| |
| |||||||
Log-Analyse und Auswertung: ADSPY/Stud.D.8, TR/Fakealert.grb.141 von Avira gemeldet...Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
02.01.2013, 19:37
| #1 |
 |  ADSPY/Stud.D.8, TR/Fakealert.grb.141 von Avira gemeldet... Liebe Helfer hier, dank Eurer Hilfe war ich anderthalb Jahre virenfrei unterwegs, und nun hat es mich wieder erwischt  Beim Besuch einer Seite zum Entfernen von KodakEasyShare Software hab ich mir einen KodakCleaner heruntergeladen und versucht auszuführen. Avira Internet Security (Vollversion) verhinderte den Start und meldete, dass es den TR/Dropper.VB.gen gefunden hätte. Ich hab das System gescannt mit Avira, den TR/Dropper in Quarantäne gegeben und gehofft. Zwei Tage später brachte der erneute AScan die Meldung: TR/Fakealert.grb.141 und 297 gefunden - wieder in Quarantäne verschoben. Heute nun noch ein Scan, nun taucht plötzlich ADSPY/Stud.D.8 auf. Ich hab überhaupt kein Zutrauen zu meinem System mehr und deshalb hier diesen Thread eröffnet. Hier noch die erforderlichen checks/logs: 1) defogger lief ohne Fehlermeldung durch 2) OTL Logfile konnte ich nicht anhängen, zu groß, daher hier im Text: OTL logfile created on: 02.01.2013 14:46:39 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Dagmar\Desktop Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1022,42 Mb Total Physical Memory | 521,63 Mb Available Physical Memory | 51,02% Memory free 2,40 Gb Paging File | 1,75 Gb Available in Paging File | 72,94% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 111,79 Gb Total Space | 25,17 Gb Free Space | 22,52% Space Free | Partition Type: NTFS Computer Name: HOME | User Name: Dagmar | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.01.02 14:42:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Dagmar\Desktop\OTL.exe PRC - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012.12.14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012.12.10 15:26:44 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2012.12.10 15:26:20 | 000,565,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe PRC - [2012.12.10 15:26:19 | 000,079,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2012.12.10 15:26:16 | 000,400,160 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe PRC - [2012.12.10 15:26:15 | 000,384,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.12.10 15:26:15 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2012.12.10 15:26:14 | 000,656,672 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avfwsvc.exe PRC - [2012.09.24 23:12:59 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Programme\Java\jre7\bin\jqs.exe PRC - [2012.08.11 16:43:06 | 000,055,184 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2012.07.11 17:20:41 | 000,935,008 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe PRC - [2012.06.27 08:25:06 | 001,326,176 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\psia.exe PRC - [2012.06.27 08:25:04 | 000,681,056 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\sua.exe PRC - [2010.03.04 22:38:00 | 000,071,096 | ---- | M] () -- C:\Programme\CDBurnerXP\NMSAccessU.exe PRC - [2009.11.10 19:36:04 | 000,431,456 | ---- | M] (Seagate) -- C:\Programme\Gemeinsame Dateien\Seagate\Schedule2\schedul2.exe PRC - [2008.12.16 20:59:50 | 000,150,040 | ---- | M] (Logitech Inc.) -- C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe PRC - [2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006.12.19 17:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Programme\Gemeinsame Dateien\EPSON\EBAPI\eEBSvc.exe PRC - [2006.02.09 10:17:28 | 000,031,744 | ---- | M] (SRS Labs, Inc.) -- C:\Programme\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller.exe PRC - [2005.10.12 11:30:24 | 000,086,140 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTMon.exe PRC - [2005.04.06 16:03:28 | 000,110,592 | ---- | M] () -- C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe PRC - [2004.04.06 19:35:10 | 000,929,904 | ---- | M] (Ahead Software AG) -- C:\Programme\Ahead\InCD\incdsrv.exe ========== Modules (No Company Name) ========== MOD - [2012.11.28 14:13:52 | 000,087,952 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll MOD - [2012.11.28 14:13:30 | 001,242,512 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll MOD - [2012.10.03 16:57:46 | 000,397,088 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll MOD - [2012.07.11 17:20:41 | 000,935,008 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe MOD - [2011.10.19 16:48:20 | 000,447,848 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\libxml2.dll MOD - [2011.10.19 16:48:12 | 000,060,264 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\cares.dll MOD - [2011.05.28 21:04:56 | 000,140,288 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll MOD - [2010.03.04 22:38:00 | 000,071,096 | ---- | M] () -- C:\Programme\CDBurnerXP\NMSAccessU.exe MOD - [2008.04.14 03:22:16 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2006.09.29 17:29:10 | 000,114,688 | ---- | M] () -- C:\WINDOWS\system32\bmpsap.dll MOD - [2006.06.29 09:17:04 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll MOD - [2005.04.06 16:03:28 | 000,110,592 | ---- | M] () -- C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe ========== Services (SafeList) ========== SRV - [2012.12.21 08:13:07 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012.12.10 15:26:44 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.12.10 15:26:20 | 000,565,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService) SRV - [2012.12.10 15:26:16 | 000,400,160 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService) SRV - [2012.12.10 15:26:15 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.12.10 15:26:14 | 000,656,672 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avfwsvc.exe -- (AntiVirFirewallService) SRV - [2012.12.09 08:49:23 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.09.24 23:12:59 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2012.08.11 16:43:06 | 000,055,184 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2012.07.11 17:20:41 | 000,935,008 | ---- | M] () [Auto | Running] -- C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe -- (vToolbarUpdater11.2.0) SRV - [2012.06.27 08:25:06 | 001,326,176 | ---- | M] (Secunia) [Auto | Running] -- C:\Programme\Secunia\PSI\psia.exe -- (Secunia PSI Agent) SRV - [2012.06.27 08:25:04 | 000,681,056 | ---- | M] (Secunia) [Auto | Running] -- C:\Programme\Secunia\PSI\sua.exe -- (Secunia Update Agent) SRV - [2012.01.23 05:43:08 | 000,092,592 | ---- | M] (TomTom) [Disabled | Stopped] -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2010.03.04 22:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccess) SRV - [2009.11.10 19:36:04 | 000,431,456 | ---- | M] (Seagate) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Seagate\Schedule2\schedul2.exe -- (SgtSch2Svc) SRV - [2008.12.16 20:59:50 | 000,150,040 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv) SRV - [2006.12.19 17:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService) SRV - [2006.02.09 10:17:28 | 000,031,744 | ---- | M] (SRS Labs, Inc.) [Auto | Running] -- C:\Programme\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller.exe -- (SRS_PostInstaller) SRV - [2005.11.14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2005.10.12 11:30:24 | 000,086,140 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMon) SRV - [2005.04.06 16:03:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe -- (BlueSoleil Hid Service) SRV - [2004.04.06 19:35:10 | 000,929,904 | ---- | M] (Ahead Software AG) [Auto | Running] -- C:\Programme\Ahead\InCD\incdsrv.exe -- (InCDsrv) ========== Driver Services (SafeList) ========== DRV - File not found [Adapter | On_Demand | Unknown] -- -- (Winsock - Google Desktop Search Backup Before Last Install) DRV - File not found [Adapter | On_Demand | Unknown] -- -- (Winsock - Google Desktop Search Backup Before First Install) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\SSHDRV85.sys -- (SSHDRV85) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\LVcKap.sys -- (LVcKap) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\lgodd_filter.sys -- (lgodd_filter) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme) DRV - [2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2012.12.10 15:26:54 | 000,134,336 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2012.12.10 15:26:53 | 000,083,944 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2012.11.27 14:33:45 | 000,112,584 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avfwot.sys -- (avfwot) DRV - [2012.11.27 14:33:45 | 000,092,008 | ---- | M] (Avira GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avfwim.sys -- (avfwim) DRV - [2012.11.15 11:29:38 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr) DRV - [2012.10.03 16:58:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2012.02.24 10:14:42 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm) DRV - [2012.02.24 10:14:42 | 000,080,824 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus) DRV - [2011.12.16 15:19:54 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI) DRV - [2011.01.06 18:18:10 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\timntr.sys -- (timounter) DRV - [2011.01.06 18:18:10 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter) DRV - [2011.01.06 18:17:57 | 000,132,224 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\snapman.sys -- (snapman) DRV - [2011.01.06 18:17:13 | 000,368,480 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\tdrpman.sys -- (tdrpman) DRV - [2009.11.12 12:48:56 | 000,005,504 | ---- | M] () [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2008.12.17 07:02:06 | 000,023,832 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService) DRV - [2008.12.17 07:01:42 | 006,364,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) DRV - [2008.12.17 07:01:20 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta) DRV - [2008.12.17 07:00:12 | 000,768,024 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS) DRV - [2008.12.16 20:58:54 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon) DRV - [2007.05.02 03:52:00 | 000,290,816 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21) DRV - [2007.01.05 11:33:09 | 000,097,792 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ACEDRV05.sys -- (ACEDRV05) DRV - [2006.09.07 00:04:12 | 004,377,600 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) DRV - [2006.06.29 21:13:08 | 001,160,320 | R--- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2006.05.03 20:50:42 | 001,540,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2006.02.13 11:15:36 | 000,075,648 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGR1310_51.sys -- (AGR1310_51) DRV - [2006.02.09 10:17:36 | 000,020,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WOWFilter.sys -- (wowfilter) DRV - [2006.01.19 13:31:34 | 000,010,068 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BtNetDrv.sys -- (BT) DRV - [2006.01.08 07:12:42 | 000,117,906 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATSwpDrv.sys -- (ATSWPDRV) DRV - [2005.12.14 20:30:22 | 000,007,552 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgsnd_filter.sys -- (lgsnd_filter) DRV - [2005.12.07 12:24:44 | 000,164,480 | ---- | M] (CyberLink Corporation.