:06 | 000,001,094 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2013.01.10 18:14:57 | 000,002,048 | ---- | M] () -- C:\WINDOWS\bootstat.dat

[2013.01.10 18:14:55 | 2136,944,640 | -HS- | M] () -- C:\hiberfil.sys

[2013.01.10 17:56:02 | 000,001,230 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4189400714-239310853-1789656704-1008UA.job

[2013.01.10 17:38:00 | 000,001,098 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2013.01.10 17:02:57 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk

[2013.01.10 16:09:34 | 000,000,000 | ---- | M] () -- C:\WINDOWS\EEventManager.INI

[2013.01.10 16:06:42 | 000,493,946 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat

[2013.01.10 16:06:42 | 000,473,916 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2013.01.10 16:06:42 | 000,091,752 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat

[2013.01.10 16:06:42 | 000,076,818 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2013.01.10 14:56:00 | 000,001,178 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4189400714-239310853-1789656704-1008Core.job

[2013.01.10 14:25:53 | 000,001,772 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Epson Easy Photo Print.lnk

[2013.01.10 14:24:41 | 000,000,308 | ---- | M] () -- C:\WINDOWS\setup.iss

[2013.01.10 14:21:36 | 000,001,980 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Netzwerkhandbuch EPSON XP-205 207 Series.lnk

[2013.01.10 14:21:25 | 000,001,980 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Benutzerhandbuch EPSON XP-205 207 Series.lnk

[2013.01.10 14:20:03 | 000,000,665 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\EPSON Scan.lnk

[2013.01.06 15:44:54 | 000,002,243 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk

[2013.01.04 05:54:09 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2012.12.28 05:13:59 | 000,001,876 | ---- | M] () -- C:\Dokumente und Einstellungen\Ralf Maier\Desktop\OneKey Recovery.lnk

[2012.12.26 04:06:01 | 000,290,088 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2012.12.16 13:49:29 | 000,224,256 | ---- | M] () -- C:\Dokumente und Einstellungen\Ralf Maier\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2012.12.13 00:03:19 | 000,002,403 | ---- | M] () -- C:\Dokumente und Einstellungen\Ralf Maier\Desktop\Google Chrome.lnk

[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2013.01.10 16:09:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI

[2013.01.10 14:25:53 | 000,001,772 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Epson Easy Photo Print.lnk

[2013.01.10 14:24:34 | 000,000,308 | ---- | C] () -- C:\WINDOWS\setup.iss

[2013.01.10 13:36:02 | 000,001,980 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Netzwerkhandbuch EPSON XP-205 207 Series.lnk

[2013.01.10 13:35:50 | 000,001,980 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Benutzerhandbuch EPSON XP-205 207 Series.lnk

[2013.01.10 13:32:57 | 000,000,665 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\EPSON Scan.lnk

[2012.04.22 10:57:52 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll

[2012.04.22 10:57:52 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys

[2012.04.22 10:57:40 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\$_hpcst$.hpc

[2012.02.20 10:05:02 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2011.12.20 18:39:07 | 000,001,968 | ---- | C] () -- C:\Dokumente und Einstellungen\Ralf Maier\.swfinfo

[2011.12.01 23:47:57 | 000,206,252 | ---- | C] () -- C:\Dokumente und Einstellungen\Ralf Maier\Lokale Einstellungen\Anwendungsdaten\census.cache

[2011.12.01 23:47:48 | 000,178,012 | ---- | C] () -- C:\Dokumente und Einstellungen\Ralf Maier\Lokale Einstellungen\Anwendungsdaten\ars.cache

[2011.12.01 23:36:11 | 000,000,036 | ---- | C] () -- C:\Dokumente und Einstellungen\Ralf Maier\Lokale Einstellungen\Anwendungsdaten\housecall.guid.cache

[2011.08.24 10:59:19 | 000,002,897 | ---- | C] () -- C:\Dokumente und Einstellungen\Ralf Maier\.recently-used.xbel

[2011.05.22 12:52:37 | 000,008,608 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2010.11.30 10:59:31 | 000,006,936 | ---- | C] () -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\.freeciv-client-rc-2.2

[2010.05.24 17:55:55 | 000,000,058 | ---- | C] () -- C:\Dokumente und Einstellungen\Ralf Maier\Lokale Einstellungen\Anwendungsdaten\DonationCoder_ScreenshotCaptor_InstallInfo.dat

[2010.03.27 20:26:40 | 000,224,256 | ---- | C] () -- C:\Dokumente und Einstellungen\Ralf Maier\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010.03.27 19:59:32 | 000,000,914 | ---- | C] () -- C:\Dokumente und Einstellungen\Ralf Maier\Lokale Einstellungen\Anwendungsdaten\FASTWiz.html

[2010.03.27 15:50:13 | 000,000,039 | ---- | C] () -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\xpy.ini

 
 ========== ZeroAccess Check ==========

 

[2009.09.26 10:45:54 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shdocvw.dll -- [2011.02.17 14:51:44 | 001,510,400 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 
 ========== LOP Check ==========

 

[2010.05.24 08:28:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite

[2013.01.10 14:32:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON

[2012.08.08 18:36:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\InstallBrainService

[2012.09.10 16:43:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nitro PDF

[2012.04.22 10:58:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung

[2010.03.27 15:52:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software

[2013.01.10 14:25:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\UDL

[2011.01.16 15:06:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Vodafone

[2010.08.08 14:29:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

[2010.03.27 15:52:16 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}

[2010.11.30 11:03:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\.freeciv

[2011.10.12 15:41:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\Anvsoft

[2010.08.17 00:05:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\BuddyW

[2010.05.24 08:33:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\DAEMON Tools Lite

[2010.05.24 17:55:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\DonationCoder

[2012.09.10 16:42:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\Downloaded Installations

[2013.01.10 14:52:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\Epson

[2010.09.06 06:15:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\FileZilla

[2012.09.23 01:26:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\FreePDF

[2011.08.24 10:59:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\gtk-2.0

[2010.08.13 10:58:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\kompozer.net

[2012.04.22 15:32:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\ML

[2010.08.09 10:47:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\MP3toiPodAudioBookConverter

[2010.03.27 21:34:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\MSNInstaller

[2012.09.10 16:44:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\Nitro PDF

[2010.12.15 23:34:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\OpenOffice.org

[2013.01.10 16:25:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\Samsung

[2010.03.28 19:02:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\Thinstall

[2010.08.19 14:20:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\Tobit

[2010.03.27 15:52:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\TuneUp Software

[2010.12.24 15:13:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\Vodafone

[2012.04.27 22:34:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Ralf Maier\Anwendungsdaten\XMedia Recode

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 
 < %SYSTEMDRIVE%\*. >

[2010.12.08 16:52:40 | 000,000,000 | ---D | M] -- C:\4b09dd54717447b230ccac88

[2011.12.20 18:05:32 | 000,000,000 | ---D | M] -- C:\67fd70bc1df60e541a3e50b33cac9b14

[2010.03.29 18:23:53 | 000,000,000 | ---D | M] -- C:\afb266e15d2167c0adcd00fe762704f7

