Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cannot enable Windows Firewall


  • Please log in to reply
14 replies to this topic

#1 NdotA

NdotA

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:08 AM

Posted 14 February 2013 - 09:22 AM

Hello,


I am having a problem with my computer running Windows XP Home, Sp3 installed, Windows Security Essentials as antivirus, automatic updates enabled:

 

Problem:

Windows firewall seems down. When I open my Security Center and click on the firewall icon I get this message:

Message Box named 'Windows-Firewall'

Original message: Aufgrund eines unbekannten Problems können die Einstellungen des Windows-Firewalls nicht angezeigt werden.

Message(as translated from German): 'Due to an unknown problem Windows-Firewall settings cannot be displayed'

Controls: okay-button.

 

As far as I can see as yet, there is no other malfunction on my system, just this firewall problem.

 


History:

Yesterday I had run a Malwarebytes quick scan which identified 5 infected files (see log below). I clicked repair which deleted three of them and put two in quarantine

Later in the evening I noticed the WSE icon being red in the status bar indicating PC-status: risc, much internet traffic going on that I did not start.

- WSE-window indicated online-protection off, firewall down

- Could activate neither WSE nor firewall in WSE-Window. This window seemed somewhat dead like not accepting my mouse input.

- WindowsSecurity center gave me the above message when I tried to enable firewall

- Thought installation of WSE might be corrupted, trying to download from MS failed, errormessage saying WSE allready installed on my system. 

- Disconnected computer from the internet, uninstalled WSE by way of control panel

- hooked up to the internet again, successfully downloaded and installed WSE, status green now.

- but still firewall cannot be enabled, see above

 

From the Windows XP-Forum here I got the advice to install netfw.inf as detailed in MS Knowledge base. No improvement.

 

Here is the Malwarebytes-log:

 

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org


 

Datenbank Version: v2013.02.11.06


 

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Aust :: AUST-Q0HX0CC2TV [Administrator]


 

13.02.2013 19:59:59
mbam-log-2013-02-13 (19-59-59).txt


 

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 226033
Laufzeit: 4 Minute(n), 3 Sekunde(n)


 

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)


 

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)


 

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)


 

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)


 

Infizierte Dateiobjekte der Registrierung: 2
HKCR\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32| (Trojan.0Access) -> Bösartig: (C:\RECYCLER\S-1-5-18\$25e7eb5ad608fd6f0bc1e8926f774602\n.) Gut: (fastprox.dll) -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKCR\CLSID\{FBEB8A05-BEEE-4442-804E-409D6C4515E9}\InProcServer32| (Trojan.0Access) -> Bösartig: (C:\RECYCLER\S-1-5-21-1957994488-838170752-682003330-1004\$25e7eb5ad608fd6f0bc1e8926f774602\n.) Gut: (shell32.dll) -> Erfolgreich ersetzt und in Quarantäne gestellt.


 

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)


 

Infizierte Dateien: 3
C:\RECYCLER\S-1-5-18\$25e7eb5ad608fd6f0bc1e8926f774602\n (Trojan.0Access) -> Löschen bei Neustart.
C:\RECYCLER\S-1-5-21-1957994488-838170752-682003330-1004\$25e7eb5ad608fd6f0bc1e8926f774602\n (Trojan.0Access) -> Löschen bei Neustart.
C:\WINDOWS\assembly\GAC\Desktop.ini (Rootkit.0access) -> Löschen bei Neustart.


 

(Ende)

 

 

 

Thanks in advance

 

Norbert

 

 

 


 

 



BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:08 AM

Posted 14 February 2013 - 10:19 AM

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters




  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now




  • Click Start Scan and allow the scan process to run

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue




  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.



  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.



  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the   button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log
  • ESET results


 



#3 NdotA

NdotA
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:08 AM

Posted 15 February 2013 - 12:41 PM

Thank you very very much  for your rapid response.

 

This is just to indicate that I am doing as you said, but it might take some time till this is completed: The eset-scan is running currently for nearly 5 hours and just began to scan my external harddrive. Might take till tomorrow morning.

 

Norbert



#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:08 AM

Posted 15 February 2013 - 01:32 PM

thumbup2.gif



#5 NdotA

NdotA
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:08 AM

Posted 15 February 2013 - 03:12 PM

Things did speed up a bit in the end (:-))

 

But posting my logs I received an error-message about my post being too long (TDSSKiller.log has about 500 kB). How to procede here ?

 

Here are the other two:

 

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-15 13:45:40
-----------------------------
13:45:40.656    OS Version: Windows 5.1.2600 Service Pack 3
13:45:40.656    Number of processors: 4 586 0xF07
13:45:40.656    ComputerName: AUST-Q0HX0CC2TV  UserName: Aust
13:45:41.031    Initialize success
13:49:19.296    AVAST engine defs: 13021500
13:51:18.734    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-19
13:51:18.734    Disk 0 Vendor: SAMSUNG_SP2504C VT100-33 Size: 238475MB BusType: 3
13:51:18.750    Disk 0 MBR read successfully
13:51:18.750    Disk 0 MBR scan
13:51:18.765    Disk 0 Windows XP default MBR code
13:51:18.765    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS        39997 MB offset 63
13:51:18.765    Disk 0 Partition - 00     0F Extended LBA            198467 MB offset 81915435
13:51:18.781    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       198467 MB offset 81915498
13:51:18.781    Disk 0 scanning sectors +488376000
13:51:18.843    Disk 0 scanning C:\WINDOWS\system32\drivers
13:51:25.859    Service scanning
13:51:36.296    Modules scanning
13:51:39.656    Disk 0 trace - called modules:
13:51:39.671    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
13:51:39.671    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfcfc3ab8]
13:51:39.671    3 CLASSPNP.SYS[f6147fd7] -> nt!IofCallDriver -> \Device\0000006f[0xfcfca9e8]
13:51:39.671    5 ACPI.sys[f608f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-19[0xfd036d98]
13:51:40.062    AVAST engine scan C:\WINDOWS
13:51:53.953    AVAST engine scan C:\WINDOWS\system32
13:54:17.578    AVAST engine scan C:\WINDOWS\system32\drivers
13:54:28.281    AVAST engine scan C:\Dokumente und Einstellungen\Aust
13:59:15.109    AVAST engine scan C:\Dokumente und Einstellungen\All Users
14:00:04.671    Scan finished successfully
14:00:51.062    Disk 0 MBR has been saved successfully to "C:\Dokumente und Einstellungen\Aust\Desktop\MBR.dat"
14:00:51.078    The log file has been saved successfully to "C:\Dokumente und Einstellungen\Aust\Desktop\aswMBR.txt"


 


 

C:\Dokumente und Einstellungen\Aust\Lokale Einstellungen\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\6\2e93ba06-27ff635f Java/Exploit.CVE-2013-0422.BM trojan deleted - quarantined
C:\System Volume Information\_restore{84678013-0043-4249-9BD2-00921ABD6823}\RP230\A0036223.ini Win32/Sirefef.EZ trojan cleaned by deleting - quarantined
D:\sonstige downloads\Temperatur cpu und gpu\cpu-z_1.59-setup-en.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
 

 

 

Norbert



#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:08 AM

Posted 15 February 2013 - 03:32 PM

Please post the lower part of TDSSkiller log alone

 

Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.  If you already have it installed launch the program and update the database.

  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.  You can also right click on the link and select Save Link As

Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the icon to launch the program
  • Make sure the following options are checked:

    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply


===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on Search
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


===================================================


Autoruns

--------------------

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log



#7 NdotA

NdotA
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:08 AM

Posted 16 February 2013 - 07:19 AM

This is the lower 20 % of the log (as estimated by the position of the scrollbar).

 