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\BsUDF.sys -- (BsUDF) DRV - [2005.12.07 12:24:44 | 000,010,112 | ---- | M] (Cyberlink Co.,Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\BsStor.sys -- (BsStor) DRV - [2005.11.18 03:17:28 | 000,036,352 | R--- | M] (Infineon Technologies AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ifxtpm.sys -- (IFXTPM) DRV - [2005.11.14 13:59:00 | 000,007,424 | ---- | M] (CMS Peripherals, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\portd2k.sys -- (portD) DRV - [2005.10.23 17:25:12 | 000,023,000 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btcusb.sys -- (Btcsrusb) DRV - [2005.08.31 22:15:42 | 000,015,616 | R--- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LGDMEBTN.sys -- (LGDMEBTN) DRV - [2005.08.31 10:34:52 | 000,020,480 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio) DRV - [2005.08.31 10:34:10 | 000,020,480 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\blueletaudio.sys -- (BlueletAudio) DRV - [2005.07.29 16:21:32 | 000,011,988 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vbtenum.sys -- (BTHidEnum) DRV - [2005.07.20 08:26:34 | 000,015,232 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Ndisipo.sys -- (Ndisipo) DRV - [2005.04.30 14:50:10 | 000,028,271 | ---- | M] (IVT Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\BTHidMgr.sys -- (BTHidMgr) DRV - [2005.03.25 17:18:48 | 000,082,148 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VcommMgr.sys -- (VcommMgr) DRV - [2005.01.07 16:07:16 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService) DRV - [2004.12.10 12:48:46 | 000,024,704 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidKE.Sys -- (LHidKe) DRV - [2004.12.10 12:48:40 | 000,068,992 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE) DRV - [2004.12.10 12:48:18 | 000,036,480 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidUsbK.sys -- (LHidUsbK) DRV - [2004.12.10 12:47:58 | 000,013,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd) DRV - [2004.10.19 13:37:38 | 000,061,312 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VComm.sys -- (VComm) DRV - [2004.04.06 19:43:22 | 000,005,504 | ---- | M] (Ahead Software AG) [Recognizer | System | Unknown] -- C:\WINDOWS\System32\drivers\incdrec.sys -- (InCDrec) DRV - [2004.04.06 19:40:10 | 000,025,600 | ---- | M] (Ahead Software AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\incdpass.sys -- (InCDPass) DRV - [2004.04.06 19:39:20 | 000,089,472 | ---- | M] (Ahead Software AG) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\incdfs.sys -- (InCDfs) DRV - [2003.12.05 10:46:36 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 74 5C F6 2B D6 E4 CD 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={01F65039-37B5-427F-A001-5C1810AEC816}&mid=ba7b9c96b8c447d095f7d14a4be4e9f2-e9e75c9d578729d49e16a792420674cbc46d997e&lang=en&ds=tt014&pr=sa&d=2012-04-15 07:40:00&v=8.0.0.34&sap=dsp&q={searchTerms} IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Google" FF - prefs.js..browser.search.defaultthis.engineName: "softonic-de3 Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.selectedEngine: "Ixquick - Deutsch" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.ixquick.com/" FF - prefs.js..extensions.enabledAddons: %7B70F241F6-52AB-4D45-993E-C1C09920095B%7D:1.70 FF - prefs.js..extensions.enabledAddons: %7Bc45c406e-ab73-11d8-be73-000a95be3b12%7D:1.2.2 FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.4.2 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6 FF - prefs.js..extensions.enabledItems: {70F241F6-52AB-4D45-993E-C1C09920095B}:1.67 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.9 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Programme\Gemeinsame Dateien\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll () FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Programme\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Programme\Gemeinsame Dateien\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media ) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Programme\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.12.09 08:49:25 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.12.09 08:49:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.11\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2012.11.25 08:24:51 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.11\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins [2010.09.05 13:39:40 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\Mozilla\Extensions [2010.09.05 13:39:40 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2008.10.02 16:58:17 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\Mozilla\Extensions\home2@tomtom.com [2012.12.30 08:12:19 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\Mozilla\Firefox\Profiles\8qp236kz.default\extensions [2009.12.01 07:03:31 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\Mozilla\Firefox\Profiles\8qp236kz.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2012.04.15 06:40:23 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\Mozilla\Firefox\Profiles\8qp236kz.default\extensions\avg@toolbar [2011.12.25 10:51:44 | 000,121,447 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\Mozilla\Firefox\Profiles\8qp236kz.default\extensions\{70F241F6-52AB-4D45-993E-C1C09920095B}.xpi [2012.12.30 08:12:19 | 000,533,036 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\Mozilla\Firefox\Profiles\8qp236kz.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012.09.07 15:15:42 | 001,268,546 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\Mozilla\Firefox\Profiles\8qp236kz.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2012.11.24 07:37:03 | 000,804,627 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\Mozilla\Firefox\Profiles\8qp236kz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2010.06.08 10:29:10 | 000,000,927 | ---- | M] () -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\Mozilla\Firefox\Profiles\8qp236kz.default\searchplugins\conduit.xml [2013.01.01 09:33:04 | 000,001,610 | ---- | M] () -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\Mozilla\Firefox\Profiles\8qp236kz.default\searchplugins\ixquick---deutsch.xml [2011.11.24 21:00:06 | 000,002,484 | ---- | M] () -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\Mozilla\Firefox\Profiles\8qp236kz.default\searchplugins\ixquick.xml [2012.12.09 08:48:22 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.12.09 08:48:22 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2012.12.09 08:49:25 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll [2011.09.27 19:04:22 | 000,170,080 | ---- | M] (Tracker Software Products Ltd.) -- C:\Programme\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2008.01.22 11:04:00 | 000,167,552 | ---- | M] (F5 Networks) -- C:\Programme\mozilla firefox\plugins\NPuroamHost.dll [2012.12.09 08:49:20 | 000,001,738 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazon-en-GB.xml [2012.07.11 17:19:13 | 000,003,769 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\avg-secure-search.xml [2012.09.01 14:10:46 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml [2012.12.09 08:49:20 | 000,001,148 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\chambers-en-GB.xml [2012.12.09 08:49:20 | 000,001,379 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-en-GB.xml [2012.10.16 10:31:24 | 000,002,058 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\twitter.xml [2012.12.09 08:49:20 | 000,001,334 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-en-GB.xml O1 HOSTS File: ([2011.10.25 07:54:09 | 000,000,194 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.83.72.165 nxremote.vih.infineon.com #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD# O1 - Hosts: 127.83.72.165 nxremote #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD# O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll () O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found. O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found. O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [ISUSPM Startup] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation) O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found O4 - HKLM..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime File not found O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\AutorunsDisabled [2012.12.27 12:05:08 | 000,000,000 | -H-D | M] O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000051 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O15 - HKCU\..Trusted Domains: fritz.box ([]* in Local intranet) O15 - HKCU\..Trusted Domains: infineon.com ([iaccess] http in Trusted sites) O15 - HKCU\..Trusted Domains: infineon.com ([iaccess] https in Trusted sites) O15 - HKCU\..Trusted Ranges: Range78 ([*] in Local intranet) O16 - DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} https://iaccess.infineon.com/vdesk/terminal/f5tunsrv.cab#version=7000,2011,104,2309 (F5 Networks Dynamic Application Tunnel Control) O16 - DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} https://iaccess.infineon.com/vdesk/terminal/InstallerControl.cab#version=6030,2008,1031,2119 (F5 Networks Auto Update) O16 - DPF: {57C76689-F052-487B-A19F-855AFDDF28EE} https://iaccess.infineon.com/vdesk/terminal/f5InspectionHost.cab#version=6030,2009,0622,1842 (F5 Networks Policy Agent Host Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1342111882904 (MUWebControl Class) O16 - DPF: {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} https://iaccess.infineon.com/vdesk/terminal/vdeskctrl.cab#version=6030,2008,1031,2114 (F5 Virtual Sandbox Class) O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} https://iaccess.infineon.com/vdesk/terminal/urxshost.cab#version=6030,2008,1031,2112 (F5 Networks SuperHost Class) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} https://iaccess.infineon.com/vdesk/terminal/urxhost.cab#version=7000,2011,124,911 (F5 Networks Host Control) O16 - DPF: {E615C9EA-AD69-4AE9-83C9-9D906A0ACA6D} https://iaccess.infineon.com/policy/download_binary.php/win32/f5syschk.cab#Version=7000,2010,1020,1432 (F5 Networks OS Policy Agent) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9091352D-384D-49F1-A06D-86E1B817F243}: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Programme\Gemeinsame Dateien\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll () O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\WgaLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Dagmar\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Dagmar\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {26F5978F-6493-4ee3-B114-C0C3ACCF9D4D} - C:\WINDOWS\system32\bmpsap.dll () O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.25 20:28:26 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.01.02 14:42:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Dagmar\Desktop\OTL.exe [2012.12.30 12:10:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\iTunes [2012.12.30 12:08:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\188F1432-103A-4ffb-80F1-36B633C5C9E1 [2012.12.30 12:06:19 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour [2012.12.27 14:33:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware [2012.12.27 14:32:57 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2012.12.27 12:10:59 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Dagmar\Recent [2012.12.27 12:05:08 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\AutorunsDisabled [2012.12.09 08:48:02 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.01.02 14:42:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Dagmar\Desktop\OTL.exe [2013.01.02 07:47:39 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013.01.02 07:47:34 | 1072,156,672 | -HS- | M] () -- C:\hiberfil.sys [2012.12.30 12:10:55 | 000,001,522 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk [2012.12.30 11:59:37 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2012.12.29 15:22:07 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012.12.29 14:45:13 | 000,224,816 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012.12.29 14:29:33 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk [2012.12.29 10:09:25 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012.12.28 20:08:38 | 000,507,204 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2012.12.28 20:08:38 | 000,485,864 