[2013.01.10 16:25:31 | 000,000,000 | ---D | M] -- C:\Config.Msi

[2011.05.22 10:32:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen

[2012.09.29 20:44:57 | 000,000,000 | ---D | M] -- C:\Downloads

[2008.07.03 10:34:42 | 000,000,000 | ---D | M] -- C:\DRIVER

[2012.10.20 19:37:48 | 000,000,000 | -H-D | M] -- C:\dvmexp

[2009.09.26 10:31:03 | 000,000,000 | ---D | M] -- C:\I386

[2009.09.26 10:32:39 | 000,000,000 | ---D | M] -- C:\Intel

[2010.11.29 15:32:46 | 000,000,000 | ---D | M] -- C:\Program Files

[2013.01.10 17:19:39 | 000,000,000 | R--D | M] -- C:\Programme

[2011.05.22 15:16:49 | 000,000,000 | -H-D | M] -- C:\QSTART.000

[2009.09.26 11:24:03 | 000,000,000 | -H-D | M] -- C:\QSTART.SYS

[2010.03.27 18:15:17 | 000,000,000 | -HSD | M] -- C:\RECYCLER

[2011.12.26 03:05:16 | 000,000,000 | -HSD | M] -- C:\System Volume Information

[2009.09.26 11:37:30 | 000,000,000 | -H-D | M] -- C:\temp

[2008.07.03 11:32:19 | 000,000,000 | ---D | M] -- C:\UPDATE

[2013.01.10 18:14:54 | 000,000,000 | ---D | M] -- C:\WINDOWS

 
 < %PROGRAMFILES%\*.exe >

Invalid Environment Variable: LOCALAPPDATA

 
 < %systemroot%\*. /mp /s >

 
 < C:\Windows\system32\*.tsp >

[2008.04.14 13:00:00 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\h323.tsp

[2008.04.14 13:00:00 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp

[2008.04.14 13:00:00 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ipconf.tsp

[2008.04.14 13:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp

[2008.04.14 13:00:00 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp

[2008.04.14 13:00:00 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp

[2008.04.14 13:00:00 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp

[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

[2008.07.03 09:40:40 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini

[2008.07.03 09:45:13 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT

[2011.06.22 12:50:21 | 000,001,178 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4189400714-239310853-1789656704-1008Core.job

[2011.06.22 12:50:22 | 000,001,230 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4189400714-239310853-1789656704-1008UA.job

[2012.10.02 08:28:01 | 000,000,386 | -H-- | C] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job

[2012.11.02 08:33:40 | 000,001,094 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

[2012.11.02 08:33:40 | 000,001,098 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

 
 < MD5 for: AGP440.SYS  >

[2008.04.14 13:00:00 | 020,108,202 | ---- | M] () .cab file -- C:\I386\I386DE\sp3.cab:AGP440.sys

[2008.04.14 13:00:00 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

[2008.04.13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys

[2008.04.13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\AGP440.SYS

 
 < MD5 for: ATAPI.SYS  >

[2008.04.14 13:00:00 | 020,108,202 | ---- | M] () .cab file -- C:\I386\I386DE\sp3.cab:atapi.sys

[2008.04.14 13:00:00 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys

[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys

[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys

 
 < MD5 for: EVENTLOG.DLL  >

[2008.04.14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\dllcache\eventlog.dll

[2008.04.14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll

 
 < MD5 for: EXPLORER.EXE  >

[2008.04.14 13:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe

[2008.04.14 13:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\system32\dllcache\explorer.exe

 
 < MD5 for: IASTOR.SYS  >

[2008.12.04 05:34:52 | 000,328,728 | ---- | M] (Intel Corporation) MD5=BAABB0301949774A66B955C65319635A -- C:\WINDOWS\system32\drivers\iaStor.sys

[2008.12.04 05:34:52 | 000,328,728 | ---- | M] (Intel Corporation) MD5=BAABB0301949774A66B955C65319635A -- C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\iaStor.sys

 
 < MD5 for: NETLOGON.DLL  >

[2008.04.14 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\dllcache\netlogon.dll

[2008.04.14 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll

 
 < MD5 for: SCECLI.DLL  >

[2008.04.14 13:00:00 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\dllcache\scecli.dll

[2008.04.14 13:00:00 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll

 
 < MD5 for: USER32.DLL  >

[2008.04.14 13:00:00 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\dllcache\user32.dll

[2008.04.14 13:00:00 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll

 
 < MD5 for: USERINIT.EXE  >

[2008.04.14 13:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\dllcache\userinit.exe

[2008.04.14 13:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe

 
 < MD5 for: WINLOGON.EXE  >

[2012.12.14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

[2008.04.14 13:00:00 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\dllcache\winlogon.exe

[2008.04.14 13:00:00 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe

 
 < MD5 for: WS2IFSL.SYS  >

[2008.04.14 13:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys

[2008.04.14 13:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys

 
 < %systemroot%\system32\drivers\*.sys /lockedfiles >

[2010.05.24 08:28:55 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

 
 < %systemroot%\System32\config\*.sav >

[2008.07.03 11:32:26 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav

[2008.07.03 11:32:26 | 001,069,056 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav

[2008.07.03 11:32:25 | 000,471,040 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

 
 < %systemroot%\system32\*.dll /lockedfiles >

[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

 
 < %USERPROFILE%\*.* >

[2013.01.10 15:36:44 | 000,000,033 | ---- | M] () -- C:\Dokumente und Einstellungen\Ralf Maier\.log

[2011.08.24 10:59:19 | 000,002,897 | ---- | M] () -- C:\Dokumente und Einstellungen\Ralf Maier\.recently-used.xbel

[2012.02.10 23:16:47 | 000,001,968 | ---- | M] () -- C:\Dokumente und Einstellungen\Ralf Maier\.swfinfo

[2013.01.10 18:14:02 | 006,029,312 | ---- | M] () -- C:\Dokumente und Einstellungen\Ralf Maier\ntuser.dat

[2013.01.10 18:27:25 | 000,001,024 | -H-- | M] () -- C:\Dokumente und Einstellungen\Ralf Maier\ntuser.dat.LOG

[2011.11.13 07:57:30 | 000,000,000 | -H-- | M] () -- C:\Dokumente und Einstellungen\Ralf Maier\NTUSER.DAT_tureg_new.LOG

[2012.10.21 08:12:46 | 005,767,168 | ---- | M] () -- C:\Dokumente und Einstellungen\Ralf Maier\NTUSER.DAT_tureg_old

[2013.01.10 18:14:02 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Ralf Maier\ntuser.ini

 
 < %USERPROFILE%\Local Settings\Temp\*.exe >

 
 < %USERPROFILE%\Local Settings\Temp\*.dll >

 
 < %USERPROFILE%\Application Data\*.exe >

 
 < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Kmode: %SystemRoot%\system32\win32k.sys [2012.11.13 12:55:38 | 001,866,496 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

 
 <           >

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 12 bytes -> C:\WINDOWS\system32:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}
 

< End of report >

Erledigt :)

Code:

19:15:09.0281 0644  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

19:15:09.0421 0644  ============================================================

19:15:09.0421 0644  Current date / time: 2013/01/10 19:15:09.0421

19:15:09.0421 0644  SystemInfo:

19:15:09.0421 0644  

19:15:09.0421 0644  OS Version: 5.1.2600 ServicePack: 3.0

19:15:09.0421 0644  Product type: Workstation

19:15:09.0437 0644  ComputerName: RALF

19:15:09.0437 0644  UserName: Ralf Maier

19:15:09.0437 0644  Windows directory: C:\WINDOWS

19:15:09.0437 0644  System windows directory: C:\WINDOWS

19:15:09.0437 0644  Processor architecture: Intel x86

19:15:09.0437 0644  Number of processors: 2

19:15:09.0437 0644  Page size: 0x1000

19:15:09.0437 0644  Boot type: Normal boot

19:15:09.0437 0644  ============================================================

19:15:11.0250 0644  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

19:15:11.0265 0644  ============================================================

19:15:11.0265 0644  \Device\Harddisk0\DR0:

19:15:11.0265 0644  MBR partitions:

19:15:11.0265 0644  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xD234000

19:15:11.0281 0644  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xD235000, BlocksNum 0x3A62800