13:33:49.0187 3216  C:\WINDOWS\system32\cmd.exe - ok
13:33:49.0187 3216  [ 5F07EDF60DC19981238A0D8A9622535D ] C:\WINDOWS\system32\wbem\esscli.dll
13:33:49.0187 3216  C:\WINDOWS\system32\wbem\esscli.dll - ok
13:33:49.0187 3216  [ 93908111BA57A6E60EC2FA2DE202105C ] C:\WINDOWS\system32\wbem\wmiapsrv.exe
13:33:49.0187 3216  C:\WINDOWS\system32\wbem\wmiapsrv.exe - ok
13:33:49.0187 3216  [ 5039B29D5678B19B116313FF17D3BEBB ] C:\WINDOWS\system32\wbem\fastprox.dll
13:33:49.0187 3216  C:\WINDOWS\system32\wbem\fastprox.dll - ok
13:33:49.0187 3216  [ 61A613C915E5929DCE1F36EEF6174840 ] C:\WINDOWS\system32\wbem\wmiapres.dll
13:33:49.0187 3216  C:\WINDOWS\system32\wbem\wmiapres.dll - ok
13:33:49.0187 3216  [ 90075AE5778A16AD07A030377E2E95CD ] C:\WINDOWS\system32\comsvcs.dll
13:33:49.0187 3216  C:\WINDOWS\system32\comsvcs.dll - ok
13:33:49.0187 3216  [ 994FC9B10972CAAD35B34A030FB080CE ] C:\WINDOWS\system32\ieframe.dll
13:33:49.0187 3216  C:\WINDOWS\system32\ieframe.dll - ok
13:33:49.0187 3216  [ 17E6FA7A7EBE1864DD5DDCD66D2735DF ] C:\WINDOWS\system32\colbact.dll
13:33:49.0187 3216  C:\WINDOWS\system32\colbact.dll - ok
13:33:49.0203 3216  [ 32328EF720E30CBD8E8E6927A1A27CE6 ] C:\WINDOWS\system32\mtxoci.dll
13:33:49.0203 3216  C:\WINDOWS\system32\mtxoci.dll - ok
13:33:49.0203 3216  [ F4E0C344DDBD3F1DD43B438009A06B77 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
13:33:49.0203 3216  C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
13:33:49.0203 3216  [ 9A7F1691F76E019C11481B6355125072 ] C:\Programme\Real\RealUpgrade\realupgrade.exe
13:33:49.0203 3216  C:\Programme\Real\RealUpgrade\realupgrade.exe - ok
13:33:49.0203 3216  [ BBF69BCF56B41E590B3F52719D002DB3 ] C:\WINDOWS\system32\wbem\wmiutils.dll
13:33:49.0203 3216  C:\WINDOWS\system32\wbem\wmiutils.dll - ok
13:33:49.0203 3216  [ 61E5A4949B77DFF8A776C3C45383AF2E ] C:\WINDOWS\system32\wbem\repdrvfs.dll
13:33:49.0203 3216  C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
13:33:49.0203 3216  [ 7D042D1A9CB2E6E44875B51AD55A305A ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
13:33:49.0203 3216  C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
13:33:49.0203 3216  [ 885CE91BDCDECEDCA6DB0E59D48FB43D ] C:\WINDOWS\system32\wbem\wbemess.dll
13:33:49.0203 3216  C:\WINDOWS\system32\wbem\wbemess.dll - ok
13:33:49.0203 3216  [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe
13:33:49.0203 3216  C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
13:33:49.0218 3216  [ 2ED172D6E7E700617750EB804589C564 ] C:\WINDOWS\system32\licwmi.dll
13:33:49.0218 3216  C:\WINDOWS\system32\licwmi.dll - ok
13:33:49.0218 3216  [ 1A40193DCA65EE985430F6BA9788BFDA ] C:\WINDOWS\system32\wbem\framedyn.dll
13:33:49.0218 3216  C:\WINDOWS\system32\wbem\framedyn.dll - ok
13:33:49.0218 3216  [ D57584096C1DB82B466281B4528D4A2E ] C:\WINDOWS\system32\licdll.dll
13:33:49.0218 3216  C:\WINDOWS\system32\licdll.dll - ok
13:33:49.0218 3216  [ A0611CD67C8D8A4A43079BE68B694A07 ] C:\WINDOWS\msxml3.dll
13:33:49.0218 3216  C:\WINDOWS\msxml3.dll - ok
13:33:49.0218 3216  [ BC83108B18756547013ED443B8CDB31B ] C:\WINDOWS\system32\msvcp100.dll
13:33:49.0218 3216  C:\WINDOWS\system32\msvcp100.dll - ok
13:33:49.0218 3216  [ 8F9D6B4AB86A39319078814ABBDD40BC ] C:\Programme\Real\RealUpgrade\Common\hxmedpltfm.dll
13:33:49.0218 3216  C:\Programme\Real\RealUpgrade\Common\hxmedpltfm.dll - ok
13:33:49.0218 3216  [ 47188B0092466FD476E23DEA70CC1D4F ] C:\Programme\Real\RealUpgrade\Plugins\upgrade.dll
13:33:49.0218 3216  C:\Programme\Real\RealUpgrade\Plugins\upgrade.dll - ok
13:33:49.0218 3216  [ 943407905382C0A6E3993CE5B43076AF ] C:\WINDOWS\system32\msi.dll
13:33:49.0218 3216  C:\WINDOWS\system32\msi.dll - ok
13:33:49.0218 3216  [ FC5F5F2EC1676C7CD898155B6546D2AE ] C:\WINDOWS\system32\rasapi32.dll
13:33:49.0218 3216  C:\WINDOWS\system32\rasapi32.dll - ok
13:33:49.0234 3216  [ D4A61C9CFD998B132541C658E60C239D ] C:\WINDOWS\system32\rasman.dll
13:33:49.0234 3216  C:\WINDOWS\system32\rasman.dll - ok
13:33:49.0234 3216  [ 4B57701BDEECED8714EE21C56DADD390 ] C:\WINDOWS\system32\cryptnet.dll
13:33:49.0234 3216  C:\WINDOWS\system32\cryptnet.dll - ok
13:33:49.0234 3216  [ 197153B4233375F28600C1E87EFE4881 ] C:\WINDOWS\system32\sensapi.dll
13:33:49.0234 3216  C:\WINDOWS\system32\sensapi.dll - ok
13:33:49.0234 3216  [ E07A0AAD5EEAC79210F1FB469CFCE6A2 ] C:\WINDOWS\system32\winhttp.dll
13:33:49.0234 3216  C:\WINDOWS\system32\winhttp.dll - ok
13:33:49.0234 3216  [ 05903CAC4B98908D55EA5774775B382E ] C:\WINDOWS\system32\tapisrv.dll
13:33:49.0234 3216  C:\WINDOWS\system32\tapisrv.dll - ok
13:33:49.0234 3216  [ F9A7B66EA345726EDB5862A46B1ECCD5 ] C:\WINDOWS\system32\rasmans.dll
13:33:49.0234 3216  C:\WINDOWS\system32\rasmans.dll - ok
13:33:49.0234 3216  [ B9E1B91828711D12BBF27C3A29255127 ] C:\WINDOWS\system32\netcfgx.dll
13:33:49.0234 3216  C:\WINDOWS\system32\netcfgx.dll - ok
13:33:49.0234 3216  [ 67F2A1E0D4EF9F276346E9FE5007C6A2 ] C:\WINDOWS\system32\rastapi.dll
13:33:49.0234 3216  C:\WINDOWS\system32\rastapi.dll - ok
13:33:49.0250 3216  [ A0D8D3E40071A2D46A174F358E579FF9 ] C:\WINDOWS\system32\unimdm.tsp
13:33:49.0250 3216  C:\WINDOWS\system32\unimdm.tsp - ok
13:33:49.0250 3216  [ 6880D17F2120260DED52864711FD5D40 ] C:\WINDOWS\system32\uniplat.dll
13:33:49.0250 3216  C:\WINDOWS\system32\uniplat.dll - ok
13:33:49.0250 3216  [ 11BCA3CC1F77872E1F5D5582EA1B21B4 ] C:\WINDOWS\system32\wbem\wmiprov.dll
13:33:49.0250 3216  C:\WINDOWS\system32\wbem\wmiprov.dll - ok
13:33:49.0250 3216  [ 43AD9160D7AF6E7EAD00B485EBBAB6A5 ] C:\WINDOWS\system32\wmi.dll
13:33:49.0250 3216  C:\WINDOWS\system32\wmi.dll - ok
13:33:49.0250 3216  [ B88E7C1BECF19CB7DF5D14C139E1B129 ] C:\WINDOWS\system32\kmddsp.tsp
13:33:49.0250 3216  C:\WINDOWS\system32\kmddsp.tsp - ok
13:33:49.0250 3216  [ B6368A01066D60B47927E70C3FCC4F4E ] C:\WINDOWS\system32\ndptsp.tsp
13:33:49.0250 3216  C:\WINDOWS\system32\ndptsp.tsp - ok
13:33:49.0250 3216  [ FAB9161D01BAFED0FBA37B7EDC2E6C3E ] C:\WINDOWS\system32\ipconf.tsp
13:33:49.0250 3216  C:\WINDOWS\system32\ipconf.tsp - ok
13:33:49.0250 3216  [ A46C35D2222289E11498E63DC255D9EE ] C:\WINDOWS\system32\h323.tsp
13:33:49.0250 3216  C:\WINDOWS\system32\h323.tsp - ok
13:33:49.0250 3216  [ 8E1714FC6103F585F00CF2FA883EB33A ] C:\WINDOWS\system32\hid.dll
13:33:49.0250 3216  C:\WINDOWS\system32\hid.dll - ok
13:33:49.0265 3216  [ B469B24EB3B6A5FA2E9AD4679F209A5A ] C:\WINDOWS\system32\hidphone.tsp
13:33:49.0265 3216  C:\WINDOWS\system32\hidphone.tsp - ok
13:33:49.0265 3216  [ 784CE11452CEE7FA71BE94ACABC8D241 ] C:\WINDOWS\system32\rasppp.dll
13:33:49.0265 3216  C:\WINDOWS\system32\rasppp.dll - ok
13:33:49.0265 3216  [ 41AA6EB6D03E14F64CAE4E661C45F5FC ] C:\WINDOWS\system32\ntlsapi.dll
13:33:49.0265 3216  C:\WINDOWS\system32\ntlsapi.dll - ok
13:33:49.0265 3216  [ 1F869848291EFDBE3883B101EDD39025 ] C:\WINDOWS\system32\rasqec.dll
13:33:49.0265 3216  C:\WINDOWS\system32\rasqec.dll - ok
13:33:49.0265 3216  [ 06BE178035B554A7638CC45030DFB7A5 ] C:\WINDOWS\system32\qutil.dll
13:33:49.0265 3216  C:\WINDOWS\system32\qutil.dll - ok
13:33:49.0265 3216  [ 4180B7506037481BF17339DA0F3960CD ] C:\WINDOWS\system32\raschap.dll
13:33:49.0265 3216  C:\WINDOWS\system32\raschap.dll - ok
13:33:49.0265 3216  [ ED5F55A46B58ACAED1AB49950669AD33 ] C:\WINDOWS\system32\rastls.dll
13:33:49.0265 3216  C:\WINDOWS\system32\rastls.dll - ok
13:33:49.0265 3216  [ A21C2A8E47D40FCC40A2B1573E666A53 ] C:\Programme\Java\jre7\bin\awt.dll
13:33:49.0265 3216  C:\Programme\Java\jre7\bin\awt.dll - ok
13:33:49.0281 3216  [ 966CD21542A62F9AB237D84C451CC137 ] C:\Programme\Java\jre7\bin\client\jvm.dll
13:33:49.0281 3216  C:\Programme\Java\jre7\bin\client\jvm.dll - ok
13:33:49.0281 3216  [ 90760987BCCCF34D05EF6093EC278A96 ] C:\Programme\Java\jre7\bin\dcpr.dll
13:33:49.0281 3216  C:\Programme\Java\jre7\bin\dcpr.dll - ok
13:33:49.0281 3216  [ D2D31D7A394A70040FCAC5F54A130FBA ] C:\Programme\Java\jre7\bin\deploy.dll
13:33:49.0281 3216  C:\Programme\Java\jre7\bin\deploy.dll - ok
13:33:49.0281 3216  [ C09775FEB73BDF16BB87A509C5FF12AD ] C:\Programme\Java\jre7\bin\fontmanager.dll
13:33:49.0281 3216  C:\Programme\Java\jre7\bin\fontmanager.dll - ok
13:33:49.0281 3216  [ B98F28229D292B99FF449FF3647F31BA ] C:\Programme\Java\jre7\bin\java.dll
13:33:49.0281 3216  C:\Programme\Java\jre7\bin\java.dll - ok
13:33:49.0281 3216  [ 23C84DBECF3BD95687623F23BCD66441 ] C:\Programme\Java\jre7\bin\javaw.exe
13:33:49.0281 3216  C:\Programme\Java\jre7\bin\javaw.exe - ok
13:33:49.0281 3216  [ 0384126B913AC2E090804C642302945E ] C:\Programme\Java\jre7\bin\jp2native.dll
13:33:49.0281 3216  C:\Programme\Java\jre7\bin\jp2native.dll - ok
13:33:49.0281 3216  [ CB91CCFA95601066772A004550B55A85 ] C:\Programme\Java\jre7\bin\jpeg.dll
13:33:49.0281 3216  C:\Programme\Java\jre7\bin\jpeg.dll - ok
13:33:49.0296 3216  [ 2E4A927544CDA0279501AA757FFFB538 ] C:\Programme\Java\jre7\bin\net.dll
13:33:49.0296 3216  C:\Programme\Java\jre7\bin\net.dll - ok
13:33:49.0296 3216  [ 805766A11E747A44C7C5FBD7F26E9001 ] C:\Programme\Java\jre7\bin\nio.dll
13:33:49.0296 3216  C:\Programme\Java\jre7\bin\nio.dll - ok
13:33:49.0296 3216  [ 2D168A9627CFCE9C5AC20A90E54D66D4 ] C:\Programme\Java\jre7\bin\verify.dll
13:33:49.0296 3216  C:\Programme\Java\jre7\bin\verify.dll - ok
13:33:49.0296 3216  [ 9D54D4A8C18081F398FEC0D839340542 ] C:\Programme\Java\jre7\bin\zip.dll
13:33:49.0296 3216  C:\Programme\Java\jre7\bin\zip.dll - ok
13:33:49.0296 3216  [ 178A34E5554DCE485E1262DDF027960C ] C:\DOKUME~1\Aust\LOKALE~1\temp\596A0BDC-9475-4B50-9768-9D23FABEDD5C.exe
13:33:49.0296 3216  C:\DOKUME~1\Aust\LOKALE~1\temp\596A0BDC-9475-4B50-9768-9D23FABEDD5C.exe - ok
13:33:49.0296 3216  [ 65657A27D1487BAAFE446ED3E20D2209 ] C:\WINDOWS\system32\msutb.dll
13:33:49.0296 3216  C:\WINDOWS\system32\msutb.dll - ok
13:33:49.0296 3216  [ A4472EA73BFB27132483F86BAFCD7783 ] C:\WINDOWS\system32\msctf.dll
13:33:49.0296 3216  C:\WINDOWS\system32\msctf.dll - ok
13:33:49.0296 3216  [ 5543A9D4A1D0F9F84092482A9373A024 ] C:\WINDOWS\system32\linkinfo.dll
13:33:49.0296 3216  C:\WINDOWS\system32\linkinfo.dll - ok
13:33:49.0296 3216  [ 6AD81A33FE1E1DBB7A1E332C20160D05 ] C:\WINDOWS\system32\ntshrui.dll
13:33:49.0296 3216  C:\WINDOWS\system32\ntshrui.dll - ok
13:33:49.0312 3216  [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\00690329.sys
13:33:49.0312 3216  C:\WINDOWS\system32\drivers\00690329.sys - ok
13:33:49.0312 3216  [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
13:33:49.0312 3216  C:\WINDOWS\system32\webcheck.dll - ok
13:33:49.0312 3216  [ 3CB07566302BCEEB898DE270A0BEC175 ] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
13:33:49.0312 3216  C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe - ok
13:33:49.0312 3216  [ 02F9FA9C679A2BFF4F5A8151619F42CF ] C:\WINDOWS\system32\mlang.dll
13:33:49.0312 3216  C:\WINDOWS\system32\mlang.dll - ok
13:33:49.0312 3216  [ DE2CD737BB7C6B2F391D54A06C1B80A1 ] C:\WINDOWS\system32\stobject.dll
13:33:49.0312 3216  C:\WINDOWS\system32\stobject.dll - ok
13:33:49.0312 3216  [ F84AC3459F5ED9B77BC38C481F744729 ] C:\WINDOWS\system32\batmeter.dll
13:33:49.0312 3216  C:\WINDOWS\system32\batmeter.dll - ok
13:33:49.0312 3216  [ 045E228F71C31901084B64BE59093499 ] C:\WINDOWS\system32\WPDShServiceObj.dll
13:33:49.0312 3216  C:\WINDOWS\system32\WPDShServiceObj.dll - ok
13:33:49.0312 3216  [ 01D92A226791867F2DED688F25271905 ] C:\Programme\EPSON Software\Event Manager\EEventManager.exe
13:33:49.0312 3216  C:\Programme\EPSON Software\Event Manager\EEventManager.exe - ok
13:33:49.0328 3216  [ 0C4C0E39C4E94DE73E2FC4853898463D ] C:\WINDOWS\system32\mydocs.dll
13:33:49.0328 3216  C:\WINDOWS\system32\mydocs.dll - ok
13:33:49.0328 3216  [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
13:33:49.0328 3216  C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe - ok
13:33:49.0328 3216  [ 22358578CB321F3325496A3723029409 ] C:\WINDOWS\system32\PortableDeviceTypes.dll
13:33:49.0328 3216  C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
13:33:49.0328 3216  [ 9D45B2201D0ECF9F42136C7B99DEB8B2 ] C:\WINDOWS\system32\PortableDeviceApi.dll
13:33:49.0328 3216  C:\WINDOWS\system32\PortableDeviceApi.dll - ok
13:33:49.0328 3216  [ 81ADBC4E31A721AEF23251A952049BA2 ] C:\Programme\Adobe\Reader 10.0\Reader\reader_sl.exe
13:33:49.0328 3216  C:\Programme\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
13:33:49.0328 3216  [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
13:33:49.0328 3216  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll - ok
13:33:49.0328 3216  [ 121E5C473F0AD53BCFDB6E8181C44F81 ] C:\WINDOWS\system32\netshell.dll
13:33:49.0328 3216  C:\WINDOWS\system32\netshell.dll - ok
13:33:49.0328 3216  [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
13:33:49.0328 3216  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll - ok
13:33:49.0328 3216  [ AFF1657382B09291DCB40ECFD2B673F2 ] C:\WINDOWS\system32\credui.dll
13:33:49.0328 3216  C:\WINDOWS\system32\credui.dll - ok
13:33:49.0343 3216  [ 6B08275230504D5112CE379A3D9DF8D9 ] C:\WINDOWS\system32\dot3api.dll
13:33:49.0343 3216  C:\WINDOWS\system32\dot3api.dll - ok
13:33:49.0343 3216  [ AE1BFF56A081E11208AFFCC7209BF5CE ] C:\WINDOWS\system32\dot3dlg.dll
13:33:49.0343 3216  C:\WINDOWS\system32\dot3dlg.dll - ok
13:33:49.0343 3216  [ 4BAC361B11D8C5F3B38EC668ADD95D60 ] C:\WINDOWS\system32\onex.dll
13:33:49.0343 3216  C:\WINDOWS\system32\onex.dll - ok
13:33:49.0343 3216  [ 14FA15EF89423FBFE55F55BB892C5CF2 ] C:\WINDOWS\system32\eappcfg.dll
13:33:49.0343 3216  C:\WINDOWS\system32\eappcfg.dll - ok
13:33:49.0343 3216  [ D6633FC7D1FCE7DCD7A1FE2564DC4FA6 ] C:\WINDOWS\system32\eappprxy.dll
13:33:49.0343 3216  C:\WINDOWS\system32\eappprxy.dll - ok
13:33:49.0343 3216  [ 48E6868781B4E8BF4B77DBEC7694BCE8 ] C:\Programme\Real\RealPlayer\Update\realsched.exe
13:33:49.0343 3216  C:\Programme\Real\RealPlayer\Update\realsched.exe - ok
13:33:49.0343 3216  [ E6D88F1F6745BF00B57E7855A2AB696C ] C:\WINDOWS\system32\netman.dll
13:33:49.0343 3216  C:\WINDOWS\system32\netman.dll - ok
13:33:49.0343 3216  [ 7E1B0C85B7347D9391FE60F6DADFDDF0 ] C:\Programme\Microsoft Security Client\msseces.exe
13:33:49.0343 3216  C:\Programme\Microsoft Security Client\msseces.exe - ok
13:33:49.0359 3216  [ 3F3A26E471CCCB3CFFCA68F0C052F35F ] C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIIKE.EXE
13:33:49.0359 3216  C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIIKE.EXE - ok
13:33:49.0359 3216  [ 41696F6200C7151CC0A4A26816E3F577 ] C:\WINDOWS\system32\wzcsapi.dll
13:33:49.0359 3216  C:\WINDOWS\system32\wzcsapi.dll - ok
13:33:49.0359 3216  [ C4F109C005F6725162D2D12CA751E4A7 ] C:\WINDOWS\system32\wzcsvc.dll
13:33:49.0359 3216  C:\WINDOWS\system32\wzcsvc.dll - ok
13:33:49.0359 3216  [ FDAEAC1E9C7CD04B5E1FD02C83F79126 ] C:\WINDOWS\system32\oledlg.dll
13:33:49.0359 3216  C:\WINDOWS\system32\oledlg.dll - ok
13:33:49.0359 3216  [ 27EE4C04D81A9B5658C819C43221598B ] C:\WINDOWS\system32\eapolqec.dll
13:33:49.0359 3216  C:\WINDOWS\system32\eapolqec.dll - ok
13:33:49.0359 3216  [ EE5B38DD8B8EBBE8868B9EF00B815585 ] C:\Programme\Real\RealPlayer\Update\setu3270.dll
13:33:49.0359 3216  C:\Programme\Real\RealPlayer\Update\setu3270.dll - ok
13:33:49.0359 3216  [ 2031DCC0083A134AF9451CD1402FFCE3 ] C:\Programme\EPSON Software\Event Manager\LcMgr.dll
13:33:49.0359 3216  C:\Programme\EPSON Software\Event Manager\LcMgr.dll - ok
13:33:49.0359 3216  [ 51A34398C23DD48AA9614C2C7BFE222A ] C:\Programme\EPSON Software\Event Manager\ScanEngine30.dll
13:33:49.0359 3216  C:\Programme\EPSON Software\Event Manager\ScanEngine30.dll - ok
13:33:49.0359 3216  [ 930C61F63FB900CEE15D4EEB98BD5238 ] C:\Programme\EPSON Software\Event Manager\ScnCom10.dll
13:33:49.0359 3216  C:\Programme\EPSON Software\Event Manager\ScnCom10.dll - ok
13:33:49.0375 3216  [ 1A1CEF512F488D45BB624C148E53356D ] C:\Programme\EPSON Software\Event Manager\ScnMgr10.dll
13:33:49.0375 3216  C:\Programme\EPSON Software\Event Manager\ScnMgr10.dll - ok
13:33:49.0375 3216  [ 903E85BA90D0A9D32368B200634B2B67 ] C:\Programme\EPSON Software\Event Manager\ScnEps25.dll
13:33:49.0375 3216  C:\Programme\EPSON Software\Event Manager\ScnEps25.dll - ok
13:33:49.0375 3216  [ 43824B5B1B120B31934EC2620CBBCEB2 ] C:\WINDOWS\twain_32.dll
13:33:49.0375 3216  C:\WINDOWS\twain_32.dll - ok
13:33:49.0375 3216  [ 24ABEFFDE26EDD53F33187FB46068876 ] C:\WINDOWS\system32\upnp.dll
13:33:49.0375 3216  C:\WINDOWS\system32\upnp.dll - ok
13:33:49.0375 3216  [ 3D767AEE39A52CD806F5371837BE2948 ] C:\WINDOWS\twain_32\D125U\CISDS.ds
13:33:49.0375 3216  C:\WINDOWS\twain_32\D125U\CISDS.ds - ok
13:33:49.0375 3216  [ 01243FA89FBEC041E873DE8386138440 ] C:\Programme\Real\RealPlayer\realplay.exe
13:33:49.0375 3216  C:\Programme\Real\RealPlayer\realplay.exe - ok
13:33:49.0375 3216  [ 3F541BFA1043223844EBBFEBE3ED1AD8 ] C:\WINDOWS\system32\ssdpapi.dll
13:33:49.0375 3216  C:\WINDOWS\system32\ssdpapi.dll - ok
13:33:49.0375 3216  [ F80A415EF82CD06FFAF0D971528EAD38 ] C:\WINDOWS\system32\drivers\http.sys
13:33:49.0375 3216  C:\WINDOWS\system32\drivers\http.sys - ok
13:33:49.0390 3216  [ 020D5F7ABD814935C1BBD55D97F11DB8 ] C:\Programme\Real\RealPlayer\rpwa3260.dll
13:33:49.0390 3216  C:\Programme\Real\RealPlayer\rpwa3260.dll - ok
13:33:49.0390 3216  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] C:\WINDOWS\system32\ssdpsrv.dll
13:33:49.0390 3216  C:\WINDOWS\system32\ssdpsrv.dll - ok
13:33:49.0390 3216  [ 31940D74AE890495C73E37482F150DC3 ] C:\WINDOWS\system32\rasdlg.dll
13:33:49.0390 3216  C:\WINDOWS\system32\rasdlg.dll - ok
13:33:49.0390 3216  [ 64B0B8BA0F5F1DADE2159D99DBF48E99 ] C:\WINDOWS\system32\wbem\mofd.dll
13:33:49.0390 3216  C:\WINDOWS\system32\wbem\mofd.dll - ok
13:33:49.0390 3216  [ 466BCA1A8189310D3B4BA451992AC9EA ] C:\WINDOWS\twain_32\escndv\nx200.ds
13:33:49.0390 3216  C:\WINDOWS\twain_32\escndv\nx200.ds - ok
13:33:49.0390 3216  [ FB2BE4175BF06D592F2C95E5863CA198 ] C:\WINDOWS\twain_32\escndv\xp300.ds
13:33:49.0390 3216  C:\WINDOWS\twain_32\escndv\xp300.ds - ok
13:33:49.0390 3216  [ 944F5A8AD85A77340B0A435A1D50B271 ] C:\WINDOWS\twain_32\wiatwain.ds
13:33:49.0390 3216  C:\WINDOWS\twain_32\wiatwain.ds - ok
13:33:49.0390 3216  [ CE82DCA30696C3DA94B38C61BD39AF12 ] C:\WINDOWS\system32\wiadss.dll
13:33:49.0390 3216  C:\WINDOWS\system32\wiadss.dll - ok
13:33:49.0406 3216  [ 7D0356047D042995744358FC9B33F540 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
13:33:49.0406 3216  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll - ok
13:33:49.0406 3216  [ 10A3CD6D634BC3380DC33696C9EC319D ] C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FAUDIKE.DLL
13:33:49.0406 3216  C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FAUDIKE.DLL - ok
13:33:49.0406 3216  [ 177A91DD3139B732E36308DBF06A77B1 ] C:\Programme\EPSON Software\Event Manager\EPNSM.dll
13:33:49.0406 3216  C:\Programme\EPSON Software\Event Manager\EPNSM.dll - ok
13:33:49.0406 3216  [ 637124CDBFF5819CB8A8478838A33048 ] C:\Programme\EPSON Software\Event Manager\ESPSUTL.dll
13:33:49.0406 3216  C:\Programme\EPSON Software\Event Manager\ESPSUTL.dll - ok
13:33:49.0406 3216  [ 0DBEE38060475A4C3E04D3B908AEC0B9 ] C:\Programme\Microsoft Security Client\EppManifest.dll
13:33:49.0406 3216  C:\Programme\Microsoft Security Client\EppManifest.dll - ok
13:33:49.0406 3216  [ EA8E4B556205ECEAE826F78FD61EF044 ] C:\WINDOWS\system32\msftedit.dll
13:33:49.0406 3216  C:\WINDOWS\system32\msftedit.dll - ok
13:33:49.0406 3216  [ 5E38019C241BF585EBFE38AD8AD5E687 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FLMWIKE.DLL
13:33:49.0406 3216  C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FLMWIKE.DLL - ok
13:33:49.0406 3216  [ E9D2268BD74D7ADAE2F0A719407D417B ] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON\EPSON XP-302 303 305 306 Series\Language\0407.E_SIE0B7.DLL
13:33:49.0406 3216  C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON\EPSON XP-302 303 305 306 Series\Language\0407.E_SIE0B7.DLL - ok
13:33:49.0406 3216  [ 7F1AF34FC8DD59A354B8C6872E2A9D8E ] C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FABRIKE.DLL
13:33:49.0406 3216  C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FABRIKE.DLL - ok
13:33:49.0421 3216  [ D475BBD6FEF8DB2DDE0DA7CCFD2C9042 ] C:\Programme\Microsoft Security Client\SqmApi.dll
13:33:49.0421 3216  C:\Programme\Microsoft Security Client\SqmApi.dll - ok
13:33:49.0421 3216  [ F437A85A16C8B6AF3997CDD5931F23CD ] C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FASOIKE.DLL
13:33:49.0421 3216  C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FASOIKE.DLL - ok
13:33:49.0421 3216  [ 6F79937B711CBB15D1DE7EDC398A6052 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FAPRIKE.DLL
13:33:49.0421 3216  C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FAPRIKE.DLL - ok
13:33:49.0421 3216  [ B29E6123DAB4171A98F6D7A7DEDE3976 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FBA7IKE.DLL
13:33:49.0421 3216  C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FBA7IKE.DLL - ok
13:33:49.0421 3216  [ C2561BFF60C5CF0E69000DB1C341B977 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FBL6IKE.DLL
13:33:49.0421 3216  C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FBL6IKE.DLL - ok
13:33:49.0421 3216  [ C93C59748017A88028EE68095FC3C336 ] C:\WINDOWS\system32\bidispl.dll
13:33:49.0421 3216  C:\WINDOWS\system32\bidispl.dll - ok
13:33:49.0421 3216  [ 4AEE5B9A72A4473ABA52E930E65BC0F5 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FBEWIKE.DLL
13:33:49.0421 3216  C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FBEWIKE.DLL - ok
13:33:49.0421 3216  [ 14D497970C1C43B8159D59BC7FAF8A4C ] C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FERSIKE.DLL
13:33:49.0421 3216  C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FERSIKE.DLL - ok
13:33:49.0437 3216  [ 165AE7A443F2139DD2C078AD87699F91 ] C:\PROGRA~1\MICROS~2\OFFICE11\MSOHEV.DLL
13:33:49.0437 3216  C:\PROGRA~1\MICROS~2\OFFICE11\MSOHEV.DLL - ok
13:33:49.0437 3216  [ 755A529EF5EA3960835507A727FABE56 ] C:\WINDOWS\system32\wbem\ncprov.dll
13:33:49.0437 3216  C:\WINDOWS\system32\wbem\ncprov.dll - ok
13:33:49.0437 3216  [ C7636BA48F5BA08AD427E6FBECC32679 ] C:\WINDOWS\system32\wbem\wbemcons.dll
13:33:49.0437 3216  C:\WINDOWS\system32\wbem\wbemcons.dll - ok
13:33:49.0437 3216  [ 58FE863562FBBB4836D1DCD074199B79 ] C:\WINDOWS\system32\mmcshext.dll
13:33:49.0437 3216  C:\WINDOWS\system32\mmcshext.dll - ok
13:33:49.0437 3216  [ AE98F1471C7836ED5F5AAFA2962E5EA7 ] C:\WINDOWS\system32\hhsetup.dll
13:33:49.0437 3216  C:\WINDOWS\system32\hhsetup.dll - ok
13:33:49.0437 3216  [ C30D3CD8CB1FB74E814F00382ECBDCAF ] C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FLGRIKE.DLL
13:33:49.0437 3216  C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FLGRIKE.DLL - ok
13:33:49.0437 3216  [ C032D649B6482847EA21B1440B42A5D9 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FMAIIKE.DLL
13:33:49.0437 3216  C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FMAIIKE.DLL - ok
13:33:49.0437 3216  [ 41CF887022E0102A3FBED18BC59DC728 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FUICIKE.DLL
13:33:49.0437 3216  C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FUICIKE.DLL - ok
13:33:49.0453 3216  [ 7A1A337F21B4AA0FD2325B85DE669E64 ] C:\WINDOWS\system32\wsnmp32.dll
13:33:49.0453 3216  C:\WINDOWS\system32\wsnmp32.dll - ok
13:33:49.0453 3216  [ 5DFE72B9F1FF669070FC032090B7B982 ] C:\Programme\Gemeinsame Dateien\Java\Java Update\jucheck.exe
13:33:49.0453 3216  C:\Programme\Gemeinsame Dateien\Java\Java Update\jucheck.exe - ok
13:33:49.0453 3216  [ 315F60FEDCFDACD6A6DBA0A28596F551 ] C:\Programme\Java\jre7\bin\javaws.exe
13:33:49.0453 3216  C:\Programme\Java\jre7\bin\javaws.exe - ok
13:33:49.0453 3216  [ AF20DA051DE39496C098F2F33B958E94 ] C:\Programme\Java\jre7\bin\java.exe
13:33:49.0453 3216  C:\Programme\Java\jre7\bin\java.exe - ok
13:33:49.0453 3216  [ 36969CF86E51EC8ED202B40F2FA80AA6 ] C:\WINDOWS\system32\d3d9.dll
13:33:49.0453 3216  C:\WINDOWS\system32\d3d9.dll - ok
13:33:49.0453 3216  [ E82A231AB45BB6C73B19AA4247AC931C ] C:\WINDOWS\system32\d3d8thk.dll
13:33:49.0453 3216  C:\WINDOWS\system32\d3d8thk.dll - ok
13:33:49.0453 3216  [ 9BD441989F88AFDE357406CF03CCE140 ] C:\WINDOWS\MM_BAH~1.SCR
13:33:49.0453 3216  C:\WINDOWS\MM_BAH~1.SCR - ok
13:33:49.0453 3216  [ FD53BD3522D236DBBE1028FEC86B6325 ] C:\Programme\Java\jre7\bin\sunec.dll
13:33:49.0453 3216  C:\Programme\Java\jre7\bin\sunec.dll - ok
13:33:49.0453 3216  [ 139950F5DABFCBAB9F5C5531943A0469 ] C:\Programme\Java\jre7\bin\sunmscapi.dll
13:33:49.0453 3216  C:\Programme\Java\jre7\bin\sunmscapi.dll - ok
13:33:49.0468 3216  [ 854526C2E576C56F6E99D08D314B219D ] C:\Programme\MM_Bahn_V3\dllxs32.dll
13:33:49.0468 3216  C:\Programme\MM_Bahn_V3\dllxs32.dll - ok
13:33:49.0468 3216  [ 25A04FAAC9EEDB2E4CF2495CE215AB19 ] C:\Programme\MM_Bahn_V3\v3w32_0.DLL
13:33:49.0468 3216  C:\Programme\MM_Bahn_V3\v3w32_0.DLL - ok
13:33:49.0468 3216  [ F36D3ADB29DECCF5877974B67F6D5664 ] C:\Programme\MM_Bahn_V3\v3w32_1.DLL
13:33:49.0468 3216  C:\Programme\MM_Bahn_V3\v3w32_1.DLL - ok
13:33:49.0468 3216  [ 5162EA157F8B55642DBE6B8D03E862D8 ] C:\Programme\MM_Bahn_V3\v3w32_2.DLL
13:33:49.0468 3216  C:\Programme\MM_Bahn_V3\v3w32_2.DLL - ok
13:33:49.0468 3216  [ 97C65D6A03241E3BBA86CD4FD4B35D48 ] C:\Programme\MM_Bahn_V3\v3w32_3.DLL
13:33:49.0468 3216  C:\Programme\MM_Bahn_V3\v3w32_3.DLL - ok
13:33:49.0468 3216  [ 6D27FF3C4B80949451B6F6E3B49FEE6A ] C:\Programme\MM_Bahn_V3\v3w32_4.DLL
13:33:49.0468 3216  C:\Programme\MM_Bahn_V3\v3w32_4.DLL - ok
13:33:49.0468 3216  [ 1987F88C3E16C1FC591DA7D66BEEB5E8 ] C:\Programme\MM_Bahn_V3\v3w32_5.DLL
13:33:49.0468 3216  C:\Programme\MM_Bahn_V3\v3w32_5.DLL - ok
13:33:49.0468 3216  [ CFED6F2677CDD59F6C5C7B7BBA8C8ECF ] C:\Programme\MM_Bahn_V3\v3w32_6.DLL
13:33:49.0468 3216  C:\Programme\MM_Bahn_V3\v3w32_6.DLL - ok
13:33:49.0484 3216  [ F4A685A1B5CE8C02B5E89A7B9328CEDB ] C:\Programme\MM_Bahn_V3\v3w32_7.DLL
13:33:49.0484 3216  C:\Programme\MM_Bahn_V3\v3w32_7.DLL - ok
13:33:49.0484 3216  [ FAC854843BEBA017AA8EEE9EFAC3F678 ] C:\Programme\MM_Bahn_V3\v3w32_8.DLL
13:33:49.0484 3216  C:\Programme\MM_Bahn_V3\v3w32_8.DLL - ok
13:33:49.0484 3216  [ 5AB997B6F6C6F53EE5306604F0EC23F4 ] C:\Programme\MM_Bahn_V3\v3w32_9.DLL
13:33:49.0484 3216  C:\Programme\MM_Bahn_V3\v3w32_9.DLL - ok
13:33:49.0484 3216  [ 776C7892ED6F69AEDB1365917F6D443D ] C:\Programme\MM_Bahn_V3\v3w32_10.DLL
13:33:49.0484 3216  C:\Programme\MM_Bahn_V3\v3w32_10.DLL - ok
13:33:49.0484 3216  [ 6C26909127AF418B0DED6F0FBCFB0295 ] C:\Programme\MM_Bahn_V3\v3w32_11.DLL
13:33:49.0484 3216  C:\Programme\MM_Bahn_V3\v3w32_11.DLL - ok
13:33:49.0484 3216  [ 72F42015FB02F3C49E687327C17F19C4 ] C:\Programme\MM_Bahn_V3\v3w32_LD.DLL
13:33:49.0484 3216  C:\Programme\MM_Bahn_V3\v3w32_LD.DLL - ok
13:33:49.0484 3216  [ DEECF518EC1AAE94100A479C33484746 ] C:\Programme\Microsoft Security Client\MpCommu.dll
13:33:49.0484 3216  C:\Programme\Microsoft Security Client\MpCommu.dll - ok
13:33:49.0484 3216  [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\system32\wuapi.dll
13:33:49.0484 3216  C:\WINDOWS\system32\wuapi.dll - ok
13:33:49.0500 3216  [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll
13:33:49.0500 3216  C:\WINDOWS\system32\wups.dll - ok
13:33:49.0500 3216  [ CD554362B82587991A244CF563283F63 ] C:\WINDOWS\system32\msisip.dll
13:33:49.0500 3216  C:\WINDOWS\system32\msisip.dll - ok
13:33:49.0500 3216  [ E7908D45F5955CF4091CCA8FD77658CA ] C:\WINDOWS\system32\wshext.dll
13:33:49.0500 3216  C:\WINDOWS\system32\wshext.dll - ok
13:33:49.0500 3216  [ F3AD8EA144F411A6292775FA2B230DE5 ] C:\WINDOWS\system32\windowspowershell\v1.0\pwrshsip.dll
13:33:49.0500 3216  C:\WINDOWS\system32\windowspowershell\v1.0\pwrshsip.dll - ok
13:33:49.0500 3216  [ 3A7F8ADD0A205D6816BF95058A41D015 ] C:\WINDOWS\system32\defrag.exe
13:33:49.0500 3216  C:\WINDOWS\system32\defrag.exe - ok
13:33:49.0500 3216  [ 89CBBE01078E12EB98C4FB2F8690C339 ] C:\WINDOWS\system32\dfrgres.dll
13:33:49.0500 3216  C:\WINDOWS\system32\dfrgres.dll - ok
13:33:49.0500 3216  [ CEB5F891664EE9E65DF4F87CD4F34294 ] C:\WINDOWS\system32\dfrgntfs.exe
13:33:49.0500 3216  C:\WINDOWS\system32\dfrgntfs.exe - ok
13:33:49.0500 3216  [ C5D03782AFB837DDEF8B18A1C248A89B ] C:\WINDOWS\system32\catsrvut.dll
13:33:49.0500 3216  C:\WINDOWS\system32\catsrvut.dll - ok
13:33:49.0500 3216  [ 16C270407BADF0B87B01459AA1B29F39 ] C:\WINDOWS\system32\catsrv.dll
13:33:49.0500 3216  C:\WINDOWS\system32\catsrv.dll - ok
13:33:49.0515 3216  [ 29714603FB50C13BFA0E763628D64FA2 ] C:\WINDOWS\system32\mfcsubs.dll
13:33:49.0515 3216  C:\WINDOWS\system32\mfcsubs.dll - ok
13:33:49.0515 3216  [ 7EFE8422E6C7D964B0ABE7E79CBAA1A6 ] C:\WINDOWS\system32\scrobj.dll
13:33:49.0515 3216  C:\WINDOWS\system32\scrobj.dll - ok
13:33:49.0515 3216  [ F6B34CD47CAF6D68106B9F8055F35C50 ] C:\WINDOWS\system32\rundll32.exe
13:33:49.0515 3216  C:\WINDOWS\system32\rundll32.exe - ok
13:33:49.0515 3216  ============================================================
13:33:49.0515 3216  Scan finished
13:33:49.0515 3216  ============================================================
13:33:49.0515 3228  Detected object count: 0
13:33:49.0515 3228  Actual detected object count: 0
13:34:27.0625 2720  Deinitialize success