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012.12.28 20:08:38 | 000,097,754 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2012.12.28 20:08:38 | 000,082,240 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012.12.28 13:55:36 | 000,020,044 | ---- | M] () -- C:\Dokumente und Einstellungen\Dagmar\Eigene Dateien\xp_updates.odt [2012.12.27 13:04:38 | 000,000,325 | RHS- | M] () -- C:\boot.ini [2012.12.27 11:55:20 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012.12.27 11:55:08 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012.12.27 11:55:07 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012.12.27 11:41:46 | 000,000,850 | ---- | M] () -- C:\WINDOWS\lgcenter.ini [2012.12.21 11:41:01 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2012.12.10 15:26:54 | 000,134,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys [2012.12.10 15:26:53 | 000,083,944 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.12.30 12:10:55 | 000,001,522 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk [2012.12.28 12:56:44 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2012.12.28 10:36:00 | 000,020,044 | ---- | C] () -- C:\Dokumente und Einstellungen\Dagmar\Eigene Dateien\xp_updates.odt [2012.12.27 14:33:07 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk [2012.07.12 19:37:11 | 000,000,739 | ---- | C] () -- C:\WINDOWS\Debug.ini [2012.04.29 19:16:01 | 000,650,574 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-3340495312-1229605336-1799389087-1005-0.dat [2012.04.25 19:48:07 | 000,214,830 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat [2012.03.28 21:11:08 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe [2012.02.15 08:16:15 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012.01.31 18:15:42 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll [2012.01.31 18:15:42 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll [2012.01.31 18:15:42 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll [2012.01.31 18:15:42 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll [2011.12.23 12:36:04 | 000,000,036 | -H-- | C] () -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\swk.ini [2011.11.20 12:35:10 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2011.11.19 13:02:36 | 000,019,362 | ---- | C] () -- C:\WINDOWS\prodsett_copy.ini [2011.11.13 18:41:23 | 000,000,128 | ---- | C] () -- C:\WINDOWS\To Be Fruit.INI [2011.10.18 14:39:15 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2011.10.11 14:36:42 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe [2011.10.11 14:36:42 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe [2011.10.11 14:36:42 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2011.10.11 14:36:42 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2011.10.11 14:36:42 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2011.10.09 14:28:34 | 000,023,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys [2011.10.08 19:44:12 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Dagmar\defogger_reenable [2011.01.26 13:35:26 | 000,001,056 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2009.04.30 12:15:43 | 001,300,102 | ---- | C] () -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\mdbu.bin [2009.03.26 07:38:39 | 000,060,045 | ---- | C] () -- C:\Dokumente und Einstellungen\Dagmar\dagmar.jpg [2009.03.03 14:29:27 | 000,000,309 | ---- | C] () -- C:\Dokumente und Einstellungen\Dagmar\.creox2 [2008.04.08 12:06:24 | 000,000,731 | ---- | C] () -- C:\Dokumente und Einstellungen\Dagmar\themen.html [2007.11.13 10:29:36 | 000,417,296 | ---- | C] () -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\mdb.bin [2007.09.02 11:09:04 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html [2007.05.06 15:08:24 | 000,000,204 | ---- | C] () -- C:\Dokumente und Einstellungen\Dagmar\.saves-3484-HOME [2007.01.05 09:24:36 | 000,040,960 | ---- | C] () -- C:\Programme\Uninstall_CDS.exe [2006.12.31 15:38:26 | 000,024,064 | ---- | C] () -- C:\Dokumente und Einstellungen\Dagmar\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006.12.25 17:51:11 | 000,001,755 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache [2006.12.10 04:04:23 | 000,000,139 | ---- | C] () -- C:\Dokumente und Einstellungen\Dagmar\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat ========== ZeroAccess Check ========== [2006.09.25 20:25:54 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 03:22:25 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 03:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2012.12.30 12:10:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\188F1432-103A-4ffb-80F1-36B633C5C9E1 [2012.06.23 08:09:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG Secure Search [2011.10.18 14:39:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canneverbe Limited [2010.01.31 10:30:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\cerasus.media [2012.04.15 06:39:55 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files [2012.04.17 17:23:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON [2011.11.25 13:29:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\F-Secure [2009.10.16 06:37:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Flo & Seb Engineering [2009.11.29 09:18:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\fotobuch.de AG [2010.01.30 18:40:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Friends Games [2011.11.19 13:01:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\fssg [2009.01.14 21:58:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Global Software Publishing [2011.10.09 15:15:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Hitman Pro [2012.03.18 08:33:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Rossmann Fotoservice [2012.04.25 19:22:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung [2008.03.25 15:49:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft [2011.01.06 18:18:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Seagate [2009.12.22 09:00:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SSScanAppDataDir [2006.12.10 09:34:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SSScanWizard [2011.10.08 15:12:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP [2010.07.27 15:40:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\tmp [2008.10.02 19:51:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TomTom [2012.04.15 06:40:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software [2012.04.17 17:21:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\UDL [2012.04.15 06:34:35 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936} [2010.08.08 11:12:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2009.04.19 15:33:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} [2012.10.29 17:14:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\ASCOMP Software [2012.04.15 06:40:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\AVG Secure Search [2011.10.18 14:39:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\Canneverbe Limited [2012.12.22 09:34:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\Canon [2010.01.31 10:30:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\cerasus.media [2012.07.12 19:33:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\Columbus Soft [2009.07.24 09:00:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\Flo & Seb Engineering [2009.11.29 09:18:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\fotobuch.de AG [2011.07.21 07:56:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\FRITZ! [2008.09.22 13:10:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\ICAClient [2008.03.21 11:10:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\iPod2PC3 [2007.05.06 14:41:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\KompoZer [2007.02.02 16:41:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\Leadertech [2012.07.12 20:14:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\MusE [2007.01.20 18:25:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\Nvu [2011.10.20 08:26:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\OpenOffice.org [2012.04.15 15:17:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\Opera [2012.04.25 18:56:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\Samsung [2006.12.10 09:34:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\ScanSoft [2006.09.26 10:26:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\SRSCPL [2012.04.06 07:17:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\Systemberatung Schommer [2012.05.11 10:12:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\TeamViewer [2012.07.15 07:05:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\Temp [2010.09.05 13:39:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\Thunderbird [2008.10.02 16:58:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\TomTom [2012.04.15 06:39:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dagmar\Anwendungsdaten\TuneUp Software ========== Purity Check ========== < End of report > 3) gmer logfile hängt an Ich hoffe, ich hab alles richtig gemacht und jemand von Euch kann mir weiterhelfen. Vielen Dank schon mal im Voraus! Dagi11 |
|
02.01.2013, 20:08
| #2 |
| /// Malware-holic   | ADSPY/Stud.D.8, TR/Fakealert.grb.141 von Avira gemeldet... Hi
__________________öffne Avira, Verwaltung, Quarantäne, poste Fundmeldungen bitte. Öffne Malwarebytes, Logdateien, poste Logs mit Funden
__________________ |
|
02.01.2013, 20:30
| #3 |
| | ADSPY/Stud.D.8, TR/Fakealert.grb.141 von Avira gemeldet... Hallo markusg,
__________________danke für die schnelle Antwort. Die Logdateien von Avira hab ich angehängt... Malwarebytes ist noch nicht komplett gelaufen, das dauert immer Stunden. Ich hab es jetzt aber gestartet und werde das Logfile nachreichen. Hoffe, das hilft erst mal weiter. Danke schon mal, Dagi11 |
|
03.01.2013, 08:18
| #4 |
| | ADSPY/Stud.D.8, TR/Fakealert.grb.141 von Avira gemeldet... Hallo Markus, hier noch das Logfile von Malwarebytes  Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.01.02.03 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Dagmar :: HOME [Administrator] Schutz: Deaktiviert 02.01.2013 20:25:34 mbam-log-2013-01-02 (20-25-34).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 398995 Laufzeit: 4 Stunde(n), 46 Minute(n), 57 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Dagi11 |
|
03.01.2013, 16:08
| #5 |
| /// Malware-holic | ADSPY/Stud.D.8, TR/Fakealert.grb.141 von Avira gemeldet... Hi bitte lies noch mal, ich wollte kein neues MBAM log, sondern diejenigen, bei denen es Funde gab.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
03.01.2013, 16:12
| #6 |
| | ADSPY/Stud.D.8, TR/Fakealert.grb.141 von Avira gemeldet... Hi Markus, mbam hatte mir nie eine Infektion gemeldet - alle Funde stammen von Avira... Ist das gut oder schlecht? Gruss, Dagi11 |
|
03.01.2013, 16:21
| #7 |
| /// Malware-holic | ADSPY/Stud.D.8, TR/Fakealert.grb.141 von Avira gemeldet... Hi, kam der download direkt vom Hersteller oder von nem Drittanbieter?
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
03.01.2013, 16:38
| #8 |
| | ADSPY/Stud.D.8, TR/Fakealert.grb.141 von Avira gemeldet... Hi Markus, da war ich: Clear-Programm für die EASYSHARE SOFTWARE* Sah für mich wie eine offizielle Kodak-Website aus. Kurz nach Ausführen der heruntergeladenen Exe kam die Meldung von avira mit TRDropper... Ups, da war Link aufgelöst, sorry, hier noch mal richtig... Clear-Programm für die EASYSHARE SOFTWARE* Geändert von Dagi11 (03.01.2013 um 17:19 Uhr) |
|
03.01.2013, 17:31
| #9 |
| /// Malware-holic | ADSPY/Stud.D.8, TR/Fakealert.grb.141 von Avira gemeldet... Ok, habs avira zugesand, werd dich informieren bei Antwort
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
03.01.2013, 18:06
| #10 |