19:15:11.0281 0644  ============================================================

19:15:11.0328 0644  C: <-> \Device\Harddisk0\DR0\Partition1

19:15:11.0359 0644  D: <-> \Device\Harddisk0\DR0\Partition2

19:15:11.0359 0644  ============================================================

19:15:11.0359 0644  Initialize success

19:15:11.0359 0644  ============================================================

19:15:46.0968 0592  ============================================================

19:15:46.0968 0592  Scan started

19:15:46.0968 0592  Mode: Manual; SigCheck; TDLFS; 

19:15:46.0968 0592  ============================================================

19:15:47.0437 0592  ================ Scan system memory ========================

19:15:47.0437 0592  System memory - ok

19:15:47.0437 0592  ================ Scan services =============================

19:15:47.0640 0592  [ B33CF4DE909A5B30F526D82053A63C8E ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Programme\Gemeinsame Dateien\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

19:15:47.0906 0592  ABBYY.Licensing.FineReader.Sprint.9.0 - ok

19:15:48.0062 0592  Abiosdsk - ok

19:15:48.0078 0592  [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5        C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS

19:15:48.0531 0592  abp480n5 - ok

19:15:48.0562 0592  [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys

19:15:48.0781 0592  ACPI - ok

19:15:48.0796 0592  [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC          C:\WINDOWS\system32\DRIVERS\ACPIEC.sys

19:15:49.0000 0592  ACPIEC - ok

19:15:49.0046 0592  [ 5508E9F55799C6551D54DFBC4A068B68 ] ACPIVPC         C:\WINDOWS\system32\DRIVERS\AcpiVpc.sys

19:15:49.0093 0592  ACPIVPC - ok

19:15:49.0140 0592  [ 9A11864873DA202C996558B2106B0BBC ] adpu160m        C:\WINDOWS\system32\DRIVERS\adpu160m.sys

19:15:49.0343 0592  adpu160m - ok

19:15:49.0390 0592  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys

19:15:49.0593 0592  aec - ok

19:15:49.0640 0592  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys

19:15:49.0687 0592  AFD - ok

19:15:49.0718 0592  [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440          C:\WINDOWS\system32\DRIVERS\agp440.sys

19:15:49.0921 0592  agp440 - ok

19:15:49.0953 0592  [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ          C:\WINDOWS\system32\DRIVERS\agpCPQ.sys

19:15:50.0156 0592  agpCPQ - ok

19:15:50.0171 0592  [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x         C:\WINDOWS\system32\DRIVERS\aha154x.sys

19:15:50.0265 0592  Aha154x - ok

19:15:50.0296 0592  [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2         C:\WINDOWS\system32\DRIVERS\aic78u2.sys

19:15:50.0484 0592  aic78u2 - ok

19:15:50.0500 0592  [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx         C:\WINDOWS\system32\DRIVERS\aic78xx.sys

19:15:50.0703 0592  aic78xx - ok

19:15:50.0750 0592  [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter         C:\WINDOWS\system32\alrsvc.dll

19:15:50.0953 0592  Alerter - ok

19:15:50.0984 0592  [ 190CD73D4984F94D823F9444980513E5 ] ALG             C:\WINDOWS\System32\alg.exe

19:15:51.0078 0592  ALG - ok

19:15:51.0109 0592  [ 1140AB9938809700B46BB88E46D72A96 ] AliIde          C:\WINDOWS\system32\DRIVERS\aliide.sys

19:15:51.0328 0592  AliIde - ok

19:15:51.0343 0592  [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541        C:\WINDOWS\system32\DRIVERS\alim1541.sys

19:15:51.0562 0592  alim1541 - ok

19:15:51.0656 0592  [ F6AF59D6EEE5E1C304F7F73706AD11D8 ] Ambfilt         C:\WINDOWS\system32\drivers\Ambfilt.sys

19:15:51.0812 0592  Ambfilt - ok

19:15:51.0828 0592  [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp          C:\WINDOWS\system32\DRIVERS\amdagp.sys

19:15:52.0031 0592  amdagp - ok

19:15:52.0046 0592  [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint          C:\WINDOWS\system32\DRIVERS\amsint.sys

19:15:52.0125 0592  amsint - ok

19:15:52.0187 0592  [ 018857EAD9A077A56AEDFC0E5EF7A24A ] Apple Mobile Device C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe

19:15:52.0218 0592  Apple Mobile Device - ok

19:15:52.0234 0592  AppMgmt - ok

19:15:52.0281 0592  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys

19:15:52.0484 0592  Arp1394 - ok

19:15:52.0515 0592  [ 62D318E9A0C8FC9B780008E724283707 ] asc             C:\WINDOWS\system32\DRIVERS\asc.sys

19:15:52.0734 0592  asc - ok

19:15:52.0750 0592  [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p        C:\WINDOWS\system32\DRIVERS\asc3350p.sys

19:15:52.0843 0592  asc3350p - ok

19:15:52.0859 0592  [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550         C:\WINDOWS\system32\DRIVERS\asc3550.sys

19:15:53.0062 0592  asc3550 - ok

19:15:53.0140 0592  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

19:15:53.0171 0592  aspnet_state - ok

19:15:53.0203 0592  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys

19:15:53.0406 0592  AsyncMac - ok

19:15:53.0453 0592  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys

19:15:53.0640 0592  atapi - ok

19:15:53.0656 0592  Atdisk - ok

19:15:53.0687 0592  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys

19:15:53.0890 0592  Atmarpc - ok

19:15:53.0937 0592  [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll

19:15:54.0171 0592  AudioSrv - ok

19:15:54.0187 0592  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys

19:15:54.0390 0592  audstub - ok

19:15:54.0468 0592  [ CC03987EE5D0F956706B40D2F91F9E4F ] BCM43XX         C:\WINDOWS\system32\DRIVERS\bcmwl5.sys

19:15:54.0593 0592  BCM43XX - ok

19:15:54.0609 0592  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys

19:15:54.0812 0592  Beep - ok

19:15:54.0875 0592  [ D6F603772A789BB3228F310D650B8BD1 ] BITS            C:\WINDOWS\system32\qmgr.dll

19:15:55.0078 0592  BITS - ok

19:15:55.0156 0592  [ F832F1505AD8B83474BD9A5B1B985E01 ] Bonjour Service C:\Programme\Bonjour\mDNSResponder.exe

19:15:55.0203 0592  Bonjour Service - ok

19:15:55.0265 0592  [ B71549F23736ADF83A571061C47777FD ] Browser         C:\WINDOWS\System32\browser.dll

19:15:55.0328 0592  Browser - ok

19:15:55.0390 0592  [ E2944C0354A7E59EE31208639E4142B6 ] Cam5607         C:\WINDOWS\system32\Drivers\BisonC07.sys

19:15:56.0796 0592  Cam5607 - ok

19:15:56.0875 0592  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf           C:\WINDOWS\system32\DRIVERS\cbidf2k.sys

19:15:57.0093 0592  cbidf - ok

19:15:57.0109 0592  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys

19:15:57.0296 0592  cbidf2k - ok

19:15:57.0343 0592  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

19:15:57.0546 0592  CCDECODE - ok

19:15:57.0562 0592  [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt        C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys

19:15:57.0656 0592  cd20xrnt - ok

19:15:57.0687 0592  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys

19:15:57.0875 0592  Cdaudio - ok

19:15:57.0921 0592  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys

19:15:58.0140 0592  Cdfs - ok

19:15:58.0187 0592  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys

19:15:58.0390 0592  Cdrom - ok

19:15:58.0406 0592  Changer - ok

19:15:58.0437 0592  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc           C:\WINDOWS\system32\cisvc.exe