 

 

Then I will proceed as directed to do in your last mail.

 

Regards

 

Norbert



#8 NdotA

NdotA
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:08 AM

Posted 16 February 2013 - 08:13 AM

Phew, this wa skind of a job.

 

Malwarebytes:

I did run it from my installation (but let it update its database first):

 

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org


 

Datenbank Version: v2013.02.16.02


 

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Aust :: AUST-Q0HX0CC2TV [Administrator]


 

16.02.2013 13:01:44
mbam-log-2013-02-16 (13-01-44).txt


 

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 226516
Laufzeit: 7 Minute(n),


 

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)


 

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)


 

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)


 

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)


 

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)


 

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)


 

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)


 

(Ende)

 

MiniToolBox (I did set List devices to 'all')

 

MiniToolBox by Farbar  Version:10-01-2013
Ran by Aust (administrator) on 16-02-2013 at 13:13:37
Running from "C:\Dokumente und Einstellungen\Aust\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************


 

========================= Flush DNS: ===================================


 


Windows-IP-Konfiguration


 

 


 

Der DNS-Auflösungscache wurde geleert.


 


========================= IE Proxy Settings: ==============================


 

Proxy is not enabled.
No Proxy Server is set.


 

"Reset IE Proxy Settings": IE Proxy Settings were reset.


 

========================= FF Proxy Settings: ==============================


 


"Reset FF Proxy Settings": Firefox Proxy settings were reset.