| | ADSPY/Stud.D.8, TR/Fakealert.grb.141 von Avira gemeldet... Hallo Markus, heißt das, ich gehe derzeit davon aus, dass mein System sauber ist trotz der zwei Virenmeldungen? Dann warte ich mal auf Deine Antwort (bzw. auf die von Avira)  Viele Grüße, Dagi11 |
|
03.01.2013, 19:29
| #11 |
| /// Malware-holic | ADSPY/Stud.D.8, TR/Fakealert.grb.141 von Avira gemeldet... Ja, scheint zumindest so. download tdss killer: http://www.trojaner-board.de/82358-t...entfernen.html Klicke auf Change parameters • Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system • Klick auf OK und anschließend auf Start scan - bei funden erst mal immer skip wählen, log posten
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
03.01.2013, 21:05
| #12 |
| | ADSPY/Stud.D.8, TR/Fakealert.grb.141 von Avira gemeldet... Hi Markus, hier kommt der Report vom TDSSKiller: Code:
ATTFilter 20:59:51.0583 4172 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
20:59:53.0583 4172 ============================================================
20:59:53.0583 4172 Current date / time: 2013/01/03 20:59:53.0583
20:59:53.0583 4172 SystemInfo:
20:59:53.0583 4172
20:59:53.0583 4172 OS Version: 5.1.2600 ServicePack: 3.0
20:59:53.0583 4172 Product type: Workstation
20:59:53.0583 4172 ComputerName: HOME
20:59:53.0583 4172 UserName: Dagmar
20:59:53.0583 4172 Windows directory: C:\WINDOWS
20:59:53.0583 4172 System windows directory: C:\WINDOWS
20:59:53.0583 4172 Processor architecture: Intel x86
20:59:53.0583 4172 Number of processors: 2
20:59:53.0583 4172 Page size: 0x1000
20:59:53.0583 4172 Boot type: Normal boot
20:59:53.0583 4172 ============================================================
20:59:58.0990 4172 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:59:59.0052 4172 ============================================================
20:59:59.0052 4172 \Device\Harddisk0\DR0:
20:59:59.0208 4172 MBR partitions:
20:59:59.0208 4172 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF93782
20:59:59.0208 4172 ============================================================
20:59:59.0427 4172 C: <-> \Device\Harddisk0\DR0\Partition1
20:59:59.0490 4172 ============================================================
20:59:59.0490 4172 Initialize success
20:59:59.0490 4172 ============================================================
21:00:31.0880 5128 ============================================================
21:00:31.0880 5128 Scan started
21:00:31.0880 5128 Mode: Manual; SigCheck; TDLFS;
21:00:31.0880 5128 ============================================================
21:00:32.0880 5128 ================ Scan system memory ========================
21:00:32.0880 5128 System memory - ok
21:00:32.0896 5128 ================ Scan services =============================
21:00:33.0068 5128 Abiosdsk - ok
21:00:33.0083 5128 abp480n5 - ok
21:00:33.0115 5128 [ 0A1E97197609F92D2425B67DA0BB0A7F ] ACEDRV05 C:\WINDOWS\system32\drivers\ACEDRV05.sys
21:00:33.0615 5128 ACEDRV05 ( UnsignedFile.Multi.Generic ) - warning
21:00:33.0615 5128 ACEDRV05 - detected UnsignedFile.Multi.Generic (1)
21:00:33.0693 5128 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:00:35.0318 5128 ACPI - ok
21:00:35.0365 5128 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
21:00:35.0693 5128 ACPIEC - ok
21:00:35.0802 5128 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:00:35.0880 5128 AdobeFlashPlayerUpdateSvc - ok
21:00:35.0896 5128 adpu160m - ok
21:00:35.0912 5128 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
21:00:36.0193 5128 aec - ok
21:00:36.0271 5128 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
21:00:36.0318 5128 AFD - ok
21:00:36.0412 5128 [ 90456051C422E09BC36E6340DD891F0C ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
21:00:38.0458 5128 AgereSoftModem - ok
21:00:38.0521 5128 [ 6A94CC5AD6D6D5462BBDAEA1034B86B8 ] AGR1310_51 C:\WINDOWS\system32\DRIVERS\AGR1310_51.sys
21:00:38.0583 5128 AGR1310_51 - ok
21:00:38.0583 5128 Aha154x - ok
21:00:38.0599 5128 aic78u2 - ok
21:00:38.0599 5128 aic78xx - ok
21:00:38.0662 5128 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
21:00:38.0943 5128 Alerter - ok
21:00:38.0974 5128 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
21:00:39.0193 5128 ALG - ok
21:00:39.0208 5128 AliIde - ok
21:00:39.0208 5128 amsint - ok
21:00:39.0458 5128 [ BCD725206E7CBBF253F326202244A125 ] AntiVirFirewallService C:\Programme\Avira\AntiVir Desktop\avfwsvc.exe
21:00:39.0615 5128 AntiVirFirewallService - ok
21:00:39.0677 5128 [ FCAE7984609FD0662B48D64603D1DAFF ] AntiVirMailService C:\Programme\Avira\AntiVir Desktop\avmailc.exe
21:00:39.0724 5128 AntiVirMailService - ok
21:00:39.0755 5128 [ FBF39613CA267F851186F93180AE2ED4 ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
21:00:39.0787 5128 AntiVirSchedulerService - ok
21:00:39.0833 5128 [ 476750076D102DC5F5B45ECE3C676853 ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
21:00:39.0865 5128 AntiVirService - ok
21:00:39.0943 5128 [ E95B3655198C4DD65A7031EF8358CEF8 ] AntiVirWebService C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE
21:00:40.0021 5128 AntiVirWebService - ok
21:00:40.0162 5128 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:00:40.0193 5128 Apple Mobile Device - ok
21:00:40.0240 5128 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
21:00:40.0537 5128 AppMgmt - ok
21:00:40.0583 5128 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
21:00:40.0849 5128 Arp1394 - ok
21:00:40.0849 5128 asc - ok
21:00:40.0865 5128 asc3350p - ok
21:00:40.0865 5128 asc3550 - ok
21:00:41.0052 5128 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
21:00:41.0146 5128 aspnet_state - ok
21:00:41.0162 5128 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:00:41.0427 5128 AsyncMac - ok
21:00:41.0490 5128 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
21:00:41.0708 5128 atapi - ok
21:00:41.0724 5128 Atdisk - ok
21:00:41.0833 5128 [ A2EAEB497CA29ECAEAF0DF66AD85C57D ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
21:00:41.0912 5128 Ati HotKey Poller - ok
21:00:42.0005 5128 [ 492BD2A5F65F218D4EDE5764A3BB67E9 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
21:00:42.0318 5128 ati2mtag - ok
21:00:42.0349 5128 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:00:42.0630 5128 Atmarpc - ok
21:00:42.0662 5128 [ 4AE213E390888B090D38DE37921ED53F ] ATSWPDRV C:\WINDOWS\system32\Drivers\ATSwpDrv.sys
21:00:42.0787 5128 ATSWPDRV - ok
21:00:42.0833 5128 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
21:00:43.0052 5128 AudioSrv - ok
21:00:43.0115 5128 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
21:00:43.0365 5128 audstub - ok
21:00:43.0412 5128 [ 0CC858D7AC36411E786ED0E0E69A4301 ] avfwim C:\WINDOWS\system32\DRIVERS\avfwim.sys
21:00:44.0646 5128 avfwim - ok
21:00:44.0724 5128 [ 76AD8733C1AA8AEA4CD678DCE886D701 ] avfwot C:\WINDOWS\system32\DRIVERS\avfwot.sys
21:00:44.0755 5128 avfwot - ok
21:00:44.0818 5128 [ 2060DAAC61CC3F65B6517CE840E4F6DA ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
21:00:44.0833 5128 avgntflt - ok
21:00:44.0865 5128 [ F3AF2B17AE92A378979ADD8D6981E818 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
21:00:44.0896 5128 avipbb - ok
21:00:44.0943 5128 [ FFB78D74E1EA5F811341A6E7AC547A46 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
21:00:44.0958 5128 avkmgr - ok
21:00:45.0021 5128 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
21:00:45.0287 5128 Beep - ok
21:00:45.0380 5128 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
21:00:45.0662 5128 BITS - ok
21:00:45.0724 5128 [ 534B95FBD867D0512DCB43E6CC1AA91E ] BlueletAudio C:\WINDOWS\system32\DRIVERS\blueletaudio.sys
21:00:45.0771 5128 BlueletAudio ( UnsignedFile.Multi.Generic ) - warning
21:00:45.0771 5128 BlueletAudio - detected UnsignedFile.Multi.Generic (1)
21:00:45.0787 5128 [ 01D1832F2B13DFAF7384884F7C3E0124 ] BlueletSCOAudio C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys
21:00:45.0880 5128 BlueletSCOAudio ( UnsignedFile.Multi.Generic ) - warning
21:00:45.0880 5128 BlueletSCOAudio - detected UnsignedFile.Multi.Generic (1)
21:00:45.0896 5128 [ 55F24E6EC983FCC7510293B05A27CEEC ] BlueSoleil Hid Service C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe
21:00:45.0912 5128 BlueSoleil Hid Service ( UnsignedFile.Multi.Generic ) - warning
21:00:45.0912 5128 BlueSoleil Hid Service - detected UnsignedFile.Multi.Generic (1)
21:00:46.0037 5128 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Programme\Bonjour\mDNSResponder.exe
21:00:46.0083 5128 Bonjour Service - ok
21:00:46.0146 5128 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
21:00:46.0208 5128 Browser - ok
21:00:46.0255 5128 [ 6C0CFE46AA068C8DC031DF0491479C4D ] BsStor C:\WINDOWS\system32\drivers\BsStor.sys
21:00:46.0287 5128 BsStor ( UnsignedFile.Multi.Generic ) - warning
21:00:46.0287 5128 BsStor - detected UnsignedFile.Multi.Generic (1)
21:00:46.0318 5128 [ 0EFE533ED0210B50E2D7AAF862A346AC ] BsUDF C:\WINDOWS\system32\drivers\BsUDF.sys
21:00:46.0427 5128 BsUDF ( UnsignedFile.Multi.Generic ) - warning
21:00:46.0427 5128 BsUDF - detected UnsignedFile.Multi.Generic (1)
21:00:46.0505 5128 [ 51EFF72092088948933298C12ED23FD1 ] BT C:\WINDOWS\system32\DRIVERS\btnetdrv.sys
21:00:46.0583 5128 BT ( UnsignedFile.Multi.Generic ) - warning
21:00:46.0583 5128 BT - detected UnsignedFile.Multi.Generic (1)
21:00:46.0583 5128 [ 8132B98EABA4A7CA474C53DDD6428091 ] Btcsrusb C:\WINDOWS\system32\Drivers\btcusb.sys
21:00:46.0630 5128 Btcsrusb ( UnsignedFile.Multi.Generic ) - warning
21:00:46.0630 5128 Btcsrusb - detected UnsignedFile.Multi.Generic (1)
21:00:46.0693 5128 [ B279426E3C0C344893ED78A613A73BDE ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
21:00:46.0943 5128 BthEnum - ok
21:00:46.0990 5128 [ E69D9E7854095A9C81ACEE40D766FE2D ] BTHidEnum C:\WINDOWS\system32\DRIVERS\vbtenum.sys
21:00:47.0037 5128 BTHidEnum ( UnsignedFile.Multi.Generic ) - warning
21:00:47.0037 5128 BTHidEnum - detected UnsignedFile.Multi.Generic (1)
21:00:47.0052 5128 [ A9164C2A39BD917B9F42AE087560AC3D ] BTHidMgr C:\WINDOWS\system32\Drivers\BTHidMgr.sys
21:00:47.0068 5128 BTHidMgr ( UnsignedFile.Multi.Generic ) - warning
21:00:47.0068 5128 BTHidMgr - detected UnsignedFile.Multi.Generic (1)
21:00:47.0099 5128 [ 80602B8746D3738F5886CE3D67EF06B6 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
21:00:47.0380 5128 BthPan - ok
21:00:47.0427 5128 [ 592E1CEDBE314D0EF184DC6F46141E76 ] BTHPORT C:\WINDOWS\system32\Drivers\BTHport.sys
21:00:47.0521 5128 BTHPORT - ok
21:00:47.0583 5128 [ 26C601EF7525E31379744ABFC6F35A1B ] BthServ C:\WINDOWS\System32\bthserv.dll
21:00:47.0833 5128 BthServ - ok
21:00:47.0880 5128 [ 61364CD71EF63B0F038B7E9DF00F1EFA ] BTHUSB C:\WINDOWS\system32\Drivers\BTHUSB.sys
21:00:48.0130 5128 BTHUSB - ok
21:00:48.0130 5128 catchme - ok
21:00:48.0177 5128 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
21:00:48.0427 5128 cbidf2k - ok
21:00:48.0521 5128 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:00:48.0787 5128 CCDECODE - ok
21:00:48.0787 5128 cd20xrnt - ok
21:00:48.0849 5128 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
21:00:49.0083 5128 Cdaudio - ok
21:00:49.0115 5128 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
21:00:49.0318 5128 Cdfs - ok
21:00:49.0380 5128 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:00:49.0630 5128 Cdrom - ok
21:00:49.0646 5128 Changer - ok
21:00:49.0693 5128 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
21:00:49.0958 5128 CiSvc - ok
21:00:50.0005 5128 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
21:00:50.0287 5128 ClipSrv - ok
21:00:50.0318 5128 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:00:50.0412 5128 clr_optimization_v2.0.50727_32 - ok
21:00:50.0521 5128 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:00:50.0583 5128 clr_optimization_v4.0.30319_32 - ok
21:00:50.0646 5128 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
21:00:50.0896 5128 CmBatt - ok
21:00:50.0896 5128 CmdIde - ok
21:00:50.0927 5128 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