19:15:58.0656 0592  CiSvc - ok

19:15:58.0671 0592  [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe

19:15:58.0875 0592  ClipSrv - ok

19:15:58.0921 0592  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

19:15:58.0953 0592  clr_optimization_v2.0.50727_32 - ok

19:15:59.0062 0592  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

19:15:59.0093 0592  clr_optimization_v4.0.30319_32 - ok

19:15:59.0109 0592  [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys

19:15:59.0328 0592  CmBatt - ok

19:15:59.0359 0592  [ C687F81290303D90099B027A6474F99F ] CmdIde          C:\WINDOWS\system32\DRIVERS\cmdide.sys

19:15:59.0562 0592  CmdIde - ok

19:15:59.0593 0592  [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys

19:15:59.0796 0592  Compbatt - ok

19:15:59.0812 0592  COMSysApp - ok

19:15:59.0828 0592  [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray        C:\WINDOWS\system32\DRIVERS\cpqarray.sys

19:16:00.0031 0592  Cpqarray - ok

19:16:00.0046 0592  [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll

19:16:00.0265 0592  CryptSvc - ok

19:16:00.0281 0592  [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k         C:\WINDOWS\system32\DRIVERS\dac2w2k.sys

19:16:00.0484 0592  dac2w2k - ok

19:16:00.0515 0592  [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt        C:\WINDOWS\system32\DRIVERS\dac960nt.sys

19:16:00.0734 0592  dac960nt - ok

19:16:00.0781 0592  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll

19:16:00.0875 0592  DcomLaunch - ok

19:16:00.0906 0592  [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll

19:16:01.0109 0592  Dhcp - ok

19:16:01.0156 0592  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys

19:16:01.0359 0592  Disk - ok

19:16:01.0375 0592  dmadmin - ok

19:16:01.0437 0592  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys

19:16:01.0687 0592  dmboot - ok

19:16:01.0718 0592  [ 53720AB12B48719D00E327DA470A619A ] dmio            C:\WINDOWS\system32\drivers\dmio.sys

19:16:01.0921 0592  dmio - ok

19:16:01.0953 0592  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys

19:16:02.0156 0592  dmload - ok

19:16:02.0171 0592  [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver        C:\WINDOWS\System32\dmserver.dll

19:16:02.0375 0592  dmserver - ok

19:16:02.0406 0592  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys

19:16:02.0609 0592  DMusic - ok

19:16:02.0640 0592  [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll

19:16:02.0781 0592  Dnscache - ok

19:16:02.0828 0592  [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll

19:16:03.0031 0592  Dot3svc - ok

19:16:03.0046 0592  [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o          C:\WINDOWS\system32\DRIVERS\dpti2o.sys

19:16:03.0250 0592  dpti2o - ok

19:16:03.0281 0592  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys

19:16:03.0468 0592  drmkaud - ok

19:16:03.0578 0592  [ EB9438402DCD2C11F8268B5B2DA4E639 ] DvmMDES         C:\QSTART.SYS\config\DVMExportService.exe

19:16:03.0609 0592  DvmMDES ( UnsignedFile.Multi.Generic ) - warning

19:16:03.0609 0592  DvmMDES - detected UnsignedFile.Multi.Generic (1)

19:16:03.0625 0592  [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost         C:\WINDOWS\System32\eapsvc.dll

19:16:03.0843 0592  EapHost - ok

19:16:03.0906 0592  [ ABDD5AD016AFFD34AD40E944CE94BF59 ] EpsonBidirectionalService C:\Programme\Gemeinsame Dateien\EPSON\EBAPI\eEBSVC.exe

19:16:03.0921 0592  EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - warning

19:16:03.0921 0592  EpsonBidirectionalService - detected UnsignedFile.Multi.Generic (1)

19:16:03.0968 0592  [ E9EFCB47B90FD5498695BB7FEFD36CAE ] EpsonScanSvc    C:\WINDOWS\system32\EscSvc.exe

19:16:04.0000 0592  EpsonScanSvc - ok

19:16:04.0015 0592  [ 877C18558D70587AA7823A1A308AC96B ] ERSvc           C:\WINDOWS\System32\ersvc.dll

19:16:04.0234 0592  ERSvc - ok

19:16:04.0281 0592  [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog        C:\WINDOWS\system32\services.exe

19:16:04.0328 0592  Eventlog - ok

19:16:04.0390 0592  [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem     C:\WINDOWS\system32\es.dll

19:16:04.0437 0592  EventSystem - ok

19:16:04.0468 0592  [ 13D0F39D356E70F0A5E80D7771382245 ] ewusbnet        C:\WINDOWS\system32\DRIVERS\ewusbnet.sys

19:16:04.0578 0592  ewusbnet - ok

19:16:04.0609 0592  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys

19:16:04.0812 0592  Fastfat - ok

19:16:04.0859 0592  [ 40602EBFBE06AA075C8E4560743F6883 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

19:16:05.0078 0592  FastUserSwitchingCompatibility - ok

19:16:05.0109 0592  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys

19:16:05.0328 0592  Fdc - ok

19:16:05.0343 0592  [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys

19:16:05.0531 0592  Fips - ok

19:16:05.0546 0592  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys

19:16:05.0750 0592  Flpydisk - ok

19:16:05.0781 0592  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys

19:16:06.0000 0592  FltMgr - ok

19:16:06.0078 0592  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

19:16:06.0109 0592  FontCache3.0.0.0 - ok

19:16:06.0140 0592  [ CBE5F69A5E5B918225F420BA748F3742 ] FsUsbExDisk     C:\WINDOWS\system32\FsUsbExDisk.SYS

19:16:06.0156 0592  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning

19:16:06.0156 0592  FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)

19:16:06.0187 0592  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys

19:16:06.0390 0592  Fs_Rec - ok

19:16:06.0421 0592  [ 8F1955CE42E1484714B542F341647778 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys

19:16:06.0625 0592  Ftdisk - ok

19:16:06.0640 0592  [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

19:16:06.0671 0592  GEARAspiWDM - ok

19:16:06.0734 0592  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys

19:16:06.0937 0592  Gpc - ok

19:16:07.0015 0592  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Programme\Google\Update\GoogleUpdate.exe

19:16:07.0062 0592  gupdate - ok

19:16:07.0062 0592  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Programme\Google\Update\GoogleUpdate.exe

19:16:07.0093 0592  gupdatem - ok

19:16:07.0140 0592  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

19:16:07.0343 0592  HDAudBus - ok

19:16:07.0390 0592  [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

19:16:07.0640 0592  helpsvc - ok

19:16:07.0640 0592  HidServ - ok

19:16:07.0671 0592  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys

19:16:07.0875 0592  HidUsb - ok

19:16:07.0906 0592  [ ED29F14101523A6E0E808107405D452C ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll

19:16:08.0109 0592  hkmsvc - ok

19:16:08.0140 0592  [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn             C:\WINDOWS\system32\DRIVERS\hpn.sys

19:16:08.0343 0592  hpn - ok

19:16:08.0390 0592  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys

19:16:08.0453 0592  HTTP - ok

19:16:08.0500 0592  [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll

19:16:08.0718 0592  HTTPFilter - ok

19:16:08.0765 0592  [ 8ADF5EF39E896A65BEDED878494EE2B6 ] hwdatacard      C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys

19:16:08.0843 0592  hwdatacard - ok

19:16:08.0875 0592  [ 83026E41D9960430491432DBD6AF969A ] hwusbfake       C:\WINDOWS\system32\DRIVERS\ewusbfake.sys