 

========================= Hosts content: =================================


 

127.0.0.1       localhost


 

========================= IP Configuration: ================================


 

Speedport W 102 Stick IEEE 802.11n USB 2.0 Adapter = Drahtlose Netzwerkverbindung 5 (Connected)
Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC = LAN-Verbindung (Media disconnected)


 


# ----------------------------------
# Schnittstellen-IP-Konfiguration
# ----------------------------------
pushd interface ip


 


# Schnittstellen-IP-Konfiguration für ""LAN-Verbindung""


 

set address name="LAN-Verbindung" source=dhcp
set dns name="LAN-Verbindung" source=dhcp register=PRIMARY
set wins name="LAN-Verbindung" source=dhcp


 

# Schnittstellen-IP-Konfiguration für ""Drahtlose Netzwerkverbindung 5""


 

set address name="Drahtlose Netzwerkverbindung 5" source=dhcp
set dns name="Drahtlose Netzwerkverbindung 5" source=dhcp register=PRIMARY
set wins name="Drahtlose Netzwerkverbindung 5" source=dhcp


 


popd
# Ende der Schnittstellen-IP-Konfiguration


 

 


 


Windows-IP-Konfiguration


 

 


 

        Hostname. . . . . . . . . . . . . : aust-q0hx0cc2tv


 

        Primäres DNS-Suffix . . . . . . . :


 

        Knotentyp . . . . . . . . . . . . : Unbekannt


 

        IP-Routing aktiviert. . . . . . . : Nein


 

        WINS-Proxy aktiviert. . . . . . . : Nein


 

        DNS-Suffixsuchliste . . . . . . . : Speedport_W_504V_Typ_A


 

 


 

Ethernetadapter LAN-Verbindung:


 

 


 

        Medienstatus. . . . . . . . . . . : Es besteht keine Verbindung


 

        Beschreibung. . . . . . . . . . . : Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC


 

        Physikalische Adresse . . . . . . : 00-19-DB-B1-7B-16


 

 


 

Ethernetadapter Drahtlose Netzwerkverbindung 5:


 

 


 

        Verbindungsspezifisches DNS-Suffix: Speedport_W_504V_Typ_A


 

        Beschreibung. . . . . . . . . . . : Speedport W 102 Stick IEEE 802.11n USB 2.0 Adapter #3


 

        Physikalische Adresse . . . . . . : 00-26-4D-3E-BD-FC


 

        DHCP aktiviert. . . . . . . . . . : Ja


 

        Autokonfiguration aktiviert . . . : Ja


 

        IP-Adresse. . . . . . . . . . . . : 192.168.2.100


 

        Subnetzmaske. . . . . . . . . . . : 255.255.255.0


 

        Standardgateway . . . . . . . . . : 192.168.2.1


 

        DHCP-Server . . . . . . . . . . . : 192.168.2.1


 

        DNS-Server. . . . . . . . . . . . : 192.168.2.1


 

        Lease erhalten. . . . . . . . . . : Samstag, 16. Februar 2013 12:42:59


 

        Lease läuft ab. . . . . . . . . . : Samstag, 9. März 2013 12:42:59


 

Server:  speedport.ip
Address:  192.168.2.1


 

Name:    google.com
Addresses:  173.194.35.163, 173.194.35.174, 173.194.35.161, 173.194.35.166
   173.194.35.164, 173.194.35.169, 173.194.35.167, 173.194.35.160, 173.194.35.165
   173.194.35.168, 173.194.35.162


 

 


 

Ping google.com [173.194.35.163] mit 32 Bytes Daten:


 

 


 

Antwort von 173.194.35.163: Bytes=32 Zeit=50ms TTL=57


 

Antwort von 173.194.35.163: Bytes=32 Zeit=50ms TTL=57


 

 


 

Ping-Statistik fr 173.194.35.163:


 

    Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0 (0% Verlust),


 

Ca. Zeitangaben in Millisek.:


 

    Minimum = 50ms, Maximum = 50ms, Mittelwert = 50ms


 

Server:  speedport.ip
Address:  192.168.2.1


 

Name:    yahoo.com
Addresses:  98.139.183.24, 206.190.36.45, 98.138.253.109


 

 


 

Ping yahoo.com [98.138.253.109] mit 32 Bytes Daten:


 

 


 

Antwort von 98.138.253.109: Bytes=32 Zeit=241ms TTL=52


 

Antwort von 98.138.253.109: Bytes=32 Zeit=272ms TTL=52


 

 


 

Ping-Statistik fr 98.138.253.109:


 

    Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0 (0% Verlust),


 

Ca. Zeitangaben in Millisek.:


 

    Minimum = 241ms, Maximum = 272ms, Mittelwert = 256ms


 

 


 

Ping wird ausgefhrt fr 127.0.0.1 mit 32 Bytes Daten:


 

 


 

Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128


 

Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128


 

 


 

Ping-Statistik fr 127.0.0.1:


 

    Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0 (0% Verlust),


 

Ca. Zeitangaben in Millisek.:


 

    Minimum = 0ms, Maximum = 0ms, Mittelwert = 0ms


 

===========================================================================
Schnittstellenliste
0x1 ........................... MS TCP Loopback interface
0x2 ...00 19 db b1 7b 16 ...... Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC - Paketplaner-Miniport
0x10004 ...00 26 4d 3e bd fc ...... Speedport W 102 Stick IEEE 802.11n USB 2.0 Adapter #3 - Paketplaner-Miniport
===========================================================================
===========================================================================
Aktive Routen:
     Netzwerkziel    Netzwerkmaske          Gateway   Schnittstelle  Anzahl
          0.0.0.0          0.0.0.0      192.168.2.1   192.168.2.100   10
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1   1
      192.168.2.0    255.255.255.0    192.168.2.100   192.168.2.100   10
    192.168.2.100  255.255.255.255        127.0.0.1       127.0.0.1   10
    192.168.2.255  255.255.255.255    192.168.2.100   192.168.2.100   10
        224.0.0.0        240.0.0.0    192.168.2.100   192.168.2.100   10
  255.255.255.255  255.255.255.255    192.168.2.100               2   1
  255.255.255.255  255.255.255.255    192.168.2.100   192.168.2.100   1
Standardgateway:       192.168.2.1
===========================================================================
St„ndige Routen:
  Keine
========================= Winsock entries =====================================


 

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"


 

Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"


 

Catalog9 01 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)


 

========================= Event log errors: ===============================


 

Application errors:
==================
Error: (02/15/2013 01:44:52 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 unspecified, P2 hardeningtelemetry, P3 hardeningtelemetrydisablertp, P4 4.1.522.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.


 

Error: (02/14/2013 10:45:47 AM) (Source: Microsoft Security Client) (User: )
Description: mssecurityclientsetup.exe4.1.522.00x80070003morrobootstraper__cinstallflow__internalrun - getbackupactionmorrobootstraper__cflow__processflowactionresult0security essentialsNILNILNIL


 

Error: (02/14/2013 10:45:47 AM) (Source: Microsoft Security Client) (User: )
Description: mssecurityclientsetup.exe4.1.522.00x80070424morrobootstraper__cinstallflow__internalrun - getenablefirewallactionmorrobootstraper__cflow__processflowactionresult0security essentialsNILNILNIL


 

Error: (02/14/2013 10:45:43 AM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 0x80070003, P2 moac, P3 cachereset, P4 4.1.522.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.


 

Error: (01/10/2013 11:32:10 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown


 

Error: (12/12/2012 02:12:27 PM) (Source: Application Error) (User: )
Description: Fehlgeschlagene Anwendung iexplore.exe, Version 8.0.6001.18702, fehlgeschlagenes Modul flash32_11_5_502_110.ocx, Version 11.5.502.110, Fehleradresse 0x000adc7a.
Das medienspezifische Ereignis für [iexplore.exe!ws!] wird verarbeitet.


 

Error: (11/29/2012 04:45:09 AM) (Source: Application Error) (User: )
Description: Fehlgeschlagene Anwendung rundll32.exe, Version 5.1.2600.5512, fehlgeschlagenes Modul unknown, Version 0.0.0.0, Fehleradresse 0x73d368f6.
Das medienspezifische Ereignis für [rundll32.exe!ws!] wird verarbeitet.


 

Error: (11/18/2012 01:30:09 PM) (Source: Application Error) (User: )
Description: Fehlgeschlagene Anwendung viewer.exe, Version 0.0.0.0, fehlgeschlagenes Modul viewer.exe, Version 0.0.0.0, Fehleradresse 0x000038d2.
Das medienspezifische Ereignis für [viewer.exe!ws!] wird verarbeitet.


 

Error: (11/16/2012 01:06:58 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 0x80070670, P2 patchapplication, P3 am bdd, P4 11.1.3927.0, P5 mpsigstub.exe, P6 4.1.522.0, P7 microsoft security essentials, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.


 

Error: (11/16/2012 09:33:10 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: WindowsBase, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80131f06


 


System errors:
=============
Error: (02/16/2013 00:48:55 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.


 

 Neue Signaturversion:


 

 Vorherige Signaturversion: 1.143.2266.0


 

 Aktualisierungsquelle: %NT-AUTORITÄT59


 

 Aktualisierungsphase: 4.1.0522.00


 

 Quellpfad: 4.1.0522.01


 

 Signaturtyp: %NT-AUTORITÄT602


 

 Aktualisierungstyp: %NT-AUTORITÄT604


 

 Benutzer: NT-AUTORITÄT\SYSTEM


 

 Aktuelle Modulversion: %NT-AUTORITÄT605


 

 Vorherige Modulversion: %NT-AUTORITÄT606


 

 Fehlercode: %NT-AUTORITÄT607


 

 Fehlerbeschreibung: %NT-AUTORITÄT608


 

Error: (02/16/2013 00:40:21 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Google Update Service (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053


 

Error: (02/16/2013 00:40:21 PM) (Source: Service Control Manager) (User: )
Description: Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Google Update Service (gupdate).


 

Error: (02/15/2013 01:23:24 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.


 

 Neue Signaturversion:


 

 Vorherige Signaturversion: 1.143.2266.0


 

 Aktualisierungsquelle: %NT-AUTORITÄT59


 

 Aktualisierungsphase: 4.1.0522.00


 

 Quellpfad: 4.1.0522.01


 

 Signaturtyp: %NT-AUTORITÄT602


 

 Aktualisierungstyp: %NT-AUTORITÄT604


 

 Benutzer: NT-AUTORITÄT\SYSTEM


 

 Aktuelle Modulversion: %NT-AUTORITÄT605


 

 Vorherige Modulversion: %NT-AUTORITÄT606


 

 Fehlercode: %NT-AUTORITÄT607


 

 Fehlerbeschreibung: %NT-AUTORITÄT608


 

Error: (02/15/2013 01:14:42 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Google Update Service (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053


 

Error: (02/15/2013 01:14:42 PM) (Source: Service Control Manager) (User: )
Description: Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Google Update Service (gupdate).


 

Error: (02/15/2013 11:36:34 AM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.


 

 Neue Signaturversion:


 

 Vorherige Signaturversion: 1.143.2266.0


 

 Aktualisierungsquelle: %NT-AUTORITÄT59


 

 Aktualisierungsphase: 4.1.0522.00


 

 Quellpfad: 4.1.0522.01


 

 Signaturtyp: %NT-AUTORITÄT602


 

 Aktualisierungstyp: %NT-AUTORITÄT604


 

 Benutzer: NT-AUTORITÄT\SYSTEM


 

 Aktuelle Modulversion: %NT-AUTORITÄT605


 

 Vorherige Modulversion: %NT-AUTORITÄT606


 

 Fehlercode: %NT-AUTORITÄT607


 

 Fehlerbeschreibung: %NT-AUTORITÄT608


 

Error: (02/15/2013 11:27:54 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Google Update Service (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053


 

Error: (02/15/2013 11:27:54 AM) (Source: Service Control Manager) (User: )
Description: Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Google Update Service (gupdate).


 

Error: (02/14/2013 02:17:23 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Google Update Service (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053


 


Microsoft Office Sessions:
=========================
Error: (02/15/2013 01:44:52 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetryunspecifiedhardeningtelemetryhardeningtelemetrydisablertp4.1.522.0unspecifiedunspecifiedunspecifiedNILNILNIL


 

Error: (02/14/2013 10:45:47 AM) (Source: Microsoft Security Client)(User: )
Description: mssecurityclientsetup.exe4.1.522.00x80070003morrobootstraper__cinstallflow__internalrun - getbackupactionmorrobootstraper__cflow__processflowactionresult0security essentialsNILNILNIL


 

Error: (02/14/2013 10:45:47 AM) (Source: Microsoft Security Client)(User: )
Description: mssecurityclientsetup.exe4.1.522.00x80070424morrobootstraper__cinstallflow__internalrun - getenablefirewallactionmorrobootstraper__cflow__processflowactionresult0security essentialsNILNILNIL


 

Error: (02/14/2013 10:45:43 AM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry0x80070003moaccachereset4.1.522.0unspecifiedunspecifiedunspecifiedNILNILNIL


 

Error: (01/10/2013 11:32:10 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown


 

Error: (12/12/2012 02:12:27 PM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.6001.18702flash32_11_5_502_110.ocx11.5.502.110000adc7a


 

Error: (11/29/2012 04:45:09 AM) (Source: Application Error)(User: )
Description: rundll32.exe5.1.2600.5512unknown0.0.0.073d368f6


 

Error: (11/18/2012 01:30:09 PM) (Source: Application Error)(User: )
Description: viewer.exe0.0.0.0viewer.exe0.0.0.0000038d2


 

Error: (11/16/2012 01:06:58 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry0x80070670patchapplicationam bdd11.1.3927.0mpsigstub.exe4.1.522.0microsoft security essentialsNILNILNIL


 

Error: (11/16/2012 09:33:10 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: WindowsBase, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80131f06
WindowsBase, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35


 


=========================== Installed Programs ============================


 