21:00:51.0146 5128 Compbatt - ok
21:00:51.0177 5128 COMSysApp - ok
21:00:51.0193 5128 Cpqarray - ok
21:00:51.0255 5128 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
21:00:51.0474 5128 CryptSvc - ok
21:00:51.0474 5128 dac2w2k - ok
21:00:51.0490 5128 dac960nt - ok
21:00:51.0552 5128 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
21:00:51.0630 5128 DcomLaunch - ok
21:00:51.0662 5128 [ 73FC5BC52572084EC1241514CF6230A0 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
21:00:51.0740 5128 dg_ssudbus - ok
21:00:51.0787 5128 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
21:00:52.0021 5128 Dhcp - ok
21:00:52.0068 5128 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
21:00:52.0271 5128 Disk - ok
21:00:52.0318 5128 dmadmin - ok
21:00:52.0365 5128 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
21:00:52.0755 5128 dmboot - ok
21:00:52.0771 5128 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
21:00:53.0005 5128 dmio - ok
21:00:53.0052 5128 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
21:00:53.0240 5128 dmload - ok
21:00:53.0318 5128 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
21:00:53.0521 5128 dmserver - ok
21:00:53.0599 5128 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
21:00:53.0818 5128 DMusic - ok
21:00:53.0880 5128 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
21:00:53.0958 5128 Dnscache - ok
21:00:54.0037 5128 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
21:00:54.0302 5128 Dot3svc - ok
21:00:54.0318 5128 dpti2o - ok
21:00:54.0333 5128 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
21:00:54.0583 5128 drmkaud - ok
21:00:54.0599 5128 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
21:00:54.0880 5128 EapHost - ok
21:00:55.0005 5128 [ 026DA2AB097171C02EAC7AB3EE22D269 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe
21:00:55.0052 5128 ehRecvr - ok
21:00:55.0115 5128 [ E774BF24A6CB798DCE67AD1C8E917152 ] ehSched C:\WINDOWS\eHome\ehSched.exe
21:00:55.0146 5128 ehSched - ok
21:00:55.0224 5128 [ ABDD5AD016AFFD34AD40E944CE94BF59 ] EpsonBidirectionalService C:\Programme\Gemeinsame Dateien\EPSON\EBAPI\eEBSVC.exe
21:00:55.0255 5128 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - warning
21:00:55.0255 5128 EpsonBidirectionalService - detected UnsignedFile.Multi.Generic (1)
21:00:55.0287 5128 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
21:00:55.0505 5128 ERSvc - ok
21:00:55.0568 5128 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
21:00:55.0662 5128 Eventlog - ok
21:00:55.0708 5128 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
21:00:55.0787 5128 EventSystem - ok
21:00:55.0849 5128 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
21:00:56.0099 5128 Fastfat - ok
21:00:56.0146 5128 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
21:00:56.0224 5128 FastUserSwitchingCompatibility - ok
21:00:56.0255 5128 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
21:00:56.0552 5128 Fdc - ok
21:00:56.0599 5128 [ 1EDC0DF2DA14E04504DD3BAC21AA32CD ] FilterService C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
21:00:56.0677 5128 FilterService - ok
21:00:56.0708 5128 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
21:00:56.0958 5128 Fips - ok
21:00:56.0974 5128 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
21:00:57.0224 5128 Flpydisk - ok
21:00:57.0240 5128 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
21:00:57.0474 5128 FltMgr - ok
21:00:57.0583 5128 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
21:00:57.0662 5128 FontCache3.0.0.0 - ok
21:00:57.0708 5128 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:00:57.0943 5128 Fs_Rec - ok
21:00:58.0021 5128 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:00:58.0240 5128 Ftdisk - ok
21:00:58.0287 5128 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
21:00:58.0349 5128 GEARAspiWDM - ok
21:00:58.0380 5128 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:00:58.0646 5128 Gpc - ok
21:00:58.0755 5128 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
21:00:58.0787 5128 gupdate - ok
21:00:58.0787 5128 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
21:00:58.0818 5128 gupdatem - ok
21:00:58.0865 5128 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
21:00:58.0943 5128 gusvc - ok
21:00:59.0005 5128 [ 2A013E7530BEAB6E569FAA83F517E836 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
21:00:59.0099 5128 HdAudAddService - ok
21:00:59.0146 5128 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:00:59.0365 5128 HDAudBus - ok
21:00:59.0490 5128 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:00:59.0724 5128 helpsvc - ok
21:00:59.0787 5128 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll
21:00:59.0990 5128 HidServ - ok
21:01:00.0037 5128 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:01:00.0287 5128 HidUsb - ok
21:01:00.0333 5128 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
21:01:00.0583 5128 hkmsvc - ok
21:01:00.0599 5128 hpn - ok
21:01:00.0646 5128 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
21:01:00.0724 5128 HTTP - ok
21:01:00.0787 5128 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
21:01:01.0005 5128 HTTPFilter - ok
21:01:01.0005 5128 i2omgmt - ok
21:01:01.0021 5128 i2omp - ok
21:01:01.0037 5128 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:01:01.0287 5128 i8042prt - ok
21:01:01.0365 5128 [ 0B66A9A2137213075F753579E7D573A5 ] IAANTMon C:\Programme\Intel\Intel Matrix Storage Manager\iaantmon.exe
21:01:01.0380 5128 IAANTMon ( UnsignedFile.Multi.Generic ) - warning
21:01:01.0380 5128 IAANTMon - detected UnsignedFile.Multi.Generic (1)
21:01:01.0490 5128 [ 278CD48C9887C3D1CFCE577FC256E397 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
21:01:01.0849 5128 ialm - ok
21:01:01.0927 5128 [ 309C4D86D989FB1FCF64BD30DC81C51B ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
21:01:02.0115 5128 iaStor - ok
21:01:02.0271 5128 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe
21:01:02.0333 5128 IDriverT ( UnsignedFile.Multi.Generic ) - warning
21:01:02.0333 5128 IDriverT - detected UnsignedFile.Multi.Generic (1)
21:01:02.0505 5128 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:01:02.0708 5128 idsvc - ok
21:01:02.0771 5128 [ 0A359837E021BC04A04A6FD189492C65 ] IFXTPM C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS
21:01:02.0880 5128 IFXTPM - ok
21:01:02.0927 5128 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
21:01:03.0177 5128 Imapi - ok
21:01:03.0240 5128 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
21:01:03.0521 5128 ImapiService - ok
21:01:03.0568 5128 [ 694F2709EA18565F66751857E8F5C3DD ] InCDfs C:\WINDOWS\system32\drivers\InCDfs.sys
21:01:03.0599 5128 InCDfs ( UnsignedFile.Multi.Generic ) - warning
21:01:03.0599 5128 InCDfs - detected UnsignedFile.Multi.Generic (1)
21:01:03.0615 5128 [ 7DAA24D326D3EF94574002BEC52A733D ] InCDPass C:\WINDOWS\system32\DRIVERS\InCDPass.sys
21:01:03.0662 5128 InCDPass ( UnsignedFile.Multi.Generic ) - warning
21:01:03.0662 5128 InCDPass - detected UnsignedFile.Multi.Generic (1)
21:01:03.0677 5128 [ 36DFCB32D75B0FF09DFD405D1C1DE261 ] InCDrec C:\WINDOWS\system32\drivers\InCDrec.sys
21:01:03.0740 5128 InCDrec ( UnsignedFile.Multi.Generic ) - warning
21:01:03.0740 5128 InCDrec - detected UnsignedFile.Multi.Generic (1)
21:01:03.0818 5128 [ 23C4B8DE87887DF9260407BF98001743 ] InCDsrv C:\Programme\Ahead\InCD\InCDsrv.exe
21:01:03.0990 5128 InCDsrv ( UnsignedFile.Multi.Generic ) - warning
21:01:03.0990 5128 InCDsrv - detected UnsignedFile.Multi.Generic (1)
21:01:03.0990 5128 ini910u - ok
21:01:04.0287 5128 [ FC3A99650AFE0B39FE1D214304A7D0D3 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
21:01:04.0849 5128 IntcAzAudAddService - ok
21:01:04.0865 5128 IntelIde - ok
21:01:04.0912 5128 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:01:05.0130 5128 intelppm - ok
21:01:05.0146 5128 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
21:01:05.0412 5128 Ip6Fw - ok
21:01:05.0490 5128 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:01:05.0693 5128 IpFilterDriver - ok
21:01:05.0724 5128 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:01:05.0990 5128 IpInIp - ok
21:01:06.0005 5128 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:01:06.0224 5128 IpNat - ok
21:01:06.0318 5128 [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service C:\Programme\iPod\bin\iPodService.exe
21:01:06.0380 5128 iPod Service - ok
21:01:06.0427 5128 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:01:06.0677 5128 IPSec - ok
21:01:06.0740 5128 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
21:01:06.0990 5128 IRENUM - ok
21:01:07.0021 5128 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:01:07.0224 5128 isapnp - ok
21:01:07.0365 5128 [ B591E761161D1EF547D76EF236EAA6A5 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
21:01:07.0396 5128 JavaQuickStarterService - ok
21:01:07.0396 5128 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:01:07.0646 5128 Kbdclass - ok
21:01:07.0677 5128 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:01:07.0927 5128 kbdhid - ok
21:01:07.0974 5128 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
21:01:08.0177 5128 kmixer - ok
21:01:08.0224 5128 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
21:01:08.0318 5128 KSecDD - ok
21:01:08.0365 5128 [ AD1541D5FF5B3F903DA34737B6BA9A53 ] L8042Kbd C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
21:01:08.0490 5128 L8042Kbd - ok
21:01:08.0568 5128 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
21:01:08.0646 5128 lanmanserver - ok
21:01:08.0693 5128 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
21:01:08.0771 5128 lanmanworkstation - ok
21:01:08.0787 5128 lbrtfdc - ok
21:01:08.0833 5128 [ BB6422F13CD893C630D33A197A40CB1A ] LGDMEBTN C:\WINDOWS\system32\DRIVERS\LGDMEBTN.sys
21:01:08.0912 5128 LGDMEBTN - ok
21:01:08.0912 5128 lgodd_filter - ok
21:01:08.0990 5128 [ DBAB4F8E598D32B285523432AD42FA06 ] lgsnd_filter C:\WINDOWS\system32\drivers\lgsnd_filter.sys
21:01:09.0021 5128 lgsnd_filter ( UnsignedFile.Multi.Generic ) - warning
21:01:09.0021 5128 lgsnd_filter - detected UnsignedFile.Multi.Generic (1)
21:01:09.0099 5128 [ E47F94327E369ED6916049FEBF5F85E5 ] LHidKe C:\WINDOWS\system32\DRIVERS\LHidKE.Sys
21:01:09.0224 5128 LHidKe - ok
21:01:09.0271 5128 [ A54C75E7481272EAAA6245683C89ECAA ] LHidUsbK C:\WINDOWS\system32\Drivers\LHidUsbK.Sys
21:01:09.0380 5128 LHidUsbK - ok
21:01:09.0458 5128 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
21:01:09.0677 5128 LmHosts - ok
21:01:09.0740 5128 [ 0E34232FCA6F20172B1D8B6E8A9A26D1 ] LMouKE C:\WINDOWS\system32\DRIVERS\LMouKE.Sys
21:01:09.0802 5128 LMouKE - ok
21:01:09.0833 5128 LVcKap - ok
21:01:09.0880 5128 [ F96CFB47903854F228BAAF3E2D41A0A3 ] LVPr2Mon C:\WINDOWS\system32\Drivers\LVPr2Mon.sys
21:01:09.0927 5128 LVPr2Mon - ok
21:01:10.0037 5128 [ FF23862146A682FCC3DBAA002E22F958 ] LVPrcSrv C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe
21:01:10.0068 5128 LVPrcSrv - ok
21:01:10.0240 5128 [ E22FD7852E74F04CCEB6B8A684A51F3E ] LVRS C:\WINDOWS\system32\DRIVERS\lvrs.sys
21:01:10.0630 5128 LVRS - ok
21:01:10.0787 5128 [ 5F987FC1AAD215EC2C60CF07719B1CCE ] LVUSBSta C:\WINDOWS\system32\drivers\LVUSBSta.sys
21:01:10.0818 5128 LVUSBSta - ok
21:01:11.0974 5128 [ E89DF2B88EE659954DE79827DDF46DC9 ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys
21:01:14.0521 5128 LVUVC - ok
21:01:14.0599 5128 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
21:01:14.0630 5128 MBAMProtector - ok
21:01:14.0708 5128 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:01:14.0755 5128 MBAMScheduler - ok
21:01:14.0833 5128 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
21:01:14.0896 5128 MBAMService - ok
21:01:14.0958 5128 [ 52404CC76E9D53843BDF97564BB16BED ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe
21:01:15.0037 5128 McrdSvc - ok
21:01:15.0083 5128 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
21:01:15.0318 5128 Messenger - ok
21:01:15.0365 5128 [ DED60230E3019C508769EC3C15BCDA44 ] MHN C:\WINDOWS\System32\mhn.dll
21:01:15.0427 5128 MHN ( UnsignedFile.Multi.Generic ) - warning
21:01:15.0427 5128 MHN - detected UnsignedFile.Multi.Generic (1)
21:01:15.0427 5128 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
21:01:15.0474 5128 MHNDRV ( UnsignedFile.Multi.Generic ) - warning
21:01:15.0474 5128 MHNDRV - detected UnsignedFile.Multi.Generic (1)
21:01:15.0521 5128 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
21:01:15.0755 5128 mnmdd - ok
21:01:15.0818 5128 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
21:01:16.0068 5128 mnmsrvc - ok
21:01:16.0115 5128 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
21:01:16.0318 5128 Modem - ok
21:01:16.0349 5128 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:01:16.0583 5128 Mouclass - ok
21:01:16.0630 5128 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:01:16.0880 5128 mouhid - ok
21:01:16.0896 5128 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
21:01:17.0099 5128 MountMgr - ok
21:01:17.0177 5128 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
21:01:17.0255 5128 MozillaMaintenance - ok
21:01:17.0255 5128 mraid35x - ok
21:01:17.0318 5128 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:01:17.0583 5128 MRxDAV - ok
21:01:17.0630 5128 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:01:17.0740 5128 MRxSmb - ok
21:01:17.0833 5128 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
21:01:18.0037 5128 MSDTC - ok
21:01:18.0052 5128 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
21:01:18.0271 5128 Msfs - ok
21:01:18.0271 5128 MSIServer - ok
21:01:18.0318 5128 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:01:18.0568 5128 MSKSSRV - ok
21:01:18.0630 5128 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:01:18.0912 5128 MSPCLOCK - ok
21:01:18.0912 5128 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
21:01:19.0146 5128 MSPQM - ok
21:01:19.0208 5128 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:01:19.0427 5128 mssmbios - ok
21:01:19.0458 5128 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
21:01:19.0771 5128 MSTEE - ok
21:01:19.0802 5128 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
21:01:19.0880 5128 Mup - ok
21:01:19.0912 5128 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:01:20.0162 5128 NABTSFEC - ok
21:01:20.0224 5128 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
21:01:20.0521 5128 napagent - ok
21:01:20.0552 5128 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
21:01:20.0771 5128 NDIS - ok
21:01:20.0787 5128 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:01:21.0052 5128 NdisIP - ok
21:01:21.0115 5128 [ E87C0CEE30B5F6F4A2B80011941DC5BD ] Ndisipo C:\WINDOWS\system32\DRIVERS\ndisipo.sys
21:01:21.0162 5128 Ndisipo ( UnsignedFile.Multi.Generic ) - warning
21:01:21.0162 5128 Ndisipo - detected UnsignedFile.Multi.Generic (1)
21:01:21.0193 5128 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:01:21.0240 5128 NdisTapi - ok
21:01:21.0349 5128 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:01:21.0583 5128 Ndisuio - ok
21:01:21.0646 5128 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:01:21.0927 5128 NdisWan - ok
21:01:21.0974 5128 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
21:01:22.0037 5128 NDProxy - ok
21:01:22.0052 5128 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
21:01:22.0255 5128 NetBIOS - ok
21:01:22.0302 5128 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
21:01:22.0568 5128 NetBT - ok
21:01:22.0630 5128 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
21:01:22.0912 5128 NetDDE - ok
21:01:22.0927 5128 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
21:01:23.0130 5128 NetDDEdsdm - ok
21:01:23.0162 5128 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
21:01:23.0365 5128 Netlogon - ok
21:01:23.0412 5128 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
21:01:23.0615 5128 Netman - ok
21:01:23.0724 5128 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:01:23.0802 5128 NetTcpPortSharing - ok
21:01:23.0958 5128 [ F886500C285AF271FDD33BF8BA7B32EF ] NETw3x32 C:\WINDOWS\system32\DRIVERS\NETw3x32.sys
21:01:24.0193 5128 NETw3x32 - ok
21:01:24.0224 5128 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
21:01:24.0427 5128 NIC1394 - ok
21:01:24.0458 5128 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
21:01:24.0521 5128 Nla - ok
21:01:24.0615 5128 [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F ] NMSAccess C:\Programme\CDBurnerXP\NMSAccessU.exe
21:01:24.0646 5128 NMSAccess - ok
21:01:24.0677 5128 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
21:01:24.0912 5128 Npfs - ok
21:01:24.0990 5128 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
21:01:25.0255 5128 Ntfs - ok
21:01:25.0271 5128 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
21:01:25.0474 5128 NtLmSsp - ok
21:01:25.0552 5128 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
21:01:25.0802 5128 NtmsSvc - ok
21:01:25.0865 5128 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
21:01:26.0115 5128 Null - ok
21:01:26.0349 5128 [ 92356A6791B292DD5BF1C5B86B978B51 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
21:01:26.0865 5128 nv - ok
21:01:26.0927 5128 [ CF00E44E0F7307F27F19609F111D37A7 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
21:01:26.0990 5128 NVSvc - ok
21:01:27.0021 5128 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:01:27.0255 5128 NwlnkFlt - ok
21:01:27.0271 5128 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:01:27.0552 5128 NwlnkFwd - ok
21:01:27.0583 5128 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
21:01:27.0787 5128 ohci1394 - ok
21:01:27.0865 5128 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
21:01:28.0115 5128 Parport - ok
21:01:28.0162 5128 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
21:01:28.0365 5128 PartMgr - ok
21:01:28.0396 5128 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
21:01:28.0646 5128 ParVdm - ok
21:01:28.0662 5128 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
21:01:28.0880 5128 PCI - ok
21:01:28.0896 5128 PCIDump - ok
21:01:28.0927 5128 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
21:01:29.0130 5128 PCIIde - ok
21:01:29.0162 5128 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
21:01:29.0380 5128 Pcmcia - ok
21:01:29.0380 5128 PDCOMP - ok
21:01:29.0396 5128 PDFRAME - ok
21:01:29.0396 5128 PDRELI - ok
21:01:29.0412 5128 PDRFRAME - ok
21:01:29.0412 5128 perc2 - ok
21:01:29.0427 5128 perc2hib - ok
21:01:29.0505 5128 [ 444F122E68DB44C0589227781F3C8B3F ] pfc C:\WINDOWS\system32\drivers\pfc.sys
21:01:29.0537 5128 pfc ( UnsignedFile.Multi.Generic ) - warning
21:01:29.0537 5128 pfc - detected UnsignedFile.Multi.Generic (1)
21:01:29.0568 5128 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
21:01:29.0599 5128 PlugPlay - ok
21:01:29.0615 5128 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
21:01:29.0818 5128 PolicyAgent - ok
21:01:29.0865 5128 [ 54CACD86D0EAAE952C2DC7EA17A166BB ] portD C:\WINDOWS\system32\DRIVERS\portd2k.sys
21:01:29.0912 5128 portD ( UnsignedFile.Multi.Generic ) - warning
21:01:29.0912 5128 portD - detected UnsignedFile.Multi.Generic (1)
21:01:29.0943 5128 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:01:30.0208 5128 PptpMiniport - ok
21:01:30.0208 5128 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
21:01:30.0412 5128 ProtectedStorage - ok
21:01:30.0474 5128 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
21:01:30.0724 5128 PSched - ok
21:01:30.0771 5128 [ D24DFD16A1E2A76034DF5AA18125C35D ] PSI C:\WINDOWS\system32\DRIVERS\psi_mf.sys
21:01:30.0787 5128 PSI - ok
21:01:30.0849 5128 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:01:31.0083 5128 Ptilink - ok
21:01:31.0130 5128 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
21:01:31.0162 5128 PxHelp20 - ok
21:01:31.0162 5128 ql1080 - ok
21:01:31.0162 5128 Ql10wnt - ok
21:01:31.0177 5128 ql12160 - ok
21:01:31.0177 5128 ql1240 - ok
21:01:31.0193 5128 ql1280 - ok
21:01:31.0208 5128 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:01:31.0427 5128 RasAcd - ok
21:01:31.0490 5128 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
21:01:31.0755 5128 RasAuto - ok
21:01:31.0802 5128 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:01:32.0068 5128 Rasl2tp - ok
21:01:32.0130 5128 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
21:01:32.0349 5128 RasMan - ok
21:01:32.0365 5128 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:01:32.0615 5128 RasPppoe - ok
21:01:32.0677 5128 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
21:01:32.0896 5128 Raspti - ok
21:01:32.0927 5128 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:01:33.0162 5128 Rdbss - ok
21:01:33.0224 5128 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:01:33.0443 5128 RDPCDD - ok
21:01:33.0537 5128 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:01:33.0787 5128 rdpdr - ok
21:01:33.0833 5128 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
21:01:33.0912 5128 RDPWD - ok
21:01:33.0943 5128 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
21:01:34.0224 5128 RDSessMgr - ok
21:01:34.0240 5128 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
21:01:34.0505 5128 redbook - ok
21:01:34.0568 5128 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
21:01:34.0802 5128 RemoteAccess - ok
21:01:34.0849 5128 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
21:01:35.0068 5128 RemoteRegistry - ok
21:01:35.0130 5128 [ 851C30DF2807FCFA21E4C681A7D6440E ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
21:01:35.0365 5128 RFCOMM - ok
21:01:35.0427 5128 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
21:01:35.0662 5128 ROOTMODEM - ok
21:01:35.0693 5128 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
21:01:35.0943 5128 RpcLocator - ok
21:01:35.0974 5128 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\System32\rpcss.dll
21:01:36.0068 5128 RpcSs - ok
21:01:36.0083 5128 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
21:01:36.0349 5128 RSVP - ok
21:01:36.0365 5128 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
21:01:36.0568 5128 SamSs - ok
21:01:36.0615 5128 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
21:01:36.0880 5128 SCardSvr - ok
21:01:36.0927 5128 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
21:01:37.0146 5128 Schedule - ok
21:01:37.0193 5128 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
21:01:37.0427 5128 sdbus - ok
21:01:37.0505 5128 [ 07F7F501AD50DE2BA2D5842D9B6D6155 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:01:37.0599 5128 Secdrv ( UnsignedFile.Multi.Generic ) - warning
21:01:37.0599 5128 Secdrv - detected UnsignedFile.Multi.Generic (1)
21:01:37.0615 5128 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
21:01:37.0818 5128 seclogon - ok
21:01:37.0880 5128 Secunia PSI Agent - ok
21:01:37.0896 5128 Secunia Update Agent - ok
21:01:37.0912 5128 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
21:01:38.0130 5128 SENS - ok
21:01:38.0177 5128 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
21:01:38.0474 5128 serenum - ok
21:01:38.0521 5128 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
21:01:38.0771 5128 Serial - ok
21:01:38.0849 5128 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\DRIVERS\sfloppy.sys
21:01:39.0099 5128 Sfloppy - ok
21:01:39.0240 5128 [ 04A6EB22F27A79EA7DAA0DEEC92B584D ] SgtSch2Svc C:\Programme\Gemeinsame Dateien\Seagate\Schedule2\schedul2.exe
21:01:39.0287 5128 SgtSch2Svc - ok
21:01:39.0349 5128 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
21:01:39.0568 5128 SharedAccess - ok
21:01:39.0599 5128 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:01:39.0630 5128 ShellHWDetection - ok
21:01:39.0630 5128 Simbad - ok
21:01:39.0662 5128 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:01:39.0927 5128 SLIP - ok
21:01:39.0990 5128 [ C3BF55189AA92B8F919108EF9E4ACCAE ] snapman C:\WINDOWS\system32\DRIVERS\snapman.sys
21:01:40.0005 5128 snapman - ok
21:01:40.0021 5128 Sparrow - ok
21:01:40.0052 5128 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
21:01:40.0302 5128 splitter - ok
21:01:40.0365 5128 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
21:01:40.0427 5128 Spooler - ok
21:01:40.0427 5128 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
21:01:40.0630 5128 sr - ok
21:01:40.0693 5128 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
21:01:40.0912 5128 srservice - ok
21:01:40.0974 5128 [ 402D17FCDD71FEC08A9B2D6996DA1D70 ] SRS_PostInstaller C:\Programme\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller.exe
21:01:40.0990 5128 SRS_PostInstaller ( UnsignedFile.Multi.Generic ) - warning
21:01:40.0990 5128 SRS_PostInstaller - detected UnsignedFile.Multi.Generic (1)
21:01:41.0037 5128 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
21:01:41.0115 5128 Srv - ok
21:01:41.0146 5128 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
21:01:41.0365 5128 SSDPSRV - ok
21:01:41.0365 5128 SSHDRV85 - ok
21:01:41.0427 5128 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
21:01:41.0443 5128 ssmdrv - ok
21:01:41.0521 5128 [ E3D493BFB7CD108EC50B2F560C96367C ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
21:01:41.0615 5128 ssudmdm - ok
21:01:41.0646 5128 [ E57B778208C783D8DEBAB320C16A1B82 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys
21:01:41.0677 5128 StarOpen ( UnsignedFile.Multi.Generic ) - warning
21:01:41.0677 5128 StarOpen - detected UnsignedFile.Multi.Generic (1)
21:01:41.0740 5128 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
21:01:41.0974 5128 stisvc - ok
21:01:42.0021 5128 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:01:42.0287 5128 streamip - ok
21:01:42.0318 5128 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
21:01:42.0646 5128 swenum - ok
21:01:42.0693 5128 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
21:01:42.0974 5128 swmidi - ok
21:01:42.0990 5128 SwPrv - ok
21:01:42.0990 5128 symc810 - ok
21:01:43.0005 5128 symc8xx - ok
21:01:43.0005 5128 sym_hi - ok
21:01:43.0021 5128 sym_u3 - ok
21:01:43.0083 5128 [ 290246D82FBDAB124FEB2FEA035D7B1F ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
21:01:43.0193 5128 SynTP - ok
21:01:43.0240 5128 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
21:01:43.0505 5128 sysaudio - ok
21:01:43.0568 5128 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
21:01:43.0818 5128 SysmonLog - ok
21:01:43.0865 5128 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
21:01:44.0083 5128 TapiSrv - ok
21:01:44.0146 5128 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:01:44.0193 5128 Tcpip - ok
21:01:44.0240 5128 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
21:01:44.0521 5128 TDPIPE - ok
21:01:44.0677 5128 [ 3B7B6779EB231F731BBA8F9FE67AADFC ] tdrpman C:\WINDOWS\system32\DRIVERS\tdrpman.sys
21:01:44.0849 5128 tdrpman - ok
21:01:44.0927 5128 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
21:01:45.0255 5128 TDTCP - ok
21:01:45.0287 5128 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
21:01:45.0646 5128 TermDD - ok
21:01:45.0755 5128 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
21:01:46.0115 5128 TermService - ok
21:01:46.0224 5128 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
21:01:46.0240 5128 Themes - ok
21:01:46.0333 5128 [ 78213F01CE781F93180BEF5EB5B3AD81 ] tifm21 C:\WINDOWS\system32\drivers\tifm21.sys
21:01:46.0552 5128 tifm21 - ok
21:01:46.0740 5128 [ B0B3122BFF3910E0BA97014045467778 ] tifsfilter C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
21:01:46.0787 5128 tifsfilter - ok
21:01:46.0849 5128 [ 13BFE330880AC0CE8672D00AA5AFF738 ] timounter C:\WINDOWS\system32\DRIVERS\timntr.sys
21:01:46.0990 5128 timounter - ok
21:01:47.0052 5128 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
21:01:47.0365 5128 TlntSvr - ok
21:01:47.0458 5128 [ 3199A477F0F06EEDE41BD55179F8EB05 ] TomTomHOMEService C:\Programme\TomTom HOME 2\TomTomHOMEService.exe
21:01:47.0521 5128 TomTomHOMEService - ok
21:01:47.0521 5128 TosIde - ok
21:01:47.0912 5128 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
21:01:48.0130 5128 TrkWks - ok
21:01:48.0177 5128 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
21:01:48.0396 5128 Udfs - ok
21:01:48.0396 5128 ultra - ok
21:01:48.0474 5128 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
21:01:48.0771 5128 Update - ok
21:01:48.0818 5128 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
21:01:49.0083 5128 upnphost - ok
21:01:49.0115 5128 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
21:01:49.0380 5128 UPS - ok
21:01:49.0443 5128 [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
21:01:49.0537 5128 USBAAPL - ok
21:01:49.0599 5128 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
21:01:49.0865 5128 usbaudio - ok
21:01:49.0912 5128 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:01:50.0162 5128 usbccgp - ok
21:01:50.0208 5128 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:01:50.0427 5128 usbehci - ok
21:01:50.0521 5128 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:01:50.0755 5128 usbhub - ok
21:01:50.0802 5128 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:01:51.0052 5128 usbprint - ok
21:01:51.0083 5128 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:01:51.0318 5128 usbscan - ok
21:01:51.0333 5128 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:01:51.0599 5128 usbstor - ok
21:01:51.0615 5128 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:01:51.0849 5128 usbuhci - ok
21:01:51.0927 5128 [ 9EBEE4A060C5364A31AEAA04EAC2AF1E ] VComm C:\WINDOWS\system32\DRIVERS\VComm.sys
21:01:51.0974 5128 VComm ( UnsignedFile.Multi.Generic ) - warning
21:01:51.0974 5128 VComm - detected UnsignedFile.Multi.Generic (1)
21:01:52.0005 5128 [ 630BBDBF5490F8F57ABE650DA63661A0 ] VcommMgr C:\WINDOWS\system32\Drivers\VcommMgr.sys
21:01:52.0083 5128 VcommMgr ( UnsignedFile.Multi.Generic ) - warning
21:01:52.0083 5128 VcommMgr - detected UnsignedFile.Multi.Generic (1)
21:01:52.0099 5128 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
21:01:52.0333 5128 VgaSave - ok
21:01:52.0333 5128 ViaIde - ok
21:01:52.0365 5128 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
21:01:52.0568 5128 VolSnap - ok
21:01:52.0630 5128 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
21:01:52.0833 5128 VSS - ok
21:01:52.0974 5128 [ 8ED347BAD8D1FB7C40B593BFB01786D2 ] vToolbarUpdater11.2.0 C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
21:01:53.0068 5128 vToolbarUpdater11.2.0 - ok
21:01:53.0099 5128 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
21:01:53.0318 5128 W32Time - ok
21:01:53.0380 5128 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:01:53.0615 5128 Wanarp - ok
21:01:53.0615 5128 WDICA - ok
21:01:53.0662 5128 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
21:01:53.0927 5128 wdmaud - ok
21:01:53.0974 5128 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
21:01:54.0240 5128 WebClient - ok
21:01:54.0349 5128 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
21:01:54.0568 5128 winmgmt - ok
21:01:54.0630 5128 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
21:01:54.0755 5128 WmdmPmSN - ok
21:01:54.0818 5128 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll
21:01:54.0927 5128 Wmi - ok
21:01:54.0943 5128 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
21:01:55.0162 5128 WmiAcpi - ok
21:01:55.0208 5128 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
21:01:55.0412 5128 WmiApSrv - ok
21:01:55.0505 5128 [ 6D4FD01AF03C8DC867505FC51D339B2B ] wowfilter C:\WINDOWS\system32\drivers\wowfilter.sys
21:01:55.0537 5128 wowfilter ( UnsignedFile.Multi.Generic ) - warning
21:01:55.0537 5128 wowfilter - detected UnsignedFile.Multi.Generic (1)
21:01:55.0583 5128 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
21:01:55.0646 5128 WpdUsb - ok
21:01:55.0787 5128 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:01:55.0974 5128 WPFFontCache_v0400 - ok
21:01:56.0005 5128 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
21:01:56.0302 5128 WS2IFSL - ok
21:01:56.0349 5128 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
21:01:56.0568 5128 wscsvc - ok
21:01:56.0630 5128 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:01:56.0880 5128 WSTCODEC - ok
21:01:56.0896 5128 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
21:01:57.0115 5128 wuauserv - ok
21:01:57.0177 5128 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
21:01:57.0240 5128 WudfPf - ok
21:01:57.0255 5128 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
21:01:57.0349 5128 WudfRd - ok
21:01:57.0396 5128 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
21:01:57.0427 5128 WudfSvc - ok
21:01:57.0490 5128 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
21:01:57.0771 5128 WZCSVC - ok
21:01:57.0833 5128 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
21:01:58.0099 5128 xmlprov - ok
21:01:58.0162 5128 ================ Scan global ===============================
21:01:58.0193 5128 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
21:01:58.0271 5128 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
21:01:58.0287 5128 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
21:01:58.0302 5128 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
21:01:58.0302 5128 [Global] - ok
21:01:58.0302 5128 ================ Scan MBR ==================================
21:01:58.0333 5128 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
21:01:58.0896 5128 \Device\Harddisk0\DR0 - ok
21:01:58.0896 5128 ================ Scan VBR ==================================
21:01:58.0912 5128 [ B47D19CE6B0E8C1C152282752AB3F7C7 ] \Device\Harddisk0\DR0\Partition1
21:01:58.0912 5128 \Device\Harddisk0\DR0\Partition1 - ok
21:01:58.0912 5128 ============================================================
21:01:58.0912 5128 Scan finished
21:01:58.0912 5128 ============================================================
21:01:59.0021 4340 Detected object count: 29
21:01:59.0021 4340 Actual detected object count: 29
21:02:16.0130 4340 ACEDRV05 ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:16.0130 4340 ACEDRV05 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:16.0130 4340 BlueletAudio ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:16.0130 4340 BlueletAudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:16.0130 4340 BlueletSCOAudio ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:16.0130 4340 BlueletSCOAudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:16.0130 4340 BlueSoleil Hid Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:16.0130 4340 BlueSoleil Hid Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:16.0130 4340 BsStor ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:16.0130 4340 BsStor ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:16.0146 4340 BsUDF ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:16.0146 4340 BsUDF ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:16.0146 4340 BT ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:16.0146 4340 BT ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:16.0146 4340 Btcsrusb ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:16.0146 4340 Btcsrusb ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:16.0146 4340 BTHidEnum ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:16.0146 4340 BTHidEnum ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:16.0146 4340 BTHidMgr ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:16.0146 4340 BTHidMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:16.0146 4340 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:16.0146 4340 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:16.0162 4340 IAANTMon ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:16.0162 4340 IAANTMon ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:16.0162 4340 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:16.0162 4340 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:16.0162 4340 InCDfs ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:16.0162 4340 InCDfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:16.0162 4340 InCDPass ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:16.0162 4340 InCDPass ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:16.0162 4340 InCDrec ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:16.0162 4340 InCDrec ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:16.0162 4340 InCDsrv ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:16.0162 4340 InCDsrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:16.0177 4340 lgsnd_filter ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:16.0177 4340 lgsnd_filter ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:16.0177 4340 MHN ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:16.0177 4340 MHN ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:16.0177 4340 MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:16.0177 4340 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:16.0177 4340 Ndisipo ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:16.0177 4340 Ndisipo ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:16.0177 4340 pfc ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:16.0177 4340 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:16.0177 4340 portD ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:16.0177 4340 portD ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:16.0177 4340 Secdrv ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:16.0177 4340 Secdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:16.0177 4340 SRS_PostInstaller ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:16.0177 4340 SRS_PostInstaller ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:16.0193 4340 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:16.0193 4340 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:16.0193 4340 VComm ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:16.0193 4340 VComm ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:16.0193 4340 VcommMgr ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:16.0193 4340 VcommMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:16.0193 4340 wowfilter ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:16.0193 4340 wowfilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
03.01.2013, 21:08
| #13 |
| /// Malware-holic | ADSPY/Stud.D.8, TR/Fakealert.grb.141 von Avira gemeldet... Hi lade den CCleaner standard: CCleaner - Download - Filepony falls der CCleaner bereits instaliert, überspringen. öffnen, Tools,uninstall Llist, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
03.01.2013, 22:32
| #14 |
| | ADSPY/Stud.D.8, TR/Fakealert.grb.141 von Avira gemeldet... Hi Markus, Da kommt die Liste: ich hab das mal farbig markiert, sonst wird das hier zu unübersichtlich: brauche ich nicht notwendig kenn ich nicht bzw. bin ich mir unsicher. Für meinen Epson-Drucker sind das wohl zuviele Programme Microsoft .NET hatte ich mal alles deinstalliert, wurde aber von diversen Programmen gebraucht - bei vielen anderen weiß ich nicht wirklich, wozu die gut sind. Hilft Dir das weiter?  Adam 08.10.2011 3.1 Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 29.12.2012 11.5.502.135 Adobe Flash Player 11 Plugin Adobe Systems Incorporated 29.12.2012 11.5.502.135 Agere Ethernet Adapter Agere 25.12.2006 1.02.1600 Agere Systems HDA Modem Amazonia cerasus.media GmbH 30.01.2010 Apple Application Support Apple Inc. 30.12.2012 66,77MB 2.3.2 Apple Mobile Device Support Apple Inc. 30.12.2012 24,55MB 6.0.1.3 Apple Software Update Apple Inc. 06.08.2011 2,38MB 2.1.3.127 ArcSoft PhotoStudio 5.5 16.10.2011 ATI - Software Uninstall Utility 08.10.2011 6.14.10.1014 ATI Catalyst Control Center 10.12.2006 140,00MB 1.2.2285.37111 ATI Display Driver 08.10.2011 8.252-060503a-033455C-LG Audiograbber 1.83 SE Audiograbber Deutschland 16.10.2011 1.83 SE AVG Security Toolbar AVG Technologies 30.12.2012 11.1.0.12 Avira Internet Security Avira 21.12.2012 13.0.0.2890 Battery Miser 08.10.2011 BlueSoleil IVT Corporation 25.12.2006 10,35MB 2.1.1.0 EDR Release 060123 Bonjour Apple Inc. 30.12.2012 1,03MB 3.0.0.10 BounceBack Express 08.10.2011 7.0 Canon CanoScan Toolbox 4.7 08.10.2011 CCleaner Piriform 24.10.2012 3.24 CDBurnerXP CDBurnerXP 04.04.2012 4.4.0.2971 Corel Photo Album 6 Corel, Inc. 26.01.2011 87,77MB 6.00 CyberLink InstantBurn 08.10.2011 Die*Sims™*3 Electronic Arts 03.01.2013 1.0.631 DiscWizard for Windows 08.10.2011 Dr Kawashima 24.11.2012 1.0 DVD Solution 08.10.2011 DVD Solution 03.01.2013 EPSON B42WD Series Handbuch 24.05.2012 EPSON B42WD Series Netzwerk-Handbuch 24.05.2012 EPSON B42WD Series Printer Uninstall SEIKO EPSON Corporation 18.04.2012 Epson Easy Photo Print 2 SEIKO EPSON CORPORATION 17.04.2012 2.2.3.0 Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) SEIKO EPSON CORPORATION 17.04.2012 1.00.0000 EpsonNet Print SEIKO EPSON CORPORATION 17.04.2012 2.4j EpsonNet Setup 3.3 SEIKO EPSON CORPORATION 18.04.2012 3.3b ESET Online Scanner v3 13.10.2011 Ez User's Guide 08.10.2011 Gehirnjogging - Der Trainer fürs Gedächtnis... SBT 25.11.2012 1.0 Gehirnjogging - Special Edition SBT 25.11.2012 1.0 GENprofi - Stammbaum Dr. Carsten Leue 08.10.2011 v2.62 (UNICODE) GENprofi-Stammbaum Handbuch Bernd von Loeben, Carsten Leue 24.11.2007 2.8.7 Google Earth Plug-in Google 18.11.2011 40,92MB 6.1.0.5001 Guck mal 11.0 rh-Softwareentwicklung 16.10.2011 Haushaltsbuch Lexware 03.01.2007 11.00.0000 InCD 18.10.2011 Intel Matrix Storage Manager 08.10.2011 IP Operator 08.10.2011 iPod for Windows 2006-06-28 Apple Computer, Inc. 03.02.2007 4.7.0 IrfanView (remove only) Irfan Skiljan 08.10.2011 4.32 iTunes Apple Inc. 30.12.2012 187,00MB 11.0.1.12 Java 7 Update 9 Oracle 04.09.2012 128,00MB 7.0.90 Johann Lafer Hits aus meiner Küche DNA Digital Media Group 08.10.2011 Kochbuch 1.7.1 Flo & Seb Engineering 24.07.2009 1.7.1.0 LG Direct Media Button Service LG Electronics Inc. 10.12.2006 0,26MB 1.5.0914 LG Intelligent Update 27.12.2012 2.03.0618.01 LightsOn Setup 08.10.2011 Logitech Desktop Messenger Logitech, Inc. 05.01.2007 2.54.11 Logitech QuickCam Logitech Inc. 25.04.2009 54,26MB 11.90.1263 Logitech QuickCam-Treiberpaket 08.10.2011 Logitech SetPoint Logitech 05.01.2007 2.30 Macromedia Extension Manager Ihr Firmenname 26.01.2011 4,90MB 1.7.270 Macromedia Flash 8 Macromedia 26.01.2011 246,00MB 8.00.0000 Macromedia Flash 8 Video Encoder Macromedia 26.01.2011 11,53MB 1.00.0000 Mahjongg - Ancient Mayas cerasus.media GmbH 31.01.2010 Malwarebytes Anti-Malware Version 1.70.0.1100 Malwarebytes Corporation 29.12.2012 1.70.0.1100 Manual CanoScan 5200F Microsoft .NET Framework 1.0 Hotfix (KB2604042) Microsoft Corporation 28.12.2012 Microsoft .NET Framework 1.0 Hotfix (KB2656378) Microsoft Corporation 27.04.2012 Microsoft .NET Framework 1.0 Security Update (KB2698035) Microsoft Corporation 28.12.2012 Microsoft .NET Framework 1.1 28.12.2012 Microsoft .NET Framework 2.0 Language Pack - DEU Microsoft Corporation 24.11.2012 Microsoft .NET Framework 2.0 Service Pack 2 Microsoft Corporation 28.12.2012 183,00MB 2.2.30729 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft Corporation 28.12.2012 238,00MB 3.2.30729 Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 29.12.2012 Microsoft .NET Framework 4 Client Profile Microsoft Corporation 28.12.2012 4.0.30320 Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Corporation 15.02.2012 Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 17.04.2012 4,64MB 8.0.59193 Microsoft Visual C++ 2005 SP1 CRT Redistributable Buhl Data Service GmbH 26.05.2007 1,60MB 1.00.0000 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 22.07.2010 5,24MB 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 19.03.2010 9,64MB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 07.11.2009 10,19MB 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 14.08.2011 10,20MB 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 18.10.2011 14,97MB 10.0.40219 Microsoft WSE 3.0 Runtime Microsoft Corp. 03.01.2013 0,92MB 3.0.5305.0 MobileMe Control Panel Apple Inc. 06.08.2011 12,00MB 3.1.6.0 Mozilla Firefox 17.0.1 (x86 en-GB) Mozilla 27.12.2012 17.0.1 Mozilla Maintenance Service Mozilla 10.12.2012 17.0.1 Mozilla Thunderbird 10.0.11 (x86 en-US) Mozilla 24.11.2012 10.0.11 MSN 08.10.2011 MSXML 4.0 SP2 (KB927978) Microsoft Corporation 10.12.2006 2,56MB 4.20.9841.0 MSXML 4.0 SP2 (KB936181) Microsoft Corporation 15.08.2007 2,62MB 4.20.9848.0 MSXML 4.0 SP2 (KB954430) Microsoft Corporation 12.11.2008 2,67MB 4.20.9870.0 MSXML 4.0 SP2 (KB973688) Microsoft Corporation 26.11.2009 2,77MB 4.20.9876.0 MuseScore 1.2 MuseScore score typesetter Werner Schweer and Others 12.07.2012 1.2.0 OmniPage SE ScanSoft, Inc. 10.12.2006 70,30MB 2.00.0000 On Screen Display 08.10.2011 OpenOffice.org 3.3 OpenOffice.org 18.10.2011 412,00MB 3.3.9567 PDF-XChange Viewer Tracker Software Products Ltd. 17.10.2011 32,56MB 2.5.199.0 Picasa 3 Google, Inc. 08.10.2011 3.8 Pixum EasyBook 16.10.2011 Power2Go 4.0 08.10.2011 PowerProducer 08.10.2011 PSPad editor Jan Fiala 08.10.2011 QuickTime 30.12.2012 QVTutto Version 2.7b 09.09.2007 Realtek High Definition Audio Driver Realtek Semiconductor Corp. 29.09.2006 5.10.0.5294 Samsung Kies Samsung Electronics Co., Ltd. 25.04.2012 2.3.0.12035_16 Samsung Master Samsung 10.12.2009 1.1.14 Samsung RAW Converter 3 Ihr Firmenname 10.12.2009 3 SAMSUNG USB Driver for Mobile Phones SAMSUNG Electronics Co., Ltd. 30.12.2012 1.5.4.0 Seagate*DiscWizard Seagate 06.01.2011 236,00MB 11.0.8330 Secunia PSI (3.0.0.2004) Secunia 03.01.2013 3.0.0.2004 Sid Meier's Civilization 4 Complete Firaxis Games 18.06.2008 1.74 Sound Rescue Terratec 2.1 08.10.2011 Synaptics Pointing Device Driver Synaptics 08.10.2011 8.3.6.0 Tetris Unlimited 0.5.0 Oscar Giner 08.10.2011 0.5.0 Texas Instruments PCIxx21/x515/xx12 drivers. Texas Instruments Inc. 09.11.2007 2.00.0002 The Next Tetris 08.10.2011 TomTom HOME 2.8.3.2499 TomTom 08.10.2011 2.8.3.2499 TomTom HOME Visual Studio Merge Modules TomTom International B.V. 17.04.2009 1,63MB 1.0.2 Trojan Killer 2.1 GridinSoft, Inc. 07.10.2011 Turbo Lister 2 eBay 07.02.2008 2.0.0 VLC media player 2.0.2 VideoLAN 25.03.2012 2.0.2 VoiceOver Kit Apple Inc. 06.08.2011 41,80MB 1.40.128.0 Wallpaper Installation 08.10.2011 Windows Driver Package - Intel (NETw3x32) net (07/02/2006 10.5.1.57) Intel 08.10.2011 07/02/2006 10.5.1.57 Windows Driver Package - Intel (w29n51) net (06/26/2006 9.0.4.17) Intel 08.10.2011 06/26/2006 9.0.4.17 Windows Genuine Advantage Validation Tool (KB892130) Microsoft Corporation 30.12.2011 Windows Internet Explorer 8 Microsoft Corporation 18.03.2012 20090308.140743 Windows Media Format 11 runtime 15.02.2012 Windows Media Player Firefox Plugin Microsoft Corp 27.03.2008 0,29MB 1.0.0.8 WinRAR 4.01 (32-Bit) win.rar GmbH 11.10.2011 4.01.0 WOW XT and TSXT Filter Driver SRS Labs, Inc. 26.09.2006 0,88MB 3.04.0000 |
|
03.01.2013, 22:43
| #15 |
| /// Malware-holic | ADSPY/Stud.D.8, TR/Fakealert.grb.141 von Avira gemeldet... nein, bitte beschriften wie beschrieben.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu ADSPY/Stud.D.8, TR/Fakealert.grb.141 von Avira gemeldet... |
| acedrv05.sys, antivir, application/pdf:, avg secure search, avg security toolbar, avira, bho, bonjour, cdburnerxp, combofix, entfernen, error, firefox, flash player, google, hdaudio.sys, helper, home, hängen, hängt, internet, intranet, logfile, mozilla, nodrives, object, plug-in, realtek, registry, secunia psi, secure search, security, server, software, system, tracker, tunnel, vtoolbarupdater |
Linear-Darstellung