19:16:08.0937 0592  hwusbfake - ok

19:16:08.0984 0592  [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt         C:\WINDOWS\system32\drivers\i2omgmt.sys

19:16:09.0187 0592  i2omgmt - ok

19:16:09.0203 0592  [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp           C:\WINDOWS\system32\DRIVERS\i2omp.sys

19:16:09.0406 0592  i2omp - ok

19:16:09.0453 0592  [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys

19:16:09.0656 0592  i8042prt - ok

19:16:09.0875 0592  [ 48846B31BE5A4FA662CCFDE7A1BA86B9 ] ialm            C:\WINDOWS\system32\DRIVERS\igxpmp32.sys

19:16:10.0187 0592  ialm - ok

19:16:10.0250 0592  [ BAABB0301949774A66B955C65319635A ] iaStor          C:\WINDOWS\system32\drivers\iaStor.sys

19:16:10.0296 0592  iaStor - ok

19:16:10.0359 0592  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

19:16:10.0484 0592  idsvc - ok

19:16:10.0531 0592  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys

19:16:10.0750 0592  Imapi - ok

19:16:10.0812 0592  [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService    C:\WINDOWS\system32\imapi.exe

19:16:11.0015 0592  ImapiService - ok

19:16:11.0062 0592  [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u         C:\WINDOWS\system32\DRIVERS\ini910u.sys

19:16:11.0281 0592  ini910u - ok

19:16:11.0515 0592  [ 3A3A539D7DB808FAD3B55740474A6D02 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys

19:16:11.0843 0592  IntcAzAudAddService - ok

19:16:11.0859 0592  [ 69C4E3C9E67A1F103B94E14FDD5F3213 ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys

19:16:12.0062 0592  IntelIde - ok

19:16:12.0093 0592  [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys

19:16:12.0312 0592  intelppm - ok

19:16:12.0343 0592  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

19:16:12.0531 0592  Ip6Fw - ok

19:16:12.0546 0592  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

19:16:12.0765 0592  IpFilterDriver - ok

19:16:12.0796 0592  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys

19:16:13.0000 0592  IpInIp - ok

19:16:13.0031 0592  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys

19:16:13.0250 0592  IpNat - ok

19:16:13.0312 0592  [ 6E27978A4755F4789F912F5F49392F7C ] iPod Service    C:\Programme\iPod\bin\iPodService.exe

19:16:13.0406 0592  iPod Service - ok

19:16:13.0437 0592  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys

19:16:13.0656 0592  IPSec - ok

19:16:13.0687 0592  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys

19:16:13.0796 0592  IRENUM - ok

19:16:13.0843 0592  [ 6DFB88F64135C525433E87648BDA30DE ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys

19:16:14.0046 0592  isapnp - ok

19:16:14.0140 0592  [ 28E8A9984BA1297EFE44B6138D2CA51E ] JavaQuickStarterService C:\Programme\Java\jre6\bin\jqs.exe

19:16:14.0171 0592  JavaQuickStarterService - ok

19:16:14.0218 0592  [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys

19:16:14.0437 0592  Kbdclass - ok

19:16:14.0484 0592  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys

19:16:14.0718 0592  kmixer - ok

19:16:14.0734 0592  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys

19:16:14.0828 0592  KSecDD - ok

19:16:14.0875 0592  [ 2BBDCB79900990F0716DFCB714E72DE7 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll

19:16:14.0937 0592  LanmanServer - ok

19:16:15.0000 0592  [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

19:16:15.0062 0592  lanmanworkstation - ok

19:16:15.0078 0592  lbrtfdc - ok

19:16:15.0125 0592  [ 636714B7D43C8D0C80449123FD266920 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll

19:16:15.0343 0592  LmHosts - ok

19:16:15.0375 0592  [ B7550A7107281D170CE85524B1488C98 ] Messenger       C:\WINDOWS\System32\msgsvc.dll

19:16:15.0578 0592  Messenger - ok

19:16:15.0609 0592  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys

19:16:15.0828 0592  mnmdd - ok

19:16:15.0859 0592  [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe

19:16:16.0062 0592  mnmsrvc - ok

19:16:16.0093 0592  [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys

19:16:16.0328 0592  Modem - ok

19:16:16.0375 0592  [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5 ] Monfilt         C:\WINDOWS\system32\drivers\Monfilt.sys

19:16:16.0515 0592  Monfilt - ok

19:16:16.0531 0592  [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys

19:16:16.0734 0592  Mouclass - ok

19:16:16.0781 0592  [ 66A6F73C74E1791464160A7065CE711A ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys

19:16:16.0968 0592  mouhid - ok

19:16:17.0000 0592  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys

19:16:17.0203 0592  MountMgr - ok

19:16:17.0265 0592  [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe

19:16:17.0296 0592  MozillaMaintenance - ok

19:16:17.0328 0592  [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter        C:\WINDOWS\system32\DRIVERS\MpFilter.sys

19:16:17.0375 0592  MpFilter - ok

19:16:17.0484 0592  [ A69630D039C38018689190234F866D77 ] MpKsl5d89c02a   c:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{BD86F733-5EA7-4EBA-A8C8-777BCA9D040F}\MpKsl5d89c02a.sys

19:16:17.0515 0592  MpKsl5d89c02a - ok

19:16:17.0546 0592  [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x        C:\WINDOWS\system32\DRIVERS\mraid35x.sys

19:16:17.0765 0592  mraid35x - ok

19:16:17.0796 0592  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys

19:16:18.0015 0592  MRxDAV - ok

19:16:18.0046 0592  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

19:16:18.0156 0592  MRxSmb - ok

19:16:18.0203 0592  [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC           C:\WINDOWS\system32\msdtc.exe

19:16:18.0406 0592  MSDTC - ok

19:16:18.0437 0592  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys

19:16:18.0640 0592  Msfs - ok

19:16:18.0640 0592  MSIServer - ok

19:16:18.0671 0592  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys

19:16:18.0890 0592  MSKSSRV - ok

19:16:18.0968 0592  [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc         c:\Programme\Microsoft Security Client\MsMpEng.exe

19:16:19.0000 0592  MsMpSvc - ok

19:16:19.0031 0592  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys

19:16:19.0234 0592  MSPCLOCK - ok

19:16:19.0250 0592  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys

19:16:19.0453 0592  MSPQM - ok

19:16:19.0484 0592  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys

19:16:19.0687 0592  mssmbios - ok

19:16:19.0734 0592  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys

19:16:19.0953 0592  MSTEE - ok

19:16:19.0984 0592  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys

19:16:20.0031 0592  Mup - ok

19:16:20.0062 0592  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

19:16:20.0250 0592  NABTSFEC - ok

19:16:20.0296 0592  [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent        C:\WINDOWS\System32\qagentrt.dll

19:16:20.0515 0592  napagent - ok

19:16:20.0546 0592  NAVENG - ok

19:16:20.0546 0592  NAVEX15 - ok

19:16:20.0578 0592  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys

19:16:20.0781 0592  NDIS - ok

19:16:20.0812 0592  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys

19:16:21.0015 0592  NdisIP - ok

19:16:21.0062 0592  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys

19:16:21.0125 0592  NdisTapi - ok

19:16:21.0140 0592  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys

19:16:21.0343 0592  Ndisuio - ok

19:16:21.0359 0592  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys

19:16:21.0578 0592  NdisWan - ok

19:16:21.0609 0592  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys

19:16:21.0687 0592  NDProxy - ok

19:16:21.0703 0592  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys

19:16:21.0937 0592  NetBIOS - ok

19:16:21.0968 0592  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys

19:16:22.0156 0592  NetBT - ok

19:16:22.0203 0592  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE          C:\WINDOWS\system32\netdde.exe