7-Zip 4.65
AAVUpdateManager (Version: 18.00.0000)
ABBYY FineReader 6.0 Sprint (Version: 6.00.1395.4512)
ABBYY FineReader 9.0 Sprint (Version: 9.01.513.58212)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.149)
Adobe Flash Player Plugin (Version: 9.0.115.0)
Adobe Reader X (10.1.5) - Deutsch (Version: 10.1.5)
Adobe SVG Viewer 3.0 (Version:  3.0)
AmazingMahjongg3D
Amazon Kindle
AMD APP SDK Runtime (Version: 2.5.793.1)
AMD Catalyst Install Manager (Version: 3.0.851.0)
ATI - Dienstprogramm zur Deinstallation der Software (Version: 6.14.10.1022)
ATI AVIVO Codecs (Version: 10.10.0.41006)
ATI Catalyst Control Center (Version: 2.009.0925.1706)
ATI Catalyst Registration (Version: 2.00.0000)
ATI Display Driver (Version: 8.661-090923a1-083739C-ATI)
ATI HYDRAVISION (Version: 3.25.9006)
ATI Problem Report Wizard (Version: 8.10)
Audacity 1.2.6
Auran Trainz GMAX Gamepack
Benutzerhandbuch - Grundlagen EPSON XP-302 303 305 306 Series
Benutzerhandbuch EPSON XP-302 303 305 306 Series
Blender (remove only)
calibre (Version: 0.9.15)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.0925.1707.28889)
Catalyst Control Center Graphics Full Existing (Version: 2009.0925.1707.28889)
Catalyst Control Center Graphics Full New (Version: 2009.0925.1707.28889)
Catalyst Control Center Graphics Light (Version: 2009.0925.1707.28889)
Catalyst Control Center Graphics Previews Common (Version: 2009.0925.1707.28889)
Catalyst Control Center HydraVision Full (Version: 2009.0925.1707.28889)
Catalyst Control Center InstallProxy (Version: 2011.1025.2152.37348)
ccc-core-preinstall (Version: 2009.0925.1707.28889)
ccc-core-static (Version: 2009.0925.1707.28889)
ccc-utility (Version: 2009.0925.1707.28889)
CCC Help English (Version: 2009.0925.1706.28889)
CCleaner (Version: 3.20)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
CPUID CPU-Z 1.59
Download Navigator (Version: 3.4.1)
Druckerdeinstallation für EPSON XP-302 303 305 306 Series
Eisenbahn.exe Professional 6.0 (Version: 6.00.0000)
Epson Easy Photo Print 2 (Version: 2.3.2.0)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (Version: 1.00.0000)
Epson Event Manager (Version: 3.01.0000)
EPSON Scan
EPSON Stylus SX200 Series Printer Uninstall
EPSON Stylus SX200_SX400_TX200_TX400 Handbuch
EpsonNet Print (Version: 2.5.00)
ESET Online Scanner v3
ETK (Lokal) (Version: 1.00.000)
Fraps
Free Download Manager 3.0
FUJIFILM USB Driver
G*Power 3.1.5 (Version: 3.1.5)
GearDrvs (Version: 1.00.0000)
GearDrvs (Version: 5.0.0.2)
GIMP 2.4.2
gmax (Version: 4.4.0.125)
Google Earth (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.79)
Google Updater (Version: 2.4.2432.1652)
GPL Ghostscript (Version: 9.06)
Hex-Editor MX (Version: 6.0)
High Definition Audio Driver Package - KB888111 (Version: 20040219.000000)
Hotfix für Windows Media Player 11 (KB939683)
Hotfix für Windows XP (KB2158563) (Version: 1)
Hotfix für Windows XP (KB2443685) (Version: 1)
Hotfix für Windows XP (KB2570791) (Version: 1)
Hotfix für Windows XP (KB2633952) (Version: 1)
Hotfix für Windows XP (KB2756822) (Version: 1)
Hotfix für Windows XP (KB2779562) (Version: 1)
Hotfix für Windows XP (KB952287) (Version: 1)
Hotfix für Windows XP (KB961118) (Version: 1)
Hotfix für Windows XP (KB970653-v3) (Version: 3)
Hotfix für Windows XP (KB976098-v2) (Version: 2)
Hotfix für Windows XP (KB979306) (Version: 1)
Hotfix für Windows XP (KB981793) (Version: 1)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 20 (Version: 6.0.200)
JavaFX 2.1.1 (Version: 2.1.1)
Lexmark Supplies Monitor
Lexmark Z23-Z33
Live Update 5 (Version: 5.0.072)
Malwarebytes Anti-Malware Version 1.70.0.1100 (Version: 1.70.0.1100)
Meine CEWE FOTOWELT
MGI PhotoSuite 4 (nur entfernen)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Word Viewer 2003 (Version: 11.0.8173.0)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Train Simulator
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
MicroStaff WINASPI
MM Eisenbahn-Bildschirmschoner V3
Mozilla Firefox 13.0.1 (x86 de) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Netzwerkhandbuch EPSON XP-302 303 305 306 Series
NVIDIA PhysX (Version: 9.10.0513)
OpenOffice.org 3.2 (Version: 3.2.9502)
PEV Mesh Text Viewer
PEV Texture 2 TGA
PEVSoft Graphical Mesh Viewer
PEVSoft PM2IM
PEVSoft Texture Viewer
QuickTime
RealDownloader (Version: 1.3.0)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.0)
Realtek High Definition Audio Driver (Version: 5.10.0.5389)
RealUpgrade 1.1 (Version: 1.1.0)
Resource Hacker Version 3.6.0
Revo Uninstaller Pro 2.5.8 (Version: 2.5.8)
Scan Manager 5.2 (Version: 5.2)
Sicherheitsupdate für Microsoft Windows (KB2564958)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2183461) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2360131) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 7 (KB938127-v2) (Version: 2)
Sicherheitsupdate für Windows Internet Explorer 7 (KB953838) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 7 (KB956390) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 7 (KB958215) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 7 (KB960714) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 7 (KB961260) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 7 (KB963027) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 7 (KB969897) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 7 (KB972260) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 7 (KB974455) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 7 (KB976325) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 7 (KB978207) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 7 (KB982381) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2360131) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2416400) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2482017) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2497640) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2510531) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2530548) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2544521) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2559049) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2586448) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2618444) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2647516) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2675157) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2699988) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2722913) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2744842) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2761465) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2799329) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB971961) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB981332) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB982381) (Version: 1)
Sicherheitsupdate für Windows Media Player (KB2378111)
Sicherheitsupdate für Windows Media Player (KB911564)
Sicherheitsupdate für Windows Media Player (KB952069)
Sicherheitsupdate für Windows Media Player (KB954155)
Sicherheitsupdate für Windows Media Player (KB968816)
Sicherheitsupdate für Windows Media Player (KB973540)
Sicherheitsupdate für Windows Media Player (KB975558)
Sicherheitsupdate für Windows Media Player (KB978695)
Sicherheitsupdate für Windows Media Player 11 (KB936782)
Sicherheitsupdate für Windows Media Player 11 (KB954154)
Sicherheitsupdate für Windows Media Player 9 (KB936782)
Sicherheitsupdate für Windows XP (KB2079403) (Version: 1)
Sicherheitsupdate für Windows XP (KB2115168) (Version: 1)
Sicherheitsupdate für Windows XP (KB2121546) (Version: 1)
Sicherheitsupdate für Windows XP (KB2160329) (Version: 1)
Sicherheitsupdate für Windows XP (KB2229593) (Version: 1)
Sicherheitsupdate für Windows XP (KB2259922) (Version: 1)
Sicherheitsupdate für Windows XP (KB2279986) (Version: 1)
Sicherheitsupdate für Windows XP (KB2286198) (Version: 1)
Sicherheitsupdate für Windows XP (KB2296011) (Version: 1)
Sicherheitsupdate für Windows XP (KB2296199) (Version: 1)
Sicherheitsupdate für Windows XP (KB2347290) (Version: 1)
Sicherheitsupdate für Windows XP (KB2360937) (Version: 1)
Sicherheitsupdate für Windows XP (KB2387149) (Version: 1)
Sicherheitsupdate für Windows XP (KB2393802) (Version: 1)
Sicherheitsupdate für Windows XP (KB2412687) (Version: 1)
Sicherheitsupdate für Windows XP (KB2419632) (Version: 1)
Sicherheitsupdate für Windows XP (KB2423089) (Version: 1)
Sicherheitsupdate für Windows XP (KB2436673) (Version: 1)
Sicherheitsupdate für Windows XP (KB2440591) (Version: 1)
Sicherheitsupdate für Windows XP (KB2443105) (Version: 1)
Sicherheitsupdate für Windows XP (KB2476490) (Version: 1)
Sicherheitsupdate für Windows XP (KB2476687) (Version: 1)
Sicherheitsupdate für Windows XP (KB2478960) (Version: 1)
Sicherheitsupdate für Windows XP (KB2478971) (Version: 1)
Sicherheitsupdate für Windows XP (KB2479628) (Version: 1)
Sicherheitsupdate für Windows XP (KB2479943) (Version: 1)
Sicherheitsupdate für Windows XP (KB2481109) (Version: 1)
Sicherheitsupdate für Windows XP (KB2483185) (Version: 1)
Sicherheitsupdate für Windows XP (KB2485376) (Version: 1)
Sicherheitsupdate für Windows XP (KB2485663) (Version: 1)
Sicherheitsupdate für Windows XP (KB2503658) (Version: 1)
Sicherheitsupdate für Windows XP (KB2503665) (Version: 1)
Sicherheitsupdate für Windows XP (KB2506212) (Version: 1)
Sicherheitsupdate für Windows XP (KB2506223) (Version: 1)
Sicherheitsupdate für Windows XP (KB2507618) (Version: 1)
Sicherheitsupdate für Windows XP (KB2507938) (Version: 1)
Sicherheitsupdate für Windows XP (KB2508272) (Version: 1)
Sicherheitsupdate für Windows XP (KB2508429) (Version: 1)
Sicherheitsupdate für Windows XP (KB2509553) (Version: 1)
Sicherheitsupdate für Windows XP (KB2511455) (Version: 1)
Sicherheitsupdate für Windows XP (KB2524375) (Version: 1)
Sicherheitsupdate für Windows XP (KB2535512) (Version: 1)
Sicherheitsupdate für Windows XP (KB2536276-v2) (Version: 2)
Sicherheitsupdate für Windows XP (KB2536276) (Version: 1)
Sicherheitsupdate für Windows XP (KB2544893-v2) (Version: 2)
Sicherheitsupdate für Windows XP (KB2544893) (Version: 1)
Sicherheitsupdate für Windows XP (KB2555917) (Version: 1)
Sicherheitsupdate für Windows XP (KB2562937) (Version: 1)
Sicherheitsupdate für Windows XP (KB2566454) (Version: 1)
Sicherheitsupdate für Windows XP (KB2567053) (Version: 1)
Sicherheitsupdate für Windows XP (KB2567680) (Version: 1)
Sicherheitsupdate für Windows XP (KB2570222) (Version: 1)
Sicherheitsupdate für Windows XP (KB2570947) (Version: 1)
Sicherheitsupdate für Windows XP (KB2592799) (Version: 1)
Sicherheitsupdate für Windows XP (KB2603381) (Version: 1)
Sicherheitsupdate für Windows XP (KB2618451) (Version: 1)
Sicherheitsupdate für Windows XP (KB2619339) (Version: 1)
Sicherheitsupdate für Windows XP (KB2620712) (Version: 1)
Sicherheitsupdate für Windows XP (KB2621440) (Version: 1)
Sicherheitsupdate für Windows XP (KB2624667) (Version: 1)
Sicherheitsupdate für Windows XP (KB2633171) (Version: 1)
Sicherheitsupdate für Windows XP (KB2639417) (Version: 1)
Sicherheitsupdate für Windows XP (KB2641653) (Version: 1)
Sicherheitsupdate für Windows XP (KB2647518) (Version: 1)
Sicherheitsupdate für Windows XP (KB2653956) (Version: 1)
Sicherheitsupdate für Windows XP (KB2655992) (Version: 1)
Sicherheitsupdate für Windows XP (KB2659262) (Version: 1)
Sicherheitsupdate für Windows XP (KB2661637) (Version: 1)
Sicherheitsupdate für Windows XP (KB2676562) (Version: 1)
Sicherheitsupdate für Windows XP (KB2685939) (Version: 1)
Sicherheitsupdate für Windows XP (KB2686509) (Version: 1)
Sicherheitsupdate für Windows XP (KB2691442) (Version: 1)
Sicherheitsupdate für Windows XP (KB2695962) (Version: 1)
Sicherheitsupdate für Windows XP (KB2698365) (Version: 1)
Sicherheitsupdate für Windows XP (KB2705219) (Version: 1)
Sicherheitsupdate für Windows XP (KB2707511) (Version: 1)
Sicherheitsupdate für Windows XP (KB2709162) (Version: 1)
Sicherheitsupdate für Windows XP (KB2712808) (Version: 1)
Sicherheitsupdate für Windows XP (KB2718523) (Version: 1)
Sicherheitsupdate für Windows XP (KB2719985) (Version: 1)
Sicherheitsupdate für Windows XP (KB2723135) (Version: 1)
Sicherheitsupdate für Windows XP (KB2724197) (Version: 1)
Sicherheitsupdate für Windows XP (KB2727528) (Version: 1)
Sicherheitsupdate für Windows XP (KB2731847) (Version: 1)
Sicherheitsupdate für Windows XP (KB2753842-v2) (Version: 2)
Sicherheitsupdate für Windows XP (KB2753842) (Version: 1)
Sicherheitsupdate für Windows XP (KB2757638) (Version: 1)
Sicherheitsupdate für Windows XP (KB2758857) (Version: 1)
Sicherheitsupdate für Windows XP (KB2761226) (Version: 1)
Sicherheitsupdate für Windows XP (KB2770660) (Version: 1)
Sicherheitsupdate für Windows XP (KB2779030) (Version: 1)
Sicherheitsupdate für Windows XP (KB923561) (Version: 1)
Sicherheitsupdate für Windows XP (KB938464) (Version: 1)
Sicherheitsupdate für Windows XP (KB941569)
Sicherheitsupdate für Windows XP (KB946648) (Version: 1)
Sicherheitsupdate für Windows XP (KB950762) (Version: 1)
Sicherheitsupdate für Windows XP (KB950974) (Version: 1)
Sicherheitsupdate für Windows XP (KB951066) (Version: 1)
Sicherheitsupdate für Windows XP (KB951376-v2) (Version: 2)
Sicherheitsupdate für Windows XP (KB951698) (Version: 1)
Sicherheitsupdate für Windows XP (KB951748) (Version: 1)
Sicherheitsupdate für Windows XP (KB952004) (Version: 1)
Sicherheitsupdate für Windows XP (KB952954) (Version: 1)
Sicherheitsupdate für Windows XP (KB953838) (Version: 1)
Sicherheitsupdate für Windows XP (KB953839) (Version: 1)
Sicherheitsupdate für Windows XP (KB954211) (Version: 1)
Sicherheitsupdate für Windows XP (KB954459) (Version: 1)
Sicherheitsupdate für Windows XP (KB954600) (Version: 1)
Sicherheitsupdate für Windows XP (KB955069) (Version: 1)
Sicherheitsupdate für Windows XP (KB956391) (Version: 1)
Sicherheitsupdate für Windows XP (KB956572) (Version: 1)
Sicherheitsupdate für Windows XP (KB956744) (Version: 1)
Sicherheitsupdate für Windows XP (KB956802) (Version: 1)
Sicherheitsupdate für Windows XP (KB956803) (Version: 1)
Sicherheitsupdate für Windows XP (KB956841) (Version: 1)
Sicherheitsupdate für Windows XP (KB956844) (Version: 1)
Sicherheitsupdate für Windows XP (KB957095) (Version: 1)
Sicherheitsupdate für Windows XP (KB957097) (Version: 1)
Sicherheitsupdate für Windows XP (KB958644) (Version: 1)
Sicherheitsupdate für Windows XP (KB958687) (Version: 1)
Sicherheitsupdate für Windows XP (KB958690) (Version: 1)
Sicherheitsupdate für Windows XP (KB958869) (Version: 1)
Sicherheitsupdate für Windows XP (KB959426) (Version: 1)
Sicherheitsupdate für Windows XP (KB960225) (Version: 1)
Sicherheitsupdate für Windows XP (KB960715) (Version: 1)
Sicherheitsupdate für Windows XP (KB960803) (Version: 1)
Sicherheitsupdate für Windows XP (KB960859) (Version: 1)
Sicherheitsupdate für Windows XP (KB961371) (Version: 1)
Sicherheitsupdate für Windows XP (KB961373) (Version: 1)
Sicherheitsupdate für Windows XP (KB961501) (Version: 1)
Sicherheitsupdate für Windows XP (KB968537) (Version: 1)
Sicherheitsupdate für Windows XP (KB969059) (Version: 1)
Sicherheitsupdate für Windows XP (KB969898) (Version: 1)
Sicherheitsupdate für Windows XP (KB969947) (Version: 1)
Sicherheitsupdate für Windows XP (KB970238) (Version: 1)
Sicherheitsupdate für Windows XP (KB970430) (Version: 1)
Sicherheitsupdate für Windows XP (KB971468) (Version: 1)
Sicherheitsupdate für Windows XP (KB971486) (Version: 1)
Sicherheitsupdate für Windows XP (KB971557) (Version: 1)
Sicherheitsupdate für Windows XP (KB971633) (Version: 1)
Sicherheitsupdate für Windows XP (KB971657) (Version: 1)
Sicherheitsupdate für Windows XP (KB971961) (Version: 1)
Sicherheitsupdate für Windows XP (KB972270) (Version: 1)
Sicherheitsupdate für Windows XP (KB973346) (Version: 1)
Sicherheitsupdate für Windows XP (KB973354) (Version: 1)
Sicherheitsupdate für Windows XP (KB973507) (Version: 1)
Sicherheitsupdate für Windows XP (KB973525) (Version: 1)
Sicherheitsupdate für Windows XP (KB973869) (Version: 1)
Sicherheitsupdate für Windows XP (KB973904) (Version: 1)
Sicherheitsupdate für Windows XP (KB974112) (Version: 1)
Sicherheitsupdate für Windows XP (KB974318) (Version: 1)
Sicherheitsupdate für Windows XP (KB974392) (Version: 1)
Sicherheitsupdate für Windows XP (KB974571) (Version: 1)
Sicherheitsupdate für Windows XP (KB975025) (Version: 1)
Sicherheitsupdate für Windows XP (KB975467) (Version: 1)
Sicherheitsupdate für Windows XP (KB975560) (Version: 1)
Sicherheitsupdate für Windows XP (KB975561) (Version: 1)
Sicherheitsupdate für Windows XP (KB975562) (Version: 1)
Sicherheitsupdate für Windows XP (KB975713) (Version: 1)
Sicherheitsupdate für Windows XP (KB977165) (Version: 1)
Sicherheitsupdate für Windows XP (KB977816) (Version: 1)
Sicherheitsupdate für Windows XP (KB977914) (Version: 1)
Sicherheitsupdate für Windows XP (KB978037) (Version: 1)
Sicherheitsupdate für Windows XP (KB978251) (Version: 1)
Sicherheitsupdate für Windows XP (KB978262) (Version: 1)
Sicherheitsupdate für Windows XP (KB978338) (Version: 1)
Sicherheitsupdate für Windows XP (KB978542) (Version: 1)
Sicherheitsupdate für Windows XP (KB978601) (Version: 1)
Sicherheitsupdate für Windows XP (KB978706) (Version: 1)
Sicherheitsupdate für Windows XP (KB979309) (Version: 1)
Sicherheitsupdate für Windows XP (KB979482) (Version: 1)
Sicherheitsupdate für Windows XP (KB979559) (Version: 1)
Sicherheitsupdate für Windows XP (KB979683) (Version: 1)
Sicherheitsupdate für Windows XP (KB979687) (Version: 1)
Sicherheitsupdate für Windows XP (KB980195) (Version: 1)
Sicherheitsupdate für Windows XP (KB980218) (Version: 1)
Sicherheitsupdate für Windows XP (KB980232) (Version: 1)
Sicherheitsupdate für Windows XP (KB980436) (Version: 1)
Sicherheitsupdate für Windows XP (KB981322) (Version: 1)
Sicherheitsupdate für Windows XP (KB981349) (Version: 1)
Sicherheitsupdate für Windows XP (KB981852) (Version: 1)
Sicherheitsupdate für Windows XP (KB981957) (Version: 1)
Sicherheitsupdate für Windows XP (KB981997) (Version: 1)
Sicherheitsupdate für Windows XP (KB982132) (Version: 1)
Sicherheitsupdate für Windows XP (KB982214) (Version: 1)
Sicherheitsupdate für Windows XP (KB982665) (Version: 1)
Sicherheitsupdate für Windows XP (KB982802) (Version: 1)
Sigil 0.6.2
Silverfrost FTN95 (Version: 5.10)
Speccy (Version: 1.16)
Speedport W 102 Stick (Version: 1.0.0.18)
SpiceFX 4.0 for Movie Maker (Version: 4.0)
StarOffice 7 (Version: 7)
Steam (Version: 1.0.0.0)
Steuer-Spar-Erklärung 2011 (Version: 16.12)
Steuer-Spar-Erklärung 2012 (Version: 17.11)
TC (Version: 1.00.000)
The Lord of the Rings FREE Trial  (Version: 1.00.0000)
Train Simulator 2012
Trainz (Version: 1.00.000)
Trainz Tuner
TRS2006 (Version: 1.00.000)
TuneUp Utilities 2007 (Version: 6.0.2311)
Update für Windows Internet Explorer 7 (KB976749) (Version: 1)
Update für Windows Internet Explorer 7 (KB980182) (Version: 1)
Update für Windows Internet Explorer 8 (KB2362765) (Version: 1)
Update für Windows Internet Explorer 8 (KB976662) (Version: 1)
Update für Windows XP (KB2141007) (Version: 1)
Update für Windows XP (KB2345886) (Version: 1)
Update für Windows XP (KB2467659) (Version: 1)
Update für Windows XP (KB2541763) (Version: 1)
Update für Windows XP (KB2607712) (Version: 1)
Update für Windows XP (KB2616676) (Version: 1)
Update für Windows XP (KB2641690) (Version: 1)
Update für Windows XP (KB2661254-v2) (Version: 2)
Update für Windows XP (KB2718704) (Version: 1)
Update für Windows XP (KB2736233) (Version: 1)
Update für Windows XP (KB2749655) (Version: 1)
Update für Windows XP (KB951072-v2) (Version: 2)
Update für Windows XP (KB951978) (Version: 1)
Update für Windows XP (KB955759) (Version: 1)
Update für Windows XP (KB955839) (Version: 1)
Update für Windows XP (KB967715) (Version: 1)
Update für Windows XP (KB968389) (Version: 1)
Update für Windows XP (KB971029) (Version: 1)
Update für Windows XP (KB971737) (Version: 1)
Update für Windows XP (KB973687) (Version: 1)
Update für Windows XP (KB973815) (Version: 1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
VideoLAN VLC media player 0.8.6d (Version: 0.8.6d)
VistaMare TrainzMap
Visual Fortran 6.6.a
WebFldrs XP (Version: 9.50.6513)
Wichtiges Update für Windows Media Player 11 (KB959772)
Windows Imaging Component (Version: 3.0.0.0)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows PowerShell™ 1.0 (Version: 2)
Windows XP Service Pack 3 (Version: 20080414.031514)