19:16:22.0421 0592  NetDDE - ok

19:16:22.0421 0592  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe

19:16:22.0625 0592  NetDDEdsdm - ok

19:16:22.0671 0592  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon        C:\WINDOWS\system32\lsass.exe

19:16:22.0890 0592  Netlogon - ok

19:16:22.0921 0592  [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman          C:\WINDOWS\System32\netman.dll

19:16:23.0140 0592  Netman - ok

19:16:23.0187 0592  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

19:16:23.0218 0592  NetTcpPortSharing - ok

19:16:23.0250 0592  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys

19:16:23.0468 0592  NIC1394 - ok

19:16:23.0500 0592  [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla             C:\WINDOWS\System32\mswsock.dll

19:16:23.0562 0592  Nla - ok

19:16:23.0562 0592  Norton Internet Security - ok

19:16:23.0625 0592  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys

19:16:23.0812 0592  Npfs - ok

19:16:23.0828 0592  npggsvc - ok

19:16:23.0875 0592  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys

19:16:24.0078 0592  Ntfs - ok

19:16:24.0109 0592  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe

19:16:24.0312 0592  NtLmSsp - ok

19:16:24.0359 0592  [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll

19:16:24.0593 0592  NtmsSvc - ok

19:16:24.0625 0592  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys

19:16:24.0843 0592  Null - ok

19:16:24.0875 0592  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

19:16:25.0093 0592  NwlnkFlt - ok

19:16:25.0125 0592  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

19:16:25.0312 0592  NwlnkFwd - ok

19:16:25.0312 0592  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys

19:16:25.0546 0592  ohci1394 - ok

19:16:25.0609 0592  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE

19:16:25.0656 0592  ose - ok

19:16:25.0687 0592  [ F84785660305B9B903FB3BCA8BA29837 ] Parport         C:\WINDOWS\system32\drivers\Parport.sys

19:16:25.0890 0592  Parport - ok

19:16:25.0906 0592  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys

19:16:26.0109 0592  PartMgr - ok

19:16:26.0125 0592  [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys

19:16:26.0328 0592  ParVdm - ok

19:16:26.0343 0592  PCASp50 - ok

19:16:26.0375 0592  [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys

19:16:26.0578 0592  PCI - ok

19:16:26.0578 0592  PCIDump - ok

19:16:26.0593 0592  [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys

19:16:26.0796 0592  PCIIde - ok

19:16:26.0828 0592  [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys

19:16:27.0031 0592  Pcmcia - ok

19:16:27.0031 0592  PDCOMP - ok

19:16:27.0046 0592  PDFRAME - ok

19:16:27.0062 0592  PDRELI - ok

19:16:27.0062 0592  PDRFRAME - ok

19:16:27.0093 0592  [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2           C:\WINDOWS\system32\DRIVERS\perc2.sys

19:16:27.0296 0592  perc2 - ok

19:16:27.0328 0592  [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib        C:\WINDOWS\system32\DRIVERS\perc2hib.sys

19:16:27.0531 0592  perc2hib - ok

19:16:27.0578 0592  [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay        C:\WINDOWS\system32\services.exe

19:16:27.0625 0592  PlugPlay - ok

19:16:27.0640 0592  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe

19:16:27.0843 0592  PolicyAgent - ok

19:16:27.0875 0592  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys

19:16:28.0078 0592  PptpMiniport - ok

19:16:28.0078 0592  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

19:16:28.0296 0592  ProtectedStorage - ok

19:16:28.0296 0592  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys

19:16:28.0500 0592  PSched - ok

19:16:28.0500 0592  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys

19:16:28.0703 0592  Ptilink - ok

19:16:28.0718 0592  [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080          C:\WINDOWS\system32\DRIVERS\ql1080.sys

19:16:28.0921 0592  ql1080 - ok

19:16:28.0937 0592  [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt         C:\WINDOWS\system32\DRIVERS\ql10wnt.sys

19:16:29.0140 0592  Ql10wnt - ok

19:16:29.0140 0592  [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160         C:\WINDOWS\system32\DRIVERS\ql12160.sys

19:16:29.0343 0592  ql12160 - ok

19:16:29.0359 0592  [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240          C:\WINDOWS\system32\DRIVERS\ql1240.sys

19:16:29.0578 0592  ql1240 - ok

19:16:29.0609 0592  [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280          C:\WINDOWS\system32\DRIVERS\ql1280.sys

19:16:29.0796 0592  ql1280 - ok

19:16:29.0843 0592  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys

19:16:30.0062 0592  RasAcd - ok

19:16:30.0093 0592  [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto         C:\WINDOWS\System32\rasauto.dll

19:16:30.0296 0592  RasAuto - ok

19:16:30.0312 0592  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

19:16:30.0531 0592  Rasl2tp - ok

19:16:30.0562 0592  [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan          C:\WINDOWS\System32\rasmans.dll

19:16:30.0796 0592  RasMan - ok

19:16:30.0796 0592  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys

19:16:31.0000 0592  RasPppoe - ok

19:16:31.0031 0592  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys

19:16:31.0250 0592  Raspti - ok

19:16:31.0281 0592  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys

19:16:31.0515 0592  Rdbss - ok

19:16:31.0531 0592  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

19:16:31.0796 0592  RDPCDD - ok

19:16:31.0828 0592  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys

19:16:32.0031 0592  rdpdr - ok

19:16:32.0062 0592  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys

19:16:32.0109 0592  RDPWD - ok

19:16:32.0140 0592  [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe

19:16:32.0343 0592  RDSessMgr - ok

19:16:32.0390 0592  [ ED761D453856F795A7FE056E42C36365 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys

19:16:32.0593 0592  redbook - ok

19:16:32.0640 0592  [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll

19:16:32.0828 0592  RemoteAccess - ok

19:16:32.0859 0592  [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator      C:\WINDOWS\system32\locator.exe

19:16:33.0078 0592  RpcLocator - ok

19:16:33.0109 0592  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs           C:\WINDOWS\system32\rpcss.dll

19:16:33.0187 0592  RpcSs - ok

19:16:33.0234 0592  [ 4BE76679D800F95C26A23EF0D15A31B2 ] RSUSBSTOR       C:\WINDOWS\system32\Drivers\RtsUStor.sys

19:16:33.0312 0592  RSUSBSTOR - ok

19:16:33.0343 0592  [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP            C:\WINDOWS\system32\rsvp.exe

19:16:33.0562 0592  RSVP - ok

19:16:33.0609 0592  [ 832F27E6962A14EBF3B09AF0E65FD7B4 ] RTLE8023xp      C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys

19:16:33.0703 0592  RTLE8023xp - ok

19:16:33.0703 0592  RtsUIR - ok

19:16:33.0750 0592  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs           C:\WINDOWS\system32\lsass.exe

19:16:33.0953 0592  SamSs - ok

19:16:33.0984 0592  [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe

19:16:34.0187 0592  SCardSvr - ok

19:16:34.0218 0592  [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule        C:\WINDOWS\system32\schedsvc.dll

19:16:34.0421 0592  Schedule - ok

19:16:34.0468 0592  [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus           C:\WINDOWS\system32\DRIVERS\sdbus.sys

19:16:34.0671 0592  sdbus - ok

19:16:34.0703 0592  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys

19:16:34.0796 0592  Secdrv - ok

19:16:34.0828 0592  [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon        C:\WINDOWS\System32\seclogon.dll

19:16:35.0062 0592  seclogon - ok

19:16:35.0078 0592  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS            C:\WINDOWS\system32\sens.dll