 

========================= Devices: ================================


 

Name: ACPI-Multiprocessor-PC
Description: ACPI-Multiprocessor-PC
Class Guid: {4D36E966-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardcomputer)
Service: \Driver\ACPI_HAL


 

Name: Microsoft ACPI-konformes System
Description: Microsoft ACPI-konformes System
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: ACPI


 

Name: Intel® Core™2 Quad CPU           @ 2.40GHz
Description: Intel-Prozessor
Class Guid: {50127DC3-0F36-415E-A6CC-4CB3BE910B65}
Manufacturer: Intel
Service: intelppm


 

Name: Intel® Core™2 Quad CPU           @ 2.40GHz
Description: Intel-Prozessor
Class Guid: {50127DC3-0F36-415E-A6CC-4CB3BE910B65}
Manufacturer: Intel
Service: intelppm


 

Name: Intel® Core™2 Quad CPU           @ 2.40GHz
Description: Intel-Prozessor
Class Guid: {50127DC3-0F36-415E-A6CC-4CB3BE910B65}
Manufacturer: Intel
Service: intelppm


 

Name: Intel® Core™2 Quad CPU           @ 2.40GHz
Description: Intel-Prozessor
Class Guid: {50127DC3-0F36-415E-A6CC-4CB3BE910B65}
Manufacturer: Intel
Service: intelppm


 

Name: PCI-Bus
Description: PCI-Bus
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardsystemgeräte)
Service: pci


 

Name: Intel® G33/G31/P35 Express Chipset Processor to I/O Controller - 29C0
Description: Intel® G33/G31/P35 Express Chipset Processor to I/O Controller - 29C0
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service:


 

Name: Intel® G33/G31/P35 Express Chipset PCI Express Root Port - 29C1
Description: Intel® G33/G31/P35 Express Chipset PCI Express Root Port - 29C1
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pci


 

Name: ATI Radeon HD 5800 Series
Description: ATI Radeon HD 5800 Series
Class Guid: {4D36E968-E325-11CE-BFC1-08002BE10318}
Manufacturer: ATI Technologies Inc.
Service: ati2mtag


 

Name: Plug und Play-Monitor
Description: Plug und Play-Monitor
Class Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardmonitortypen)
Service:


 

Name: Microsoft UAA-Bustreiber für High Definition Audio
Description: Microsoft UAA-Bustreiber für High Definition Audio
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: HDAudBus


 

Name: Audiogerät auf High Definition Audio-Bus
Description: Audiogerät auf High Definition Audio-Bus
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: ATI Technologies Inc.
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


 

Name: Intel® ICH9 Family USB Universal Host Controller - 2937
Description: Intel® ICH9 Family USB Universal Host Controller - 2937
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbuhci


 

Name: USB-Root-Hub
Description: USB-Root-Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: usbhub


 

Name: Intel® ICH9 Family USB Universal Host Controller - 2938
Description: Intel® ICH9 Family USB Universal Host Controller - 2938
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbuhci


 

Name: USB-Root-Hub
Description: USB-Root-Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: usbhub


 

Name: USB-HID (Human Interface Device)
Description: USB-HID (Human Interface Device)
Class Guid: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
Manufacturer: (Standardsystemgeräte)
Service: HidUsb


 

Name: HID-konforme Maus
Description: HID-konforme Maus
Class Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: mouhid


 

Name: Intel® ICH9 Family USB2 Enhanced Host Controller - 293C
Description: Intel® ICH9 Family USB2 Enhanced Host Controller - 293C
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbehci


 

Name: USB-Root-Hub
Description: USB-Root-Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: usbhub


 

Name: USB-Massenspeichergerät
Description: USB-Massenspeichergerät
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Kompatibles USB-Speichergerät
Service: USBSTOR


 

Name: ST310005 28AS USB Device
Description: Laufwerk
Class Guid: {4D36E967-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardlaufwerke)
Service: disk


 

Name: Speedport W 102 Stick IEEE 802.11n USB 2.0 Adapter #3
Description: Speedport W 102 Stick IEEE 802.11n USB 2.0 Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Deutsche Telekom AG
Service: rt2870


 

Name: Microsoft UAA-Bustreiber für High Definition Audio
Description: Microsoft UAA-Bustreiber für High Definition Audio
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: HDAudBus


 

Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Realtek
Service: IntcAzAudAddService


 

Name: Intel® ICH9 Family PCI Express Root Port 1 - 2940
Description: Intel® ICH9 Family PCI Express Root Port 1 - 2940
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pci


 

Name: Intel® ICH9 Family PCI Express Root Port 5 - 2948
Description: Intel® ICH9 Family PCI Express Root Port 5 - 2948
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pci


 

Name: Standard-Zweikanal-PCI-IDE-Controller
Description: Standard-Zweikanal-PCI-IDE-Controller
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard-IDE-ATA/ATAPI-Controller)
Service: pciide


 

Name: Primärer IDE-Kanal
Description: Primärer IDE-Kanal
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard-IDE-ATA/ATAPI-Controller)
Service: atapi


 

Name: HL-DT-ST DVDRAM GSA-H10A
Description: CD-ROM-Laufwerk
Class Guid: {4D36E965-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard-CD-ROM-Laufwerke)
Service: cdrom


 

Name: HL-DT-ST DVD-ROM GDR8164B
Description: CD-ROM-Laufwerk
Class Guid: {4D36E965-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard-CD-ROM-Laufwerke)
Service: cdrom


 

Name: Sekundärer IDE-Kanal
Description: Sekundärer IDE-Kanal
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard-IDE-ATA/ATAPI-Controller)
Service: atapi


 

Name: Intel® ICH9 Family PCI Express Root Port 6 - 294A
Description: Intel® ICH9 Family PCI Express Root Port 6 - 294A
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pci


 

Name: Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC
Description: Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTLE8023xp


 

Name: Intel® ICH9 Family USB Universal Host Controller - 2934
Description: Intel® ICH9 Family USB Universal Host Controller - 2934
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbuhci


 

Name: USB-Root-Hub
Description: USB-Root-Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: usbhub


 

Name: Intel® ICH9 Family USB Universal Host Controller - 2935
Description: Intel® ICH9 Family USB Universal Host Controller - 2935
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbuhci


 

Name: USB-Root-Hub
Description: USB-Root-Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: usbhub


 

Name: Intel® ICH9 Family USB Universal Host Controller - 2936
Description: Intel® ICH9 Family USB Universal Host Controller - 2936
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbuhci


 

Name: USB-Root-Hub
Description: USB-Root-Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: usbhub


 

Name: Intel® ICH9 Family USB Universal Host Controller - 2939
Description: Intel® ICH9 Family USB Universal Host Controller - 2939
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbuhci


 

Name: USB-Root-Hub
Description: USB-Root-Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: usbhub


 

Name: Intel® ICH9 Family USB2 Enhanced Host Controller - 293A
Description: Intel® ICH9 Family USB2 Enhanced Host Controller - 293A
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbehci


 

Name: USB-Root-Hub
Description: USB-Root-Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: usbhub


 

Name: Intel® 82801 PCI Bridge - 244E
Description: Intel® 82801 PCI Bridge - 244E
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pci


 

Name: PCI Standard-ISA-Brücke
Description: PCI Standard-ISA-Brücke
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardsystemgeräte)
Service: isapnp


 

Name: ISAPnP-Datenleseport
Description: ISAPnP-Datenleseport
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardsystemgeräte)
Service:


 

Name: Programmierbarer Interruptcontroller
Description: Programmierbarer Interruptcontroller
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardsystemgeräte)
Service:


 

Name: DMA-Controller
Description: DMA-Controller
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardsystemgeräte)
Service:


 

Name: Systemzeitgeber
Description: Systemzeitgeber
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardsystemgeräte)
Service:


 

Name: System CMOS/Echtzeituhr
Description: System CMOS/Echtzeituhr
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardsystemgeräte)
Service:


 

Name: Systemlautsprecher
Description: Systemlautsprecher
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardsystemgeräte)
Service:


 

Name: Numerischer Coprozessor
Description: Numerischer Coprozessor
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardsystemgeräte)
Service:


 

Name: Kommunikationsanschluss (COM1)
Description: Kommunikationsanschluss
Class Guid: {4D36E978-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardanschlusstypen)
Service: Serial


 

Name: Standard-Diskettenlaufwerkcontroller
Description: Standard-Diskettenlaufwerkcontroller
Class Guid: {4D36E969-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard-Diskettenlaufwerkcontroller)
Service: fdc


 

Name: Diskettenlaufwerk
Description: Diskettenlaufwerk
Class Guid: {4D36E980-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standarddiskettenlaufwerke)
Service: flpydisk


 

Name: Druckeranschluss (LPT1)
Description: Druckeranschluss
Class Guid: {4D36E978-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardanschlusstypen)
Service: Parport


 

Name: Logische Schnittstelle für Druckeranschluss
Description: Logische Schnittstelle für Druckeranschluss
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardsystemgeräte)
Service:


 

Name: Standardtastatur (101/102 Tasten) oder Microsoft Natural Keyboard (PS/2)
Description: Standardtastatur (101/102 Tasten) oder Microsoft Natural Keyboard (PS/2)
Class Guid: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt


 

Name: Hauptplatinenressourcen
Description: Hauptplatinenressourcen
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardsystemgeräte)
Service:


 

Name: Hauptplatinenressourcen
Description: Hauptplatinenressourcen
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardsystemgeräte)
Service:


 

Name: Intel® 82802 Firmwarehub
Description: Intel® 82802 Firmwarehub
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service:


 

Name: Hauptplatinenressourcen
Description: Hauptplatinenressourcen
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardsystemgeräte)
Service:


 

Name: Hauptplatinenressourcen
Description: Hauptplatinenressourcen
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardsystemgeräte)
Service:


 

Name: Intel® ICH9 2 port Serial ATA Storage Controller 1 - 2921
Description: Intel® ICH9 2 port Serial ATA Storage Controller 1 - 2921
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pciide


 

Name: Primärer IDE-Kanal
Description: Primärer IDE-Kanal
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard-IDE-ATA/ATAPI-Controller)
Service: atapi


 

Name: SAMSUNG SP2504C
Description: Laufwerk
Class Guid: {4D36E967-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardlaufwerke)
Service: disk


 

Name: Sekundärer IDE-Kanal
Description: Sekundärer IDE-Kanal
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard-IDE-ATA/ATAPI-Controller)
Service: atapi


 

Name: Intel® ICH9 Family SMBus Controller - 2930
Description: Intel® ICH9 Family SMBus Controller - 2930
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service:


 

Name: Intel® ICH9 2 port Serial ATA Storage Controller 2 - 2926
Description: Intel® ICH9 2 port Serial ATA Storage Controller 2 - 2926
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pciide


 

Name: Primärer IDE-Kanal
Description: Primärer IDE-Kanal
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard-IDE-ATA/ATAPI-Controller)
Service: atapi


 

Name: Sekundärer IDE-Kanal
Description: Sekundärer IDE-Kanal
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard-IDE-ATA/ATAPI-Controller)
Service: atapi


 

Name: Systemplatine
Description: Systemplatine
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardsystemgeräte)
Service:


 

Name: Hauptplatinenressourcen
Description: Hauptplatinenressourcen
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardsystemgeräte)
Service:


 

Name: Systemplatine
Description: Systemplatine
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardsystemgeräte)
Service:


 

Name: ACPI-Einschaltknopf
Description: ACPI-Einschaltknopf
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardsystemgeräte)
Service:


 

Name: ACPI-Schalter
Description: ACPI-Schalter
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardsystemgeräte)
Service:


 

Name: Volume-Manager
Description: Volume-Manager
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardsystemgeräte)
Service: ftdisk


 

Name: Standardvolume
Description: Standardvolume
Class Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}
Manufacturer: Microsoft
Service:


 

Name: Standardvolume
Description: Standardvolume
Class Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}
Manufacturer: Microsoft
Service:


 

Name: Standardvolume
Description: Standardvolume
Class Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}
Manufacturer: Microsoft
Service:


 

Name: Umgebung für die AFD-Netzwerkunterstützung
Description: Umgebung für die AFD-Netzwerkunterstützung
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AFD


 

Name: ATMhelpr
Description: ATMhelpr
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ATMhelpr


 

Name: Beep
Description: Beep
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Beep


 

Name: cpuz135
Description: cpuz135
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: cpuz135


 

Name: dmboot
Description: dmboot
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: dmboot


 

Name: dmload
Description: dmload
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: dmload


 

Name: ENTECH
Description: ENTECH
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ENTECH


 

Name: Fips
Description: Fips
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Fips


 

Name: GMSIPCI
Description: GMSIPCI
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: GMSIPCI


 

Name: Standardpaketklassifizierung
Description: Standardpaketklassifizierung
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Gpc


 

Name: HTTP
Description: HTTP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: HTTP


 

Name: Filtertreiber für IP-Verkehr
Description: Filtertreiber für IP-Verkehr
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IpFilterDriver


 

Name: Übersetzer für IP-Netzwerkadressen
Description: Übersetzer für IP-Netzwerkadressen
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IpNat


 

Name: IPSEC-Treiber
Description: IPSEC-Treiber
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IPSec


 

Name: ksecdd
Description: ksecdd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ksecdd


 

Name: MASPINT
Description: MASPINT
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: MASPINT


 

Name: mnmdd
Description: mnmdd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mnmdd


 

Name: mountmgr
Description: mountmgr
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mountmgr


 

Name: MSI_MSIBIOS_010507
Description: MSI_MSIBIOS_010507
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: MSI_MSIBIOS_010507


 

Name: NDIS-Systemtreiber
Description: NDIS-Systemtreiber
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDIS


 

Name: RAS-NDIS-TAPI-Treiber
Description: RAS-NDIS-TAPI-Treiber
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NdisTapi


 

Name: NDIS-Benutzermodus-E/A-Protokoll
Description: NDIS-Benutzermodus-E/A-Protokoll
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Ndisuio


 

Name: NDProxy
Description: NDProxy
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDProxy


 

Name: NetBios über TCP/IP
Description: NetBios über TCP/IP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NetBT


 

Name: NTACCESS
Description: NTACCESS
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NTACCESS


 

Name: Null
Description: Null
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Null


 

Name: PartMgr
Description: PartMgr
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: PartMgr


 

Name: ParVdm
Description: ParVdm
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ParVdm


 

Name: PCASp50 NDIS Protocol Driver
Description: PCASp50 NDIS Protocol Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: PCASp50


 

Name: Treiber für automatische RAS-Verbindung
Description: Treiber für automatische RAS-Verbindung
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RasAcd


 

Name: RDPCDD
Description: RDPCDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPCDD


 

Name: Secdrv
Description: Secdrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Secdrv


 

Name: SetupNTGLM7X
Description: SetupNTGLM7X
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SetupNTGLM7X


 

Name: TCP/IP-Protokolltreiber
Description: TCP/IP-Protokolltreiber
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Tcpip


 

Name: VgaSave
Description: VgaSave
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VgaSave


 

Name: VolSnap
Description: VolSnap
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VolSnap


 

Name: w32n5323 Protocol Driver
Description: w32n5323 Protocol Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: w32n5323


 

Name: RAS-IP-ARP-Treiber
Description: RAS-IP-ARP-Treiber
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wanarp


 

Name: Windows Socket 2.0 Non-IFS Service Provider Support Environment
Description: Windows Socket 2.0 Non-IFS Service Provider Support Environment
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WS2IFSL


 

Name: Audiocodecs
Description: Audiocodecs
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardsystemgeräte)
Service: audstub


 

Name: Legacy-Audiotreiber
Description: Legacy-Audiotreiber
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardsystemgeräte)
Service: audstub


 

Name: Mediensteuerungsgerät
Description: Mediensteuerungsgerät
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardsystemgeräte)
Service: audstub


 

Name: Legacy-Videoaufnahmegerät
Description: Legacy-Videoaufnahmegerät
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardsystemgeräte)
Service: audstub


 

Name: Videocodecs
Description: Videocodecs
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardsystemgeräte)
Service: audstub


 

Name: WAN-Miniport (L2TP)
Description: WAN-Miniport (L2TP)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: Rasl2tp


 

Name: WAN-Miniport (IP)
Description: WAN-Miniport (IP)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: NdisWan


 

Name: WAN-Miniport (PPPOE)
Description: WAN-Miniport (PPPOE)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: RasPppoe


 

Name: WAN-Miniport (PPTP)
Description: WAN-Miniport (PPTP)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PptpMiniport


 

Name: WAN-Miniport (IP) - Paketplaner-Miniport
Description: Paketplaner-Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched


 

Name: Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC - Paketplaner-Miniport
Description: Paketplaner-Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched


 

Name: Speedport W 102 Stick IEEE 802.11n USB 2.0 Adapter - Paketplaner-Miniport
Description: Paketplaner-Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched


 

Name: Speedport W 102 Stick IEEE 802.11n USB 2.0 Adapter #2 - Paketplaner-Miniport
Description: Paketplaner-Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched


 

Name: Speedport W 102 Stick IEEE 802.11n USB 2.0 Adapter #3 - Paketplaner-Miniport
Description: Paketplaner-Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched


 

Name: Parallelanschluss (direkt)
Description: Parallelanschluss (direkt)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: Raspti


 

Name: Terminalserver-Tastaturtreiber
Description: Terminalserver-Tastaturtreiber
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardsystemgeräte)
Service: TermDD


 

Name: Terminalserver-Maustreiber
Description: Terminalserver-Maustreiber
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardsystemgeräte)
Service: TermDD


 

Name: PnP-Softwaregeräte-Enumerator
Description: PnP-Softwaregeräte-Enumerator
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardsystemgeräte)
Service: swenum


 

Name: Treiber für Microsoft WINMM-WDM-Audiokompatibilität
Description: Treiber für Microsoft WINMM-WDM-Audiokompatibilität
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: wdmaud


 

Name: Microsoft Kernel-Systemaudiogerät
Description: Microsoft Kernel-Systemaudiogerät
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: sysaudio


 

Name: Microsoft Kernel-Waveaudiomixer
Description: Microsoft Kernel-Waveaudiomixer
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: kmixer


 

Name: Microcode-Updategerät
Description: Microcode-Updategerät
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardsystemgeräte)
Service: update


 

Name: Microsoft-Systemverwaltungs-BIOS-Treiber
Description: Microsoft-Systemverwaltungs-BIOS-Treiber
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardsystemgeräte)
Service: mssmbios


 


========================= Memory info: ===================================


 

Percentage of memory in use: 22%
Total physical RAM: 3327.22 MB
Available physical RAM: 2563.87 MB
Total Pagefile: 6522.15 MB
Available Pagefile: 5844.04 MB
Total Virtual: 2991.88 MB
Available Virtual: 2920.23 MB


 

========================= Partitions: =====================================


 

2 Drive c: (Lokaler Datenträger) (Fixed) (Total:39.06 GB) (Free:3.79 GB) NTFS
3 Drive d: (Lokaler Datenträger) (Fixed) (Total:193.82 GB) (Free:82.26 GB) NTFS
5 Drive g: (Iomega HDD) (Fixed) (Total:931.51 GB) (Free:699.65 GB) NTFS


 

========================= Users: ========================================


 

Benutzerkonten fr \\AUST-Q0HX0CC2TV


 

Administrator            ASPNET                   Aust                    
Gast                     Hilfeassistent           SUPPORT_388945a0        
Der Befehl wurde erfolgreich ausgefhrt.


 


**** End of log ****

 

Service Scanner Log:

 

Farbar Service Scanner Version: 15-02-2013
Ran by Aust (administrator) on 16-02-2013 at 13:17:13
Running from "C:\Dokumente und Einstellungen\Aust\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************


 

Internet Services:
============


 

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


 


Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of sharedaccess. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of sharedaccess. The value does not exist.
Unable to retrieve ServiceDll of sharedaccess. The value does not exist.
Checking LEGACY_sharedaccess: ATTENTION!=====> Unable to open LEGACY_sharedaccess\0000 registry key. The key does not exist.


 


Firewall Disabled Policy:
==================


 


System Restore:
============


 

System Restore Disabled Policy:
========================


 


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking LEGACY_wscsvc: ATTENTION!=====> Unable to open LEGACY_wscsvc\0000 registry key. The key does not exist.


 


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking LEGACY_wuauserv: ATTENTION!=====> Unable to open LEGACY_wuauserv\0000 registry key. The key does not exist.


 

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking LEGACY_BITS: ATTENTION!=====> Unable to open LEGACY_BITS\0000 registry key. The key does not exist.


 


Windows Autoupdate Disabled Policy:
============================


 


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll
[2003-04-02 13:00] - [2008-04-14 03:22] - 0127488 ____A (Microsoft Corporation) C29A1C9B75BA38FA37F8C44405DEC360


 

C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll
[2003-04-02 13:00] - [2009-04-20 18:17] - 0045568 ____A (Microsoft Corporation) 407F3227AC618FD1CA54B335B083DE07


 

C:\WINDOWS\system32\ipnathlp.dll
[2003-04-02 13:00] - [2008-04-14 03:22] - 0334336 ____A (Microsoft Corporation) CAD058D5F8B889A87CA3EB3CF624DCEF


 

C:\WINDOWS\system32\netman.dll
[2003-04-02 13:00] - [2008-04-14 03:22] - 0198144 ____A (Microsoft Corporation) E6D88F1F6745BF00B57E7855A2AB696C


 

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2007-08-27 19:15] - [2008-04-14 03:22] - 0145408 ____A (Microsoft Corporation) 6F3F3973D97714CC5F906A19FE883729


 

C:\WINDOWS\system32\srsvc.dll
[2007-08-27 19:16] - [2008-04-14 03:22] - 0171520 ____A (Microsoft Corporation) FE77A85495065F3AD59C5C65B6C54182


 

C:\WINDOWS\system32\Drivers\sr.sys
[2007-08-27 19:16] - [2008-04-14 03:02] - 0073472 ____A (Microsoft Corporation) 50FA898F8C032796D3B1B9951BB5A90F


 

C:\WINDOWS\system32\wscsvc.dll
[2007-08-27 20:26] - [2008-04-14 03:22] - 0080896 ____A (Microsoft Corporation) 300B3E84FAF1A5C1F791C159BA28035D


 

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2007-08-27 19:15] - [2008-04-14 03:22] - 0145408 ____A (Microsoft Corporation) 6F3F3973D97714CC5F906A19FE883729


 

C:\WINDOWS\system32\wuauserv.dll
[2007-08-27 19:15] - [2008-04-14 03:22] - 0006656 ____A (Microsoft Corporation) 7B4FE05202AA6BF9F4DFD0E6A0D8A085


 

C:\WINDOWS\system32\qmgr.dll
[2007-08-27 19:16] - [2008-04-14 03:22] - 0409088 ____A (Microsoft Corporation) D6F603772A789BB3228F310D650B8BD1


 

C:\WINDOWS\system32\es.dll
[2003-04-02 13:00] - [2008-07-07 21:26] - 0253952 ____A (Microsoft Corporation) AF4F6B5739D18CA7972AB53E091CBC74


 

C:\WINDOWS\system32\cryptsvc.dll
[2003-04-02 13:00] - [2008-04-14 03:22] - 0062464 ____A (Microsoft Corporation) 611F824E5C703A5A899F84C5F1699E4D


 

C:\WINDOWS\system32\svchost.exe
[2003-04-02 13:00] - [2008-04-14 03:23] - 0014336 ____A (Microsoft Corporation) 4FBC75B74479C7A6F829E0CA19DF3366


 

C:\WINDOWS\system32\rpcss.dll
[2003-04-02 13:00] - [2009-02-09 11:51] - 0401408 ____A (Microsoft Corporation) 3127AFBF2C1ED0AB14A1BBB7AAECB85B


 

C:\WINDOWS\system32\services.exe
[2003-04-02 13:00] - [2009-02-09 12:21] - 0111104 ____A (Microsoft Corporation) A3EDBE9053889FB24AB22492472B39DC


 


Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
0x0B00000005000000010000000200000003000000040000000B0000000A00000009000000080000000600000007000000
IpSec Tag value is correct.


 

**** End of log ****

 

ADWCleaner log:

 

# AdwCleaner v2.112 - Datei am 16/02/2013 um 13:19:55 erstellt
# Aktualisiert am 10/02/2013 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : Aust - AUST-Q0HX0CC2TV
# Bootmodus : Normal
# Ausgeführt unter : C:\Dokumente und Einstellungen\Aust\Desktop\AdwCleaner.exe
# Option [Suche]


 


**** [Dienste] ****


 


***** [Dateien / Ordner] *****


 


***** [Registrierungsdatenbank] *****


 


***** [Internet Browser] *****


 

-\\ Internet Explorer v8.0.6001.18702


 

[OK] Die Registrierungsdatenbank ist sauber.


 

-\\ Mozilla Firefox v13.0.1 (de)


 

Datei : C:\Dokumente und Einstellungen\Aust\Anwendungsdaten\Mozilla\Firefox\Profiles\hz7t7jnk.default\prefs.js


 

[OK] Die Datei ist sauber.


 

*************************


 

AdwCleaner[R1].txt - [769 octets] - [16/02/2013 13:19:55]


 

########## EOF - C:\AdwCleaner[R1].txt - [828 octets] ##########

 

 

Junkware removal tool Log:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.3 (02.12.2013:1)
OS: Microsoft Windows XP x86
Ran by Aust on 16.02.2013 at 13:24:14,90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


 

 


 


~~~ Services


 

 


 

~~~ Registry Values


 

Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-1957994488-838170752-682003330-1004\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL


 

 


 

~~~ Registry Keys


 

Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}


 

 


 

~~~ Files


 

 


 

~~~ Folders


 

 


 

 


 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16.02.2013 at 13:27:56,53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

RKill Log:

 

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html


 

Program started at: 02/16/2013 01:30:45 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3


 

Checking for Windows services to stop:


 

 * No malware services found to stop.


 

Checking for processes to terminate:


 

 * No malware processes found to kill.


 

Checking Registry for malware related settings:


 

 * No issues found in the Registry.


 

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.


 

Performing miscellaneous checks:


 

 * No issues found.


 

Checking Windows Service Integrity:


 

 * BITS [Missing Service]
 * wscsvc [Missing Service]
 * wuauserv [Missing Service]


 

 * SharedAccess [Missing ImagePath]


 

 * RpcSs => %SystemRoot%\system32\svchost.exe -k rpcss [Incorrect ImagePath]


 

Searching for Missing Digital Signatures:


 

 * C:\WINDOWS\System32\ctfmon.exe [NoSig]
 +-> C:\WINDOWS\$NtServicePackUninstall$\ctfmon.exe : 15.360 : 08/04/2004 00:57 AM : 7ce20569925df6789c31799f0c538f29 [Pos Repl]
 +-> C:\WINDOWS\ServicePackFiles\i386\ctfmon.exe : 24.064 : 10/25/2011 00:27 AM : c3a2915c71ae6f225eb906c25ccd29b5 [Pos Repl]


 

Checking HOSTS File:


 

 * HOSTS file entries found:


 

  127.0.0.1       localhost


 

Program finished at: 02/16/2013 01:31:28 PM
Execution time: 0 hours(s), 0 minute(s), and 43 seconds(s)

 

Autoruns Log:

 

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\programme\gemeinsame dateien\adobe\arm\1.0\adobearm.exe"
+ "EEventManager" "EEventManager Application" "SEIKO EPSON CORPORATION" "c:\programme\epson software\event manager\eeventmanager.exe"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\programme\microsoft security client\msseces.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\programme\gemeinsame dateien\java\java update\jusched.exe"
+ "TkBellExe" "RealNetworks Scheduler" "RealNetworks, Inc." "c:\programme\real\realplayer\update\realsched.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Adressbuch 6" "Bibliothek für Outlook Setup" "Microsoft Corporation" "c:\programme\outlook express\setup50.exe"
+ "Microsoft Outlook Express 6" "Bibliothek für Outlook Setup" "Microsoft Corporation" "c:\programme\outlook express\setup50.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "EPLTarget\P0000000000000001" "EPSON Status Monitor 3" "SEIKO EPSON CORPORATION" "c:\windows\system32\spool\drivers\w32x86\3\e_fatiike.exe"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components" "" "" ""
+ "0" "" "" "File not found: About:Home"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\7-zip\7-zip.dll"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\programme\microsoft security client\shellext.dll"
+ "Sprint.ExplorerIntegration" "ABBYY Sprint Integration" "ABBYY" "c:\programme\gemeinsame dateien\abbyy\finereadersprint\9.00\integration\sprintintegration.dll"
+ "TuneUp Shredder Shell Extension" "TuneUp Shredder Shell Extension" "TuneUp Software GmbH" "c:\programme\tuneup utilities 2007\sdshelex-win32.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\programme\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\7-zip\7-zip.dll"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\programme\microsoft security client\shellext.dll"
+ "TuneUp Shredder Shell Extension" "TuneUp Shredder Shell Extension" "TuneUp Software GmbH" "c:\programme\tuneup utilities 2007\sdshelex-win32.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\7-zip\7-zip.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "c:\programme\ati technologies\ati.ace\core-static\atiacmxx.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\programme\gemeinsame dateien\adobe\acrobat\activex\pdfshell.dll"
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "OpenOffice.org" "c:\programme\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\programme\malwarebytes' anti-malware\mbamext.dll"
+ "RUShellExt" "Revo Uninstaller Pro Extension" "VS Revo Group" "c:\programme\vs revo group\revo uninstaller pro\ruext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\programme\gemeinsame dateien\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Easy Photo Print" "Epson Easy Photo Print (TBL)" "SEIKO EPSON CORPORATION" "c:\programme\epson software\easy photo print\eptbl.dll"
+ "Google Toolbar Notifier BHO" "GoogleToolbarNotifier" "Google Inc." "c:\programme\google\googletoolbarnotifier\5.2.4204.1700\swg.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\programme\java\jre7\bin\jp2ssv.dll"
+ "RealNetworks Download and Record Plugin for Internet Explorer" "RealPlayer Download and Record Plugin" "RealDownloader" "c:\dokumente und einstellungen\all users\anwendungsdaten\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "EPTBL" "Epson Easy Photo Print (TBL)" "SEIKO EPSON CORPORATION" "c:\programme\epson software\easy photo print\eptbl.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Windows Messenger" "Windows Messenger" "Microsoft Corporation" "c:\programme\messenger\msmsgs.exe"
"Task Scheduler" "" "" ""
+ "Adobe Flash Player Updater.job" "Adobe® Flash® Player Update Service 11.5 r502" "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "Google Software Updater.job" "gusvc" "Google" "c:\programme\google\common\google updater\googleupdaterservice.exe"
+ "Microsoft Antimalware Scheduled Scan.job" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\programme\microsoft security client\mpcmdrun.exe"
+ "MpIdleTask.job" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\programme\microsoft security client\mpcmdrun.exe"
+ "RealPlayerRealUpgradeLogonTaskS-1-5-21-1957994488-838170752-682003330-1004.job" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\programme\real\realupgrade\realupgrade.exe"
+ "RealPlayerRealUpgradeScheduledTaskS-1-5-21-1957994488-838170752-682003330-1004.job" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\programme\real\realupgrade\realupgrade.exe"
+ "RealUpgradeLogonTaskS-1-5-21-1957994488-838170752-682003330-1004.job" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\programme\real\realupgrade\realupgrade.exe"
+ "RealUpgradeScheduledTaskS-1-5-21-1957994488-838170752-682003330-1004.job" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\programme\real\realupgrade\realupgrade.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AAV UpdateService" "Aktualisiert Softwareprodukte der Akademischen Arbeitsgemeinschaft" "" "c:\programme\akademische arbeitsgemeinschaft\aavupdatemanager\aavus.exe"
+ "ABBYY.Licensing.FineReader.Sprint.9.0" "Dieser Dienst ist zum Ausführen des Lizenzierungsmechanismus von ABBYY FineReader 9.0 Sprint notwendig." "ABBYY" "c:\programme\gemeinsame dateien\abbyy\finereadersprint\9.00\licensing\networklicenseserver.exe"
+ "AdobeFlashPlayerUpdateSvc" "Mit diesem Dienst ist Ihre Flash Player-Installation immer aktuell und verwendet die neuesten Verbesserungen und Sicherheits-Fixes." "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "AppMgmt" "Bietet Softwareinstallationsdienste wie Zuweisung, Veröffentlichung, und Deinstallation." "" "File not found: C:\WINDOWS\System32\appmgmts.dll"
+ "Ati HotKey Poller" "ATI External Event Utility EXE Module" "ATI Technologies Inc." "c:\windows\system32\ati2evxx.exe"
+ "ATI Smart" "ATI Smart" "" "c:\windows\system32\ati2sgag.exe"
+ "EpsonBidirectionalService" "eEBAPI Core Process module" "SEIKO EPSON CORPORATION" "c:\programme\gemeinsame dateien\epson\ebapi\eebsvc.exe"
+ "EpsonScanSvc" "Epson Scanner Service (32bit)" "Seiko Epson Corporation" "c:\windows\system32\escsvc.exe"
+ "gupdate" "Hält Ihre Google-Software auf dem neuesten Stand. Falls dieser Service deaktiviert oder angehalten wird, wird Ihre Google-Software nicht aktualisiert. Das heißt, dass eventuell auftretende Sicherheitslücken nicht behoben und bestimmte Funktionen möglicherweise nicht ausgeführt werden können. Dieser Service deinstalliert sich selbst, wenn er nicht von einer Google-Software verwendet wird." "Google Inc." "c:\programme\google\update\googleupdate.exe"
+ "gupdatem" "Hält Ihre Google-Software auf dem neuesten Stand. Falls dieser Service deaktiviert oder angehalten wird, wird Ihre Google-Software nicht aktualisiert. Das heißt, dass eventuell auftretende Sicherheitslücken nicht behoben und bestimmte Funktionen möglicherweise nicht ausgeführt werden können. Dieser Service deinstalliert sich selbst, wenn er nicht von einer Google-Software verwendet wird." "Google Inc." "c:\programme\google\update\googleupdate.exe"
+ "gusvc" "Mit Google Updater bleibt Ihre Google-Software stets auf dem neuesten Stand. Wird der Google Updater-Service deaktiviert oder angehalten, so wird Ihre Google-Software nicht mehr aktualisiert, was dazu führen kann, dass etwaige Sicherheitslücken nicht geschlossen werden und bestimmte Funktionen nicht mehr verfügbar sind." "Google" "c:\programme\google\common\google updater\googleupdaterservice.exe"
+ "JavaQuickStarterService" "Prefetches JRE files for faster startup of Java applets and applications" "Oracle Corporation" "c:\programme\java\jre7\bin\jqs.exe"
+ "LexBceS" "LexBce Service" "Lexmark International, Inc." "c:\windows\system32\lexbces.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\programme\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\programme\malwarebytes' anti-malware\mbamservice.exe"
+ "MozillaMaintenance" "Der Mozilla Maintenance Service stellt sicher, dass die neueste und sicherste Version von Mozilla Firefox auf Ihrem Computer installiert ist. Denn Firefox auf dem aktuellen Stand zu halten, ist sehr wichtig für Ihre Sicherheit online und Mozilla empfiehlt mit Nachdruck, dass Sie den Dienst aktiviert lassen." "Mozilla Foundation" "c:\programme\mozilla maintenance service\maintenanceservice.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\programme\microsoft security client\msmpeng.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\programme\gemeinsame dateien\microsoft shared\source engine\ose.exe"
+ "RealNetworks Downloader Resolver Service" "Manage different Downloader versions in RealNetworks' products." "" "c:\programme\realnetworks\realdownloader\rndlresolversvc.exe"
+ "Transbase" "Transbase/CD Database System" "Transaction Software, D 81737 Munich" "c:\bmwgroup\etklokal\transbase\tbmux32.exe"
+ "UxTuneUp" "Erlaubt die Verwendung visueller Stile ohne Microsoft-Signatur." "TuneUp Software GmbH" "c:\windows\system32\uxtuneup.dll"
+ "WMPNetworkSvc" "Gibt Windows Media Player-Bibliotheken mithilfe des universellen Plug & Play für andere Players und Mediengeräte auf dem Netzwerk frei" "Microsoft Corporation" "c:\programme\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "ati2mtag" "ATI Radeon WindowsNT Miniport Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\ati2mtag.sys"
+ "ATIAVAIW" "ATI T200 Unified AVStream Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atinavt2.sys"
+ "ATMhelpr" "Windows NT Font Driver Helper" "Adobe Systems Incorporated" "c:\windows\system32\drivers\atmhelpr.sys"
+ "Changer" "" "" "File not found: C:\WINDOWS\System32\Drivers\Changer.sys"
+ "cpuz135" "CPUID Driver" "CPUID" "c:\windows\system32\drivers\cpuz135_x32.sys"
+ "ENTECH" "PowerStrip support NT kernel-mode driver" "EnTech Taiwan" "c:\windows\system32\drivers\entech.sys"
+ "FINEPIX_PCC" "USB PC Camera" "FUJI PHOTO FILM CO.,LTD." "c:\windows\system32\drivers\v4cb011d.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "GMSIPCI" "" "" "File not found: I:\INSTALL\GMSIPCI.SYS"
+ "HdAudAddService" "Ati High Definition Audio Function Driver" "ATI Research Inc." "c:\windows\system32\drivers\atihdaud.sys"
+ "HDAudBus" "High Definition Audio Bus Driver v1.0a" "Windows ® Server 2003 DDK provider" "c:\windows\system32\drivers\hdaudbus.sys"
+ "i2omgmt" "" "" "File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkhdaud.sys"
+ "lbrtfdc" "" "" "File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys"
+ "MASPINT" "Aspi32 Driver" "MicroStaff Co.,Ltd." "c:\windows\system32\drivers\maspint.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "MSI_MSIBIOS_010507" "Description string for Msibios driver" "Your Corporation" "c:\programme\msi\live update 5\msibios32_100507.sys"
+ "NTACCESS" "" "" "File not found: I:\NTACCESS.sys"
+ "NTIOLib_1_0_4" "NTIOLib" "MSI" "c:\programme\msi\live update 5\ntiolib.sys"
+ "PCASp50" "PCAUSA NDIS 5.0 SPR Protocol Driver" "Printing Communications Assoc., Inc. (PCAUSA)" "c:\windows\system32\drivers\pcasp50.sys"
+ "PciCon" "" "" "File not found: E:\PciCon.sys"
+ "PCIDump" "" "" "File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys"
+ "PDCOMP" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys"
+ "PDFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys"
+ "PDRELI" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys"
+ "PDRFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys"
+ "Ptilink" "Treiber für direkte Parallelverbindung" "Parallel Technologies, Inc." "c:\windows\system32\drivers\ptilink.sys"
+ "PxHelp20" "" "" "File not found: System32\Drivers\PxHelp20.sys"
+ "Revoflt" "Revo Uninstaller Filter driver" "VS Revo Group" "c:\windows\system32\drivers\revoflt.sys"
+ "rt2870" "Ralink 802.11 USB Wireless Adapter Driver" "Ralink Technology, Corp." "c:\windows\system32\drivers\rt2870.sys"
+ "RTLE8023xp" "Realtek 10/100/1000 NDIS 5.1 Driver                         " "Realtek Semiconductor Corporation                           " "c:\windows\system32\drivers\rtenicxp.sys"
+ "Secdrv" "SafeDisc driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SetupNTGLM7X" "" "" "File not found: I:\NTGLM7X.sys"
+ "TS111_USB" "T-Sinus 111 card Wireless NDIS 5.1 USB Driver" "Deutsche Telekom AG" "c:\windows\system32\drivers\ts111usb.sys"
+ "w32n5323" "" "" "File not found: C:\PROGRA~1\DT\DT11MB~1\INSTAL~1\WINXP\w32n5323.SYS"
+ "WDICA" "" "" "File not found: C:\WINDOWS\System32\Drivers\WDICA.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "msacm.sl_anet" "Audio codec for MS ACM" "Sipro Lab Telecom Inc." "c:\windows\system32\sl_anet.acm"
+ "msacm.trspch" "DSP Group TrueSpeech™ Audio Codec für MSACM V3.50" "DSP GROUP, INC." "c:\windows\system32\tssoft32.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "VIDC.FPS1" "Fraps" "Beepa P/L" "c:\windows\system32\frapsvid.dll"
+ "vidc.iv31" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv32" "" "" "c:\windows\system32\ir32_32.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Movie Maker Filters" "Microsoft Corporation" "c:\programme\movie maker\wmm2filt.dll"
+ "ACELP.net Audio Decoder" "ACELP.net Audio Decoder" "Sipro Lab Telecom Inc." "c:\windows\system32\acelpdec.ax"
+ "Allocator Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\programme\movie maker\wmm2filt.dll"
+ "ATI MPEG Audio Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\programme\gemeinsame dateien\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG File Writer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\programme\gemeinsame dateien\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Multiplexer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\programme\gemeinsame dateien\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Video Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\programme\gemeinsame dateien\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Video Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\programme\gemeinsame dateien\ati technologies\multimedia\atimpenc.dll"
+ "ATI Ticker" "" "" "c:\programme\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "ATI Video Rotation Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\programme\gemeinsame dateien\ati technologies\multimedia\atimpenc.dll"
+ "ATI Video Scaler Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\programme\gemeinsame dateien\ati technologies\multimedia\atimpenc.dll"
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\programme\google\google earth\client\wavdest.ax"
+ "Bitmap" "Movie Maker Filters" "Microsoft Corporation" "c:\programme\movie maker\wmm2filt.dll"
+ "Frame Eater" "Movie Maker Filters" "Microsoft Corporation" "c:\programme\movie maker\wmm2filt.dll"
+ "MMACE Deinterlace" "" "" "c:\programme\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp" "" "" "c:\programme\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu" "" "" "c:\programme\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MPEG Layer-3 Decoder" "MPEG Layer-3 Audio Decoder" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codecx.ax"
+ "RealPlayer Audio Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\programme\real\realplayer\rdsf3260.dll"
+ "RealPlayer Mp3 Transform Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\programme\real\realplayer\rdsf3260.dll"
+ "RealPlayer MPEG4 Transform Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\programme\real\realplayer\rdsf3260.dll"
+ "RealPlayer Transcode Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\programme\real\realplayer\rdsf3260.dll"
+ "RealPlayer Video Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\programme\real\realplayer\rdsf3260.dll"
+ "Record Queue" "Movie Maker Filters" "Microsoft Corporation" "c:\programme\movie maker\wmm2filt.dll"
+ "ShotBoundaryDet" "Windows Movie Maker" "Microsoft Corporation" "c:\programme\movie maker\wmmfilt.dll"
+ "ShotDetect" "Movie Maker Filters" "Microsoft Corporation" "c:\programme\movie maker\wmm2filt.dll"
+ "Stetch" "Movie Maker Filters" "Microsoft Corporation" "c:\programme\movie maker\wmm2filt.dll"
+ "WIA Stream Snapshot Filter" "WIA Stream Snapshot Filter" "MyCompanyName" "c:\windows\system32\wiasf.ax"
+ "Windows Media Pad VU Data Grabber" "Windows Movie Maker" "Microsoft Corporation" "c:\programme\movie maker\wmmfilt.dll"
+ "WM VIH2 Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\programme\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Movie Maker Filters" "Microsoft Corporation" "c:\programme\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Movie Maker Filters" "Microsoft Corporation" "c:\programme\movie maker\wmm2filt.dll"
+ "WMT DirectX Transform Wrapper" "Movie Maker Filters" "Microsoft Corporation" "c:\programme\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\programme\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Movie Maker Filters" "Microsoft Corporation" "c:\programme\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\programme\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Movie Maker Filters" "Microsoft Corporation" "c:\programme\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\programme\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\programme\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\programme\movie maker\wmm2filt.dll"
+ "WMT Screen capture Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\programme\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\programme\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Movie Maker Filters" "Microsoft Corporation" "c:\programme\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Movie Maker Filters" "Microsoft Corporation" "c:\programme\movie maker\wmm2filt.dll"
+ "WMT Volume" "Movie Maker Filters" "Microsoft Corporation" "c:\programme\movie maker\wmm2filt.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "AtiExtEvent" "ATI External Event Utility DLL Module" "ATI Technologies Inc." "c:\windows\system32\ati2evxx.dll"
"HKCU\Control Panel\Desktop\Scrnsave.exe" "" "" ""
+ "C:\WINDOWS\MM_BAH~1.SCR" "bahn32" "Manfred Meyer, Martin Meyer" "c:\windows\mm_bahn_v3.scr"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "EPSON Stylus SX200 Series 32MonitorBE" "EPSON Bi-directional Monitor x86" "SEIKO EPSON CORPORATION" "c:\windows\system32\e_flbefe.dll"
+ "EPSON XP-302 303 305 306 Series 32MonitorBE" "EPSON Bi-directional Monitor x86" "SEIKO EPSON CORPORATION" "c:\windows\system32\e_flbike.dll"
+ "EpsonNet Print Port" "EpsonNet Print Port Monitor DLL" "SEIKO EPSON CORPORATION" "c:\windows\system32\enppmon.dll"
+ "Lexmark Network Port" "LEXLMPM DLL" "Lexmark International, Inc." "c:\windows\system32\lexlmpm.dll"
 

 

Well, that's a lot of data here.

 

Regards

 

Norbert



#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:08 AM

Posted 16 February 2013 - 09:16 AM

You missed Junkware log and Adware cleaner log.

 

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Run Farbar service scanner again and post the new log
 



#10 NdotA

NdotA
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:08 AM

Posted 17 February 2013 - 05:11 AM

Ooops, sorry, must have got lost in the files.

Here are the missing logs:

Junkware log:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.3 (02.12.2013:1)
OS: Microsoft Windows XP x86
Ran by Aust on 16.02.2013 at 13:24:14,90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-1957994488-838170752-682003330-1004\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16.02.2013 at 13:27:56,53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Adware cleaner log:

# AdwCleaner v2.112 - Datei am 16/02/2013 um 13:19:55 erstellt
# Aktualisiert am 10/02/2013 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : Aust - AUST-Q0HX0CC2TV
# Bootmodus : Normal
# Ausgeführt unter : C:\Dokumente und Einstellungen\Aust\Desktop\AdwCleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v13.0.1 (de)

Datei : C:\Dokumente und Einstellungen\Aust\Anwendungsdaten\Mozilla\Firefox\Profiles\hz7t7jnk.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [769 octets] - [16/02/2013 13:19:55]

########## EOF - C:\AdwCleaner[R1].txt - [828 octets] ##########


Ran the service repair tool and farber.
Good news: after running the repair tool I got a warning that my firewall was down and I coul enable it. Here is the new farbar log:


Farbar Service Scanner Version: 15-02-2013
Ran by Aust (administrator) on 17-02-2013 at 10:39:59
Running from "C:\Dokumente und Einstellungen\Aust\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll
[2003-04-02 13:00] - [2008-04-14 03:22] - 0127488 ____A (Microsoft Corporation) C29A1C9B75BA38FA37F8C44405DEC360

C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll
[2003-04-02 13:00] - [2009-04-20 18:17] - 0045568 ____A (Microsoft Corporation) 407F3227AC618FD1CA54B335B083DE07

C:\WINDOWS\system32\ipnathlp.dll
[2003-04-02 13:00] - [2008-04-14 03:22] - 0334336 ____A (Microsoft Corporation) CAD058D5F8B889A87CA3EB3CF624DCEF

C:\WINDOWS\system32\netman.dll
[2003-04-02 13:00] - [2008-04-14 03:22] - 0198144 ____A (Microsoft Corporation) E6D88F1F6745BF00B57E7855A2AB696C

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2007-08-27 19:15] - [2008-04-14 03:22] - 0145408 ____A (Microsoft Corporation) 6F3F3973D97714CC5F906A19FE883729

C:\WINDOWS\system32\srsvc.dll
[2007-08-27 19:16] - [2008-04-14 03:22] - 0171520 ____A (Microsoft Corporation) FE77A85495065F3AD59C5C65B6C54182

C:\WINDOWS\system32\Drivers\sr.sys
[2007-08-27 19:16] - [2008-04-14 03:02] - 0073472 ____A (Microsoft Corporation) 50FA898F8C032796D3B1B9951BB5A90F

C:\WINDOWS\system32\wscsvc.dll
[2007-08-27 20:26] - [2008-04-14 03:22] - 0080896 ____A (Microsoft Corporation) 300B3E84FAF1A5C1F791C159BA28035D

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2007-08-27 19:15] - [2008-04-14 03:22] - 0145408 ____A (Microsoft Corporation) 6F3F3973D97714CC5F906A19FE883729

C:\WINDOWS\system32\wuauserv.dll
[2007-08-27 19:15] - [2008-04-14 03:22] - 0006656 ____A (Microsoft Corporation) 7B4FE05202AA6BF9F4DFD0E6A0D8A085

C:\WINDOWS\system32\qmgr.dll
[2007-08-27 19:16] - [2008-04-14 03:22] - 0409088 ____A (Microsoft Corporation) D6F603772A789BB3228F310D650B8BD1

C:\WINDOWS\system32\es.dll
[2003-04-02 13:00] - [2008-07-07 21:26] - 0253952 ____A (Microsoft Corporation) AF4F6B5739D18CA7972AB53E091CBC74

C:\WINDOWS\system32\cryptsvc.dll
[2003-04-02 13:00] - [2008-04-14 03:22] - 0062464 ____A (Microsoft Corporation) 611F824E5C703A5A899F84C5F1699E4D

C:\WINDOWS\system32\svchost.exe
[2003-04-02 13:00] - [2008-04-14 03:23] - 0014336 ____A (Microsoft Corporation) 4FBC75B74479C7A6F829E0CA19DF3366

C:\WINDOWS\system32\rpcss.dll
[2003-04-02 13:00] - [2009-02-09 11:51] - 0401408 ____A (Microsoft Corporation) 3127AFBF2C1ED0AB14A1BBB7AAECB85B

C:\WINDOWS\system32\services.exe
[2003-04-02 13:00] - [2009-02-09 12:21] - 0111104 ____A (Microsoft Corporation) A3EDBE9053889FB24AB22492472B39DC


Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
0x0B00000005000000010000000200000003000000040000000B0000000A00000009000000080000000600000007000000
IpSec Tag value is correct.

**** End of log ****

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:08 AM

Posted 17 February 2013 - 10:45 AM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

 



#12 NdotA

NdotA
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:08 AM

Posted 18 February 2013 - 08:19 AM

Thanks narenxp for your support.

Just one question: In the past there has been a donation-button somewhere. Just for the good service I received from you, I would use it. But where do I find it?

Norbert

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:08 AM

Posted 18 February 2013 - 09:01 AM

.


Edited by narenxp, 18 February 2013 - 10:30 AM.


#14 NdotA

NdotA
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:08 AM

Posted 18 February 2013 - 10:25 AM

Check your account and do as advised.

Norbert

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:08 AM

Posted 18 February 2013 - 10:31 AM

Received it.Appreciate your response. :)

 

safe surfing thumbup2.gif






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users