19:16:35.0281 0592  SENS - ok

19:16:35.0312 0592  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys

19:16:35.0515 0592  serenum - ok

19:16:35.0531 0592  [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys

19:16:35.0734 0592  Serial - ok

19:16:35.0812 0592  [ 4C0D673281178CB496011A2E28571FC8 ] sfdrv01         C:\WINDOWS\system32\drivers\sfdrv01.sys

19:16:35.0812 0592  sfdrv01 ( UnsignedFile.Multi.Generic ) - warning

19:16:35.0812 0592  sfdrv01 - detected UnsignedFile.Multi.Generic (1)

19:16:35.0843 0592  [ 15BE2B5E4DC5B8623CF167720682ABC9 ] sfhlp02         C:\WINDOWS\system32\drivers\sfhlp02.sys

19:16:35.0859 0592  sfhlp02 ( UnsignedFile.Multi.Generic ) - warning

19:16:35.0859 0592  sfhlp02 - detected UnsignedFile.Multi.Generic (1)

19:16:35.0890 0592  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys

19:16:36.0171 0592  Sfloppy - ok

19:16:36.0203 0592  [ D5A7E09D2C6A702809E49190D52ADC9F ] sfvfs02         C:\WINDOWS\system32\drivers\sfvfs02.sys

19:16:36.0203 0592  sfvfs02 ( UnsignedFile.Multi.Generic ) - warning

19:16:36.0203 0592  sfvfs02 - detected UnsignedFile.Multi.Generic (1)

19:16:36.0250 0592  [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll

19:16:36.0484 0592  SharedAccess - ok

19:16:36.0515 0592  [ 40602EBFBE06AA075C8E4560743F6883 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

19:16:36.0734 0592  ShellHWDetection - ok

19:16:36.0750 0592  Simbad - ok

19:16:36.0781 0592  [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp          C:\WINDOWS\system32\DRIVERS\sisagp.sys

19:16:36.0984 0592  sisagp - ok

19:16:37.0031 0592  [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate     C:\Programme\Skype\Updater\Updater.exe

19:16:37.0062 0592  SkypeUpdate - ok

19:16:37.0093 0592  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys

19:16:37.0296 0592  SLIP - ok

19:16:37.0328 0592  [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow         C:\WINDOWS\system32\DRIVERS\sparrow.sys

19:16:37.0421 0592  Sparrow - ok

19:16:37.0437 0592  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys

19:16:37.0625 0592  splitter - ok

19:16:37.0671 0592  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe

19:16:37.0750 0592  Spooler - ok

19:16:37.0843 0592  [ CDDDEC541BC3C96F91ECB48759673505 ] sptd            C:\WINDOWS\system32\Drivers\sptd.sys

19:16:37.0843 0592  Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505

19:16:37.0843 0592  sptd ( LockedFile.Multi.Generic ) - warning

19:16:37.0843 0592  sptd - detected LockedFile.Multi.Generic (1)

19:16:37.0906 0592  [ 9263C8898732E2B890F7E954E7729AB7 ] SQLWriter       c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe

19:16:37.0937 0592  SQLWriter - ok

19:16:37.0953 0592  [ 50FA898F8C032796D3B1B9951BB5A90F ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys

19:16:38.0046 0592  sr - ok

19:16:38.0078 0592  [ FE77A85495065F3AD59C5C65B6C54182 ] srservice       C:\WINDOWS\system32\srsvc.dll

19:16:38.0187 0592  srservice - ok

19:16:38.0187 0592  SRTSP - ok

19:16:38.0203 0592  SRTSPX - ok

19:16:38.0250 0592  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys

19:16:38.0312 0592  Srv - ok

19:16:38.0343 0592  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll

19:16:38.0453 0592  SSDPSRV - ok

19:16:38.0484 0592  [ BC2C5985611C5356B24AEB370953DED9 ] stisvc          C:\WINDOWS\system32\wiaservc.dll

19:16:38.0718 0592  stisvc - ok

19:16:38.0750 0592  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys

19:16:38.0937 0592  streamip - ok

19:16:38.0984 0592  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys

19:16:39.0187 0592  swenum - ok

19:16:39.0203 0592  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys

19:16:39.0406 0592  swmidi - ok

19:16:39.0406 0592  SwPrv - ok

19:16:39.0453 0592  [ 1FF3217614018630D0A6758630FC698C ] symc810         C:\WINDOWS\system32\DRIVERS\symc810.sys

19:16:39.0640 0592  symc810 - ok

19:16:39.0656 0592  [ 070E001D95CF725186EF8B20335F933C ] symc8xx         C:\WINDOWS\system32\DRIVERS\symc8xx.sys

19:16:39.0843 0592  symc8xx - ok

19:16:39.0859 0592  [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi          C:\WINDOWS\system32\DRIVERS\sym_hi.sys

19:16:40.0046 0592  sym_hi - ok

19:16:40.0062 0592  [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3          C:\WINDOWS\system32\DRIVERS\sym_u3.sys

19:16:40.0250 0592  sym_u3 - ok

19:16:40.0296 0592  [ 8E25A1DBB8527B2074AF9B682F818768 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys

19:16:40.0343 0592  SynTP - ok

19:16:40.0359 0592  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys

19:16:40.0578 0592  sysaudio - ok

19:16:40.0609 0592  [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe

19:16:40.0812 0592  SysmonLog - ok

19:16:40.0906 0592  [ A1B6D369D6919304463565D77EA0F84E ] System_Repair_UpdateMonitor C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe

19:16:40.0937 0592  System_Repair_UpdateMonitor ( UnsignedFile.Multi.Generic ) - warning

19:16:40.0937 0592  System_Repair_UpdateMonitor - detected UnsignedFile.Multi.Generic (1)

19:16:40.0968 0592  [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll

19:16:41.0187 0592  TapiSrv - ok

19:16:41.0250 0592  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys

19:16:41.0328 0592  Tcpip - ok

19:16:41.0359 0592  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys

19:16:41.0562 0592  TDPIPE - ok

19:16:41.0593 0592  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys

19:16:41.0781 0592  TDTCP - ok

19:16:41.0828 0592  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys

19:16:42.0031 0592  TermDD - ok

19:16:42.0062 0592  [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService     C:\WINDOWS\System32\termsrv.dll

19:16:42.0265 0592  TermService - ok

19:16:42.0296 0592  [ 40602EBFBE06AA075C8E4560743F6883 ] Themes          C:\WINDOWS\System32\shsvcs.dll

19:16:42.0484 0592  Themes - ok

19:16:42.0515 0592  [ D213A9247DC347F305A2D4CC9B951487 ] TosIde          C:\WINDOWS\system32\DRIVERS\toside.sys

19:16:42.0703 0592  TosIde - ok

19:16:42.0750 0592  [ 626504572B175867F30F3215C04B3E2F ] TrkWks          C:\WINDOWS\system32\trkwks.dll

19:16:42.0968 0592  TrkWks - ok

19:16:43.0062 0592  [ C7732ABB05D2AC3E43DDBF916FC2E2DA ] TuneUp.Defrag   C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe

19:16:43.0125 0592  TuneUp.Defrag - ok

19:16:43.0187 0592  [ CB853481039F08517939AB269077C118 ] TuneUp.UtilitiesSvc C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

19:16:43.0312 0592  TuneUp.UtilitiesSvc - ok

19:16:43.0328 0592  [ F2107C9D85EC0DF116939CCCE06AE697 ] TuneUpUtilitiesDrv C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys

19:16:43.0359 0592  TuneUpUtilitiesDrv - ok

19:16:43.0390 0592  [ 3385D48304443D0EE42AF5DBF89634B6 ] tvtumon         C:\WINDOWS\system32\DRIVERS\tvtumon.sys

19:16:43.0421 0592  tvtumon - ok

19:16:43.0437 0592  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys

19:16:43.0640 0592  Udfs - ok

19:16:43.0656 0592  [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra           C:\WINDOWS\system32\DRIVERS\ultra.sys

19:16:43.0765 0592  ultra - ok

19:16:43.0796 0592  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys

19:16:44.0000 0592  Update - ok

19:16:44.0062 0592  [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost        C:\WINDOWS\System32\upnphost.dll

19:16:44.0171 0592  upnphost - ok

19:16:44.0203 0592  [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS             C:\WINDOWS\System32\ups.exe

19:16:44.0406 0592  UPS - ok

19:16:44.0437 0592  [ 5C2BDC152BBAB34F36473DEAF7713F22 ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys

19:16:44.0484 0592  USBAAPL - ok

19:16:44.0531 0592  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys

19:16:44.0734 0592  usbccgp - ok

19:16:44.0750 0592  USBCCID - ok

19:16:44.0781 0592  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys

19:16:44.0984 0592  usbehci - ok

19:16:45.0000 0592  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys

19:16:45.0187 0592  usbhub - ok

19:16:45.0234 0592  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys

19:16:45.0437 0592  usbprint - ok

19:16:45.0468 0592  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys

19:16:45.0656 0592  usbscan - ok

19:16:45.0703 0592  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

19:16:45.0890 0592  USBSTOR - ok

19:16:45.0921 0592  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys

19:16:46.0125 0592  usbuhci - ok

19:16:46.0171 0592  [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys

19:16:46.0375 0592  usbvideo - ok

19:16:46.0421 0592  [ FC5BCA83C5000509FEEFBFAE81074835 ] UxTuneUp        C:\WINDOWS\System32\uxtuneup.dll

19:16:46.0453 0592  UxTuneUp - ok

19:16:46.0468 0592  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys

19:16:46.0687 0592  VgaSave - ok

19:16:46.0703 0592  [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp          C:\WINDOWS\system32\DRIVERS\viaagp.sys

19:16:46.0906 0592  viaagp - ok

19:16:46.0921 0592  [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde          C:\WINDOWS\system32\DRIVERS\viaide.sys

19:16:47.0125 0592  ViaIde - ok

19:16:47.0156 0592  [ A5A712F4E880874A477AF790B5186E1D ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys

19:16:47.0359 0592  VolSnap - ok

19:16:47.0406 0592  [ 68F106273BE29E7B7EF8266977268E78 ] VSS             C:\WINDOWS\System32\vssvc.exe

19:16:47.0515 0592  VSS - ok

19:16:47.0546 0592  [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time         C:\WINDOWS\system32\w32time.dll

19:16:47.0750 0592  W32Time - ok

19:16:47.0796 0592  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys

19:16:48.0000 0592  Wanarp - ok

19:16:48.0046 0592  [ D918617B46457B9AC28027722E30F647 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys

19:16:48.0109 0592  Wdf01000 - ok

19:16:48.0109 0592  WDICA - ok

19:16:48.0156 0592  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys

19:16:48.0375 0592  wdmaud - ok

19:16:48.0406 0592  [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient       C:\WINDOWS\System32\webclnt.dll

19:16:48.0593 0592  WebClient - ok

19:16:48.0625 0592  [ F9AD3A5E3FD7E0BDB18B8202B0FDD4E4 ] WimFltr         C:\WINDOWS\system32\DRIVERS\wimfltr.sys

19:16:48.0671 0592  WimFltr - ok

19:16:48.0750 0592  [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll

19:16:48.0953 0592  winmgmt - ok

19:16:49.0000 0592  [ 6E18978B749F0696A774DE3F2CB142DD ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll

19:16:49.0203 0592  WmdmPmSN - ok

19:16:49.0218 0592  [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi         C:\WINDOWS\system32\DRIVERS\wmiacpi.sys

19:16:49.0421 0592  WmiAcpi - ok

19:16:49.0453 0592  [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe

19:16:49.0656 0592  WmiApSrv - ok

19:16:49.0718 0592  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

19:16:49.0796 0592  WPFFontCache_v0400 - ok

19:16:49.0828 0592  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys

19:16:50.0015 0592  WS2IFSL - ok

19:16:50.0046 0592  [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc          C:\WINDOWS\system32\wscsvc.dll

19:16:50.0250 0592  wscsvc - ok

19:16:50.0281 0592  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

19:16:50.0468 0592  WSTCODEC - ok

19:16:50.0500 0592  [ 5D0A08EBF9660E07865907FB1AB022B5 ] WSVD            C:\WINDOWS\system32\drivers\WSVD.sys

19:16:50.0531 0592  WSVD - ok

19:16:50.0562 0592  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll

19:16:50.0750 0592  wuauserv - ok

19:16:50.0796 0592  [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll

19:16:51.0046 0592  WZCSVC - ok

19:16:51.0078 0592  [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll

19:16:51.0281 0592  xmlprov - ok

19:16:51.0312 0592  ================ Scan global ===============================

19:16:51.0343 0592  [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll

19:16:51.0390 0592  [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll

19:16:51.0406 0592  [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll

19:16:51.0437 0592  [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe

19:16:51.0437 0592  [Global] - ok

19:16:51.0437 0592  ================ Scan MBR ==================================

19:16:51.0468 0592  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0

19:16:51.0906 0592  \Device\Harddisk0\DR0 - ok

19:16:51.0906 0592  ================ Scan VBR ==================================

19:16:51.0921 0592  [ A6B38754D0695FECD9858E22449513EF ] \Device\Harddisk0\DR0\Partition1

19:16:51.0921 0592  \Device\Harddisk0\DR0\Partition1 - ok

19:16:51.0953 0592  [ BEEEC702E61E04163ED463B77F5DE65B ] \Device\Harddisk0\DR0\Partition2

19:16:51.0953 0592  \Device\Harddisk0\DR0\Partition2 - ok

19:16:51.0953 0592  ============================================================

19:16:51.0953 0592  Scan finished

19:16:51.0953 0592  ============================================================

19:16:52.0062 0648  Detected object count: 8

19:16:52.0062 0648  Actual detected object count: 8

19:18:38.0000 0648  DvmMDES ( UnsignedFile.Multi.Generic ) - skipped by user

19:18:38.0000 0648  DvmMDES ( UnsignedFile.Multi.Generic ) - User select action: Skip 

19:18:38.0000 0648  EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - skipped by user

19:18:38.0000 0648  EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - User select action: Skip 

19:18:38.0000 0648  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user

19:18:38.0000 0648  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 

19:18:38.0000 0648  sfdrv01 ( UnsignedFile.Multi.Generic ) - skipped by user

19:18:38.0000 0648  sfdrv01 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

19:18:38.0000 0648  sfhlp02 ( UnsignedFile.Multi.Generic ) - skipped by user

19:18:38.0000 0648  sfhlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

19:18:38.0000 0648  sfvfs02 ( UnsignedFile.Multi.Generic ) - skipped by user

19:18:38.0000 0648  sfvfs02 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

19:18:38.0015 0648  sptd ( LockedFile.Multi.Generic ) - skipped by user

19:18:38.0015 0648  sptd ( LockedFile.Multi.Generic ) - User select action: Skip 

19:18:38.0015 0648  System_Repair_UpdateMonitor ( UnsignedFile.Multi.Generic ) - skipped by user

19:18:38.0015 0648  System_Repair_UpdateMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip