| |
| |||||||
Log-Analyse und Auswertung: Windows Security Center UKash-AufforderungWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
| |
29.03.2012, 19:39
| #1 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Windows Security Center UKash-Aufforderung Nein wir sind noch nicht fertig und wenn du Fragen hast dann stell die zum Schluss nochmal, ich will die Bereinigung hier nicht unterbrechen Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C  nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
30.03.2012, 19:38
| #2 |
 | Windows Security Center UKash-Aufforderung hi arne,
__________________hier mein tdss-log: Code:
ATTFilter 20:08:15.0875 2028 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18
20:08:15.0906 2028 ============================================================
20:08:15.0906 2028 Current date / time: 2012/03/30 20:08:15.0906
20:08:15.0906 2028 SystemInfo:
20:08:15.0906 2028
20:08:15.0906 2028 OS Version: 5.1.2600 ServicePack: 3.0
20:08:15.0906 2028 Product type: Workstation
20:08:15.0906 2028 ComputerName: XXXXX-F5C7ACD45
20:08:15.0906 2028 UserName: SystemAdmin
20:08:15.0906 2028 Windows directory: C:\WINDOWS
20:08:15.0906 2028 System windows directory: C:\WINDOWS
20:08:15.0906 2028 Processor architecture: Intel x86
20:08:15.0906 2028 Number of processors: 2
20:08:15.0906 2028 Page size: 0x1000
20:08:15.0906 2028 Boot type: Normal boot
20:08:15.0906 2028 ============================================================
20:08:16.0922 2028 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:08:16.0938 2028 \Device\Harddisk0\DR0:
20:08:16.0938 2028 MBR used
20:08:16.0938 2028 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A962B1
20:08:16.0953 2028 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3A9632F, BlocksNum 0xC34F28D
20:08:16.0953 2028 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFDE55FB, BlocksNum 0x14C08269
20:08:16.0969 2028 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x249ED8A3, BlocksNum 0x159934DD
20:08:17.0156 2028 Initialize success
20:08:17.0156 2028 ============================================================
20:08:40.0297 3880 ============================================================
20:08:40.0297 3880 Scan started
20:08:40.0297 3880 Mode: Manual; SigCheck; TDLFS;
20:08:40.0297 3880 ============================================================
20:08:40.0969 3880 Abiosdsk - ok
20:08:41.0188 3880 abp480n5 - ok
20:08:41.0422 3880 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:08:42.0203 3880 ACPI - ok
20:08:42.0438 3880 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
20:08:42.0563 3880 ACPIEC - ok
20:08:42.0766 3880 adpu160m - ok
20:08:42.0984 3880 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys
20:08:43.0016 3880 aec ( UnsignedFile.Multi.Generic ) - warning
20:08:43.0016 3880 aec - detected UnsignedFile.Multi.Generic (1)
20:08:43.0234 3880 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
20:08:43.0266 3880 AFD - ok
20:08:43.0484 3880 Aha154x - ok
20:08:43.0672 3880 aic78u2 - ok
20:08:43.0875 3880 aic78xx - ok
20:08:44.0063 3880 Alerter (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
20:08:44.0156 3880 Alerter - ok
20:08:44.0359 3880 ALG (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
20:08:44.0438 3880 ALG - ok
20:08:44.0672 3880 AliIde - ok
20:08:44.0859 3880 amsint - ok
20:08:45.0063 3880 AppMgmt (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
20:08:45.0141 3880 AppMgmt - ok
20:08:45.0375 3880 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
20:08:45.0469 3880 Arp1394 - ok
20:08:45.0672 3880 asc - ok
20:08:45.0875 3880 asc3350p - ok
20:08:46.0063 3880 asc3550 - ok
20:08:46.0172 3880 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:08:46.0188 3880 aspnet_state - ok
20:08:46.0359 3880 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:08:46.0438 3880 AsyncMac - ok
20:08:46.0656 3880 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:08:46.0734 3880 atapi - ok
20:08:46.0938 3880 Atdisk - ok
20:08:47.0156 3880 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:08:47.0234 3880 Atmarpc - ok
20:08:47.0422 3880 AudioSrv (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
20:08:47.0500 3880 AudioSrv - ok
20:08:47.0734 3880 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:08:47.0813 3880 audstub - ok
20:08:47.0859 3880 AVP - ok
20:08:48.0094 3880 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:08:48.0188 3880 Beep - ok
20:08:48.0391 3880 BITS (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
20:08:48.0500 3880 BITS - ok
20:08:48.0703 3880 Browser (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
20:08:48.0781 3880 Browser - ok
20:08:49.0031 3880 BTHPORT (592e1cedbe314d0ef184dc6f46141e76) C:\WINDOWS\system32\Drivers\BTHport.sys
20:08:49.0063 3880 BTHPORT - ok
20:08:49.0281 3880 BthServ (26c601ef7525e31379744abfc6f35a1b) C:\WINDOWS\System32\bthserv.dll
20:08:49.0344 3880 BthServ - ok
20:08:49.0594 3880 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
20:08:49.0672 3880 BTHUSB - ok
20:08:49.0875 3880 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:08:49.0969 3880 cbidf2k - ok
20:08:50.0172 3880 cd20xrnt - ok
20:08:50.0391 3880 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:08:50.0484 3880 Cdaudio - ok
20:08:50.0703 3880 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
20:08:50.0781 3880 Cdfs - ok
20:08:51.0000 3880 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:08:51.0078 3880 Cdrom - ok
20:08:51.0266 3880 cerc6 - ok
20:08:51.0484 3880 Changer - ok
20:08:51.0672 3880 CiSvc (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
20:08:51.0750 3880 CiSvc - ok
20:08:51.0969 3880 ClipSrv (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
20:08:52.0047 3880 ClipSrv - ok
20:08:52.0172 3880 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:08:52.0188 3880 clr_optimization_v2.0.50727_32 - ok
20:08:52.0344 3880 CmdIde - ok
20:08:52.0516 3880 COMSysApp - ok
20:08:52.0719 3880 Cpqarray - ok
20:08:52.0922 3880 CryptSvc (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
20:08:53.0000 3880 CryptSvc - ok
20:08:53.0219 3880 dac2w2k - ok
20:08:53.0406 3880 dac960nt - ok
20:08:53.0609 3880 DcomLaunch (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
20:08:53.0656 3880 DcomLaunch - ok
20:08:53.0859 3880 Dhcp (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
20:08:53.0938 3880 Dhcp - ok
20:08:54.0172 3880 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
20:08:54.0250 3880 Disk - ok
20:08:54.0422 3880 dmadmin - ok
20:08:54.0656 3880 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
20:08:54.0766 3880 dmboot - ok
20:08:54.0984 3880 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\DRIVERS\dmio.sys
20:08:55.0078 3880 dmio - ok
20:08:55.0297 3880 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:08:55.0391 3880 dmload - ok
20:08:55.0578 3880 dmserver (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
20:08:55.0656 3880 dmserver - ok
20:08:55.0875 3880 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
20:08:55.0891 3880 DMusic ( UnsignedFile.Multi.Generic ) - warning
20:08:55.0891 3880 DMusic - detected UnsignedFile.Multi.Generic (1)
20:08:56.0078 3880 Dnscache (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
20:08:56.0125 3880 Dnscache - ok
20:08:56.0344 3880 Dot3svc (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
20:08:56.0422 3880 Dot3svc - ok
20:08:56.0641 3880 dpti2o - ok
20:08:56.0859 3880 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
20:08:56.0859 3880 drmkaud ( UnsignedFile.Multi.Generic ) - warning
20:08:56.0859 3880 drmkaud - detected UnsignedFile.Multi.Generic (1)
20:08:57.0063 3880 EapHost (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
20:08:57.0125 3880 EapHost - ok
20:08:57.0344 3880 ERSvc (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
20:08:57.0422 3880 ERSvc - ok
20:08:57.0625 3880 Eventlog (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
20:08:57.0641 3880 Eventlog - ok
20:08:57.0844 3880 EventSystem (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
20:08:57.0875 3880 EventSystem - ok
20:08:58.0125 3880 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
20:08:58.0203 3880 Fastfat - ok
20:08:58.0391 3880 FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:08:58.0406 3880 FastUserSwitchingCompatibility - ok
20:08:58.0641 3880 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
20:08:58.0703 3880 Fdc - ok
20:08:58.0953 3880 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
20:08:59.0031 3880 Fips - ok
20:08:59.0250 3880 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
20:08:59.0328 3880 Flpydisk - ok
20:08:59.0547 3880 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
20:08:59.0625 3880 FltMgr - ok
20:08:59.0734 3880 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:08:59.0750 3880 FontCache3.0.0.0 - ok
20:08:59.0922 3880 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:09:00.0016 3880 Fs_Rec - ok
20:09:00.0234 3880 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:09:00.0344 3880 Ftdisk - ok
20:09:00.0563 3880 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:09:00.0641 3880 Gpc - ok
20:09:00.0859 3880 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:09:00.0938 3880 HDAudBus - ok
20:09:01.0047 3880 helpsvc (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:09:01.0125 3880 helpsvc - ok
20:09:01.0266 3880 HidServ (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll
20:09:01.0344 3880 HidServ - ok
20:09:01.0578 3880 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:09:01.0656 3880 hidusb - ok
20:09:01.0844 3880 hkmsvc (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
20:09:01.0922 3880 hkmsvc - ok
20:09:02.0141 3880 hpn - ok
20:09:02.0203 3880 hpqcxs08 (f50f7984fdd151edd8a70a8dbd9e2a44) C:\Programme\HP\Digital Imaging\bin\hpqcxs08.dll
20:09:02.0219 3880 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
20:09:02.0219 3880 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
20:09:02.0234 3880 hpqddsvc (df446ba625cc441617843e87798ce048) C:\Programme\HP\Digital Imaging\bin\hpqddsvc.dll
20:09:02.0250 3880 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
20:09:02.0250 3880 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
20:09:02.0516 3880 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
20:09:02.0578 3880 HPZid412 - ok
20:09:02.0813 3880 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
20:09:02.0828 3880 HPZipr12 - ok
20:09:03.0063 3880 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
20:09:03.0094 3880 HPZius12 - ok
20:09:03.0313 3880 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
20:09:03.0344 3880 HTTP - ok
20:09:03.0547 3880 HTTPFilter (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
20:09:03.0625 3880 HTTPFilter - ok
20:09:03.0828 3880 i2omgmt - ok
20:09:04.0031 3880 i2omp - ok
20:09:04.0250 3880 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:09:04.0328 3880 i8042prt - ok
20:09:04.0469 3880 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:09:04.0531 3880 idsvc - ok
20:09:04.0703 3880 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:09:04.0797 3880 Imapi - ok
20:09:04.0984 3880 ImapiService (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
20:09:05.0063 3880 ImapiService - ok
20:09:05.0281 3880 ini910u - ok
20:09:05.0594 3880 IntcAzAudAddService (9f6320e7b0c43e4e5693e1515ba5595c) C:\WINDOWS\system32\drivers\RtkHDAud.sys
20:09:05.0719 3880 IntcAzAudAddService ( UnsignedFile.Multi.Generic ) - warning
20:09:05.0719 3880 IntcAzAudAddService - detected UnsignedFile.Multi.Generic (1)
20:09:05.0922 3880 IntelIde - ok
20:09:06.0141 3880 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
20:09:06.0219 3880 Ip6Fw - ok
20:09:06.0438 3880 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:09:06.0531 3880 IpFilterDriver - ok
20:09:06.0750 3880 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:09:06.0828 3880 IpInIp - ok
20:09:07.0047 3880 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:09:07.0125 3880 IpNat - ok
20:09:07.0344 3880 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:09:07.0422 3880 IPSec - ok
20:09:07.0641 3880 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:09:07.0719 3880 IRENUM - ok
20:09:07.0938 3880 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:09:08.0016 3880 isapnp - ok
20:09:08.0047 3880 ISWKL - ok
20:09:08.0047 3880 IswSvc - ok
20:09:08.0109 3880 JavaQuickStarterService (381b25dc8e958d905b33130d500bbf29) D:\Java\bin\jqs.exe
20:09:08.0125 3880 JavaQuickStarterService - ok
20:09:08.0375 3880 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:09:08.0438 3880 Kbdclass - ok
20:09:08.0672 3880 KL1 (186b54479d98e48aee0e9ada4b3c4d31) C:\WINDOWS\system32\DRIVERS\kl1.sys
20:09:08.0703 3880 KL1 - ok
20:09:08.0922 3880 kl2 (bf485bfba13c0ab116701fd9c55324d0) C:\WINDOWS\system32\DRIVERS\kl2.sys
20:09:08.0922 3880 kl2 - ok
20:09:09.0156 3880 KLIF (5d92a03045a6a98708975b3d77b39a36) C:\WINDOWS\system32\DRIVERS\klif.sys
20:09:09.0172 3880 KLIF - ok
20:09:09.0406 3880 klim5 (96a7ec308a93da26dfe481308baac2a2) C:\WINDOWS\system32\DRIVERS\klim5.sys
20:09:09.0406 3880 klim5 - ok
20:09:09.0625 3880 klmouflt (3959530f69e19da56f1f24f2c89f1e2c) C:\WINDOWS\system32\DRIVERS\klmouflt.sys
20:09:09.0641 3880 klmouflt - ok
20:09:09.0844 3880 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys
20:09:09.0859 3880 kmixer ( UnsignedFile.Multi.Generic ) - warning
20:09:09.0859 3880 kmixer - detected UnsignedFile.Multi.Generic (1)
20:09:10.0078 3880 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
20:09:10.0094 3880 KSecDD - ok
20:09:10.0281 3880 LanmanServer (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
20:09:10.0313 3880 LanmanServer - ok
20:09:10.0516 3880 lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
20:09:10.0531 3880 lanmanworkstation - ok
20:09:10.0750 3880 lbrtfdc - ok
20:09:10.0953 3880 LmHosts (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
20:09:11.0031 3880 LmHosts - ok
20:09:11.0266 3880 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys
20:09:11.0266 3880 MBAMProtector - ok
20:09:11.0313 3880 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) D:\Malwarebytes' Anti-Malware\mbamservice.exe
20:09:11.0344 3880 MBAMService - ok
20:09:11.0578 3880 Messenger (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
20:09:11.0656 3880 Messenger - ok
20:09:11.0734 3880 Microsoft Office Groove Audit Service (7c4c76b39d5525c4a465e0be32528e19) C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe
20:09:11.0750 3880 Microsoft Office Groove Audit Service - ok
20:09:11.0984 3880 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:09:12.0063 3880 mnmdd - ok
20:09:12.0250 3880 mnmsrvc (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
20:09:12.0313 3880 mnmsrvc - ok
20:09:12.0531 3880 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
20:09:12.0609 3880 Modem - ok
20:09:12.0828 3880 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:09:12.0906 3880 Mouclass - ok
20:09:13.0125 3880 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:09:13.0219 3880 mouhid - ok
20:09:13.0656 3880 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
20:09:13.0734 3880 MountMgr - ok
20:09:13.0953 3880 mraid35x - ok
20:09:14.0188 3880 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:09:14.0266 3880 MRxDAV - ok
20:09:14.0500 3880 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:09:14.0563 3880 MRxSmb - ok
20:09:14.0750 3880 MSDTC (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
20:09:14.0828 3880 MSDTC - ok
20:09:15.0047 3880 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
20:09:15.0109 3880 Msfs - ok
20:09:15.0281 3880 MSIServer - ok
20:09:15.0500 3880 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:09:15.0578 3880 MSKSSRV - ok
20:09:15.0797 3880 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:09:15.0875 3880 MSPCLOCK - ok
20:09:16.0109 3880 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
20:09:16.0172 3880 MSPQM - ok
20:09:16.0391 3880 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:09:16.0453 3880 mssmbios - ok
20:09:16.0688 3880 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
20:09:16.0703 3880 Mup - ok
20:09:16.0906 3880 napagent (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
20:09:17.0000 3880 napagent - ok
20:09:17.0266 3880 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
20:09:17.0328 3880 NDIS - ok
20:09:17.0547 3880 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:09:17.0563 3880 NdisTapi - ok
20:09:17.0797 3880 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:09:17.0859 3880 Ndisuio - ok
20:09:18.0094 3880 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:09:18.0156 3880 NdisWan - ok
20:09:18.0391 3880 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
20:09:18.0406 3880 NDProxy - ok
20:09:18.0594 3880 Net Driver HPZ12 (51c6d8bfbd4ea5b62a1ba7f4469250d3) C:\WINDOWS\system32\HPZinw12.dll
20:09:18.0594 3880 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:09:18.0594 3880 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:09:18.0844 3880 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
20:09:18.0906 3880 NetBIOS - ok
20:09:19.0141 3880 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
20:09:19.0219 3880 NetBT - ok
20:09:19.0391 3880 NetDDE (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
20:09:19.0469 3880 NetDDE - ok
20:09:19.0484 3880 NetDDEdsdm (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
20:09:19.0547 3880 NetDDEdsdm - ok
20:09:19.0750 3880 Netlogon (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:09:19.0828 3880 Netlogon - ok
20:09:20.0031 3880 Netman (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
20:09:20.0109 3880 Netman - ok
20:09:20.0250 3880 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:09:20.0250 3880 NetTcpPortSharing - ok
20:09:20.0422 3880 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
20:09:20.0500 3880 NIC1394 - ok
20:09:20.0688 3880 Nla (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
20:09:20.0719 3880 Nla - ok
20:09:20.0938 3880 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
20:09:21.0016 3880 Npfs - ok
20:09:21.0234 3880 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
20:09:21.0344 3880 Ntfs - ok
20:09:21.0547 3880 NtLmSsp (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:09:21.0609 3880 NtLmSsp - ok
20:09:21.0813 3880 NtmsSvc (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
20:09:21.0906 3880 NtmsSvc - ok
20:09:22.0141 3880 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:09:22.0234 3880 Null - ok
20:09:22.0609 3880 nv (3712d332633b853101ab786380c969ec) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:09:22.0906 3880 nv ( UnsignedFile.Multi.Generic ) - warning
20:09:22.0906 3880 nv - detected UnsignedFile.Multi.Generic (1)
20:09:23.0109 3880 NVSvc (357cde6c24eb15888e810c6d2787c238) C:\WINDOWS\system32\nvsvc32.exe
20:09:23.0125 3880 NVSvc ( UnsignedFile.Multi.Generic ) - warning
20:09:23.0125 3880 NVSvc - detected UnsignedFile.Multi.Generic (1)
20:09:23.0547 3880 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:09:23.0641 3880 NwlnkFlt - ok
20:09:23.0875 3880 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:09:23.0953 3880 NwlnkFwd - ok
20:09:24.0063 3880 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
20:09:24.0078 3880 odserv - ok
20:09:24.0313 3880 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
20:09:24.0391 3880 ohci1394 - ok
20:09:24.0438 3880 ose (5a432a042dae460abe7199b758e8606c) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
20:09:24.0438 3880 ose - ok
20:09:24.0672 3880 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
20:09:24.0750 3880 Parport - ok
20:09:24.0984 3880 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
20:09:25.0047 3880 PartMgr - ok
20:09:25.0266 3880 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
20:09:25.0359 3880 ParVdm - ok
20:09:25.0563 3880 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
20:09:25.0641 3880 PCI - ok
20:09:25.0844 3880 PCIDump - ok
20:09:26.0063 3880 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
20:09:26.0156 3880 PCIIde - ok
20:09:26.0359 3880 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
20:09:26.0438 3880 Pcmcia - ok
20:09:26.0656 3880 PDCOMP - ok
20:09:26.0859 3880 PDFRAME - ok
20:09:27.0063 3880 PDRELI - ok
20:09:27.0281 3880 PDRFRAME - ok
20:09:27.0484 3880 perc2 - ok
20:09:27.0688 3880 perc2hib - ok
20:09:27.0891 3880 PlugPlay (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
20:09:27.0906 3880 PlugPlay - ok
20:09:28.0109 3880 Pml Driver HPZ12 (79834aa2fbf9fe81eebb229024f6f7fc) C:\WINDOWS\system32\HPZipm12.dll
20:09:28.0125 3880 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:09:28.0125 3880 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:09:28.0328 3880 PolicyAgent (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:09:28.0391 3880 PolicyAgent - ok
20:09:28.0641 3880 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:09:28.0703 3880 PptpMiniport - ok
20:09:28.0953 3880 Processor (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys
20:09:29.0016 3880 Processor - ok
20:09:29.0219 3880 ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:09:29.0281 3880 ProtectedStorage - ok
20:09:29.0500 3880 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
20:09:29.0578 3880 PSched - ok
20:09:29.0797 3880 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:09:29.0891 3880 Ptilink - ok
20:09:30.0094 3880 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:09:30.0109 3880 PxHelp20 - ok
20:09:30.0313 3880 ql1080 - ok
20:09:30.0516 3880 Ql10wnt - ok
20:09:30.0719 3880 ql12160 - ok
20:09:30.0922 3880 ql1240 - ok
20:09:31.0141 3880 ql1280 - ok
20:09:31.0375 3880 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:09:31.0453 3880 RasAcd - ok
20:09:31.0641 3880 RasAuto (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
20:09:31.0719 3880 RasAuto - ok
20:09:31.0953 3880 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:09:32.0031 3880 Rasl2tp - ok
20:09:32.0219 3880 RasMan (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
20:09:32.0297 3880 RasMan - ok
20:09:32.0547 3880 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:09:32.0625 3880 RasPppoe - ok
20:09:32.0844 3880 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:09:32.0922 3880 Raspti - ok
20:09:33.0156 3880 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:09:33.0234 3880 Rdbss - ok
20:09:33.0453 3880 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:09:33.0547 3880 RDPCDD - ok
20:09:33.0766 3880 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:09:33.0844 3880 rdpdr - ok
20:09:34.0063 3880 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
20:09:34.0078 3880 RDPWD - ok
20:09:34.0266 3880 RDSessMgr (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
20:09:34.0344 3880 RDSessMgr - ok
20:09:34.0578 3880 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:09:34.0656 3880 redbook - ok
20:09:34.0844 3880 RemoteAccess (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
20:09:34.0922 3880 RemoteAccess - ok
20:09:35.0125 3880 RemoteRegistry (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
20:09:35.0203 3880 RemoteRegistry - ok
20:09:35.0391 3880 RpcLocator (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
20:09:35.0469 3880 RpcLocator - ok
20:09:35.0688 3880 RpcSs (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
20:09:35.0703 3880 RpcSs - ok
20:09:35.0953 3880 RSVP (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
20:09:36.0047 3880 RSVP - ok
20:09:36.0250 3880 SamSs (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:09:36.0313 3880 SamSs - ok
20:09:36.0500 3880 SCardSvr (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
20:09:36.0563 3880 SCardSvr - ok
20:09:36.0781 3880 Schedule (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
20:09:36.0859 3880 Schedule - ok
20:09:37.0109 3880 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:09:37.0172 3880 Secdrv - ok
20:09:37.0359 3880 seclogon (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
20:09:37.0438 3880 seclogon - ok
20:09:37.0656 3880 SENS (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
20:09:37.0734 3880 SENS - ok
20:09:37.0969 3880 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
20:09:38.0047 3880 serenum - ok
20:09:38.0266 3880 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
20:09:38.0438 3880 Serial - ok
20:09:38.0688 3880 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
20:09:38.0750 3880 Sfloppy - ok
20:09:38.0953 3880 SharedAccess (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
20:09:39.0031 3880 SharedAccess - ok
20:09:39.0250 3880 ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:09:39.0266 3880 ShellHWDetection - ok
20:09:39.0453 3880 Simbad - ok
20:09:39.0656 3880 Sparrow - ok
20:09:39.0875 3880 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys
20:09:39.0891 3880 splitter ( UnsignedFile.Multi.Generic ) - warning
20:09:39.0891 3880 splitter - detected UnsignedFile.Multi.Generic (1)
20:09:40.0078 3880 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
20:09:40.0094 3880 Spooler - ok
20:09:40.0328 3880 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
20:09:40.0391 3880 sr - ok
20:09:40.0594 3880 srservice (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
20:09:40.0656 3880 srservice - ok
20:09:40.0906 3880 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
20:09:40.0938 3880 Srv - ok
20:09:41.0125 3880 SSDPSRV (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
20:09:41.0203 3880 SSDPSRV - ok
20:09:41.0422 3880 stisvc (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
20:09:41.0516 3880 stisvc - ok
20:09:41.0750 3880 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:09:41.0828 3880 swenum - ok
20:09:42.0047 3880 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
20:09:42.0063 3880 swmidi ( UnsignedFile.Multi.Generic ) - warning
20:09:42.0063 3880 swmidi - detected UnsignedFile.Multi.Generic (1)
20:09:42.0250 3880 SwPrv - ok
20:09:42.0453 3880 symc810 - ok
20:09:42.0641 3880 symc8xx - ok
20:09:42.0844 3880 sym_hi - ok
20:09:43.0047 3880 sym_u3 - ok
20:09:43.0281 3880 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
20:09:43.0281 3880 sysaudio ( UnsignedFile.Multi.Generic ) - warning
20:09:43.0281 3880 sysaudio - detected UnsignedFile.Multi.Generic (1)
20:09:43.0484 3880 SysmonLog (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
20:09:43.0563 3880 SysmonLog - ok
20:09:43.0781 3880 TapiSrv (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
20:09:43.0859 3880 TapiSrv - ok
20:09:44.0109 3880 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:09:44.0125 3880 Tcpip - ok
20:09:44.0344 3880 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:09:44.0406 3880 TDPIPE - ok
20:09:44.0625 3880 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
20:09:44.0688 3880 TDTCP - ok
20:09:44.0906 3880 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:09:44.0984 3880 TermDD - ok
20:09:45.0172 3880 TermService (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
20:09:45.0250 3880 TermService - ok
20:09:45.0453 3880 Themes (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:09:45.0453 3880 Themes - ok
20:09:45.0672 3880 TlntSvr (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\system32\tlntsvr.exe
20:09:45.0750 3880 TlntSvr - ok
20:09:45.0969 3880 TosIde - ok
20:09:46.0156 3880 TrkWks (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
20:09:46.0234 3880 TrkWks - ok
20:09:46.0484 3880 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
20:09:46.0563 3880 Udfs - ok
20:09:46.0766 3880 ultra - ok
20:09:46.0953 3880 UMWdf (ab0a7ca90d9e3d6a193905dc1715ded0) C:\WINDOWS\system32\wdfmgr.exe
20:09:46.0969 3880 UMWdf ( UnsignedFile.Multi.Generic ) - warning
20:09:46.0969 3880 UMWdf - detected UnsignedFile.Multi.Generic (1)
20:09:47.0219 3880 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
20:09:47.0297 3880 Update - ok
20:09:47.0500 3880 upnphost (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
20:09:47.0578 3880 upnphost - ok
20:09:47.0781 3880 UPS (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
20:09:47.0859 3880 UPS - ok
20:09:48.0109 3880 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:09:48.0188 3880 usbccgp - ok
20:09:48.0406 3880 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:09:48.0484 3880 usbehci - ok
20:09:48.0719 3880 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:09:48.0781 3880 usbhub - ok
20:09:49.0016 3880 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
20:09:49.0078 3880 usbohci - ok
20:09:49.0281 3880 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:09:49.0375 3880 usbprint - ok
20:09:49.0625 3880 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:09:49.0625 3880 usbscan ( UnsignedFile.Multi.Generic ) - warning
20:09:49.0625 3880 usbscan - detected UnsignedFile.Multi.Generic (1)
20:09:49.0891 3880 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:09:49.0969 3880 usbstor - ok
20:09:50.0203 3880 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
20:09:50.0266 3880 VgaSave - ok
20:09:50.0484 3880 ViaIde - ok
20:09:50.0688 3880 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
20:09:50.0766 3880 VolSnap - ok
20:09:50.0969 3880 VSS (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
20:09:51.0047 3880 VSS - ok
20:09:51.0234 3880 W32Time (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
20:09:51.0313 3880 W32Time - ok
20:09:51.0547 3880 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:09:51.0625 3880 Wanarp - ok
20:09:51.0828 3880 WDICA - ok
20:09:52.0078 3880 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys
20:09:52.0078 3880 wdmaud ( UnsignedFile.Multi.Generic ) - warning
20:09:52.0078 3880 wdmaud - detected UnsignedFile.Multi.Generic (1)
20:09:52.0281 3880 WebClient (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
20:09:52.0359 3880 WebClient - ok
20:09:52.0578 3880 winmgmt (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
20:09:52.0656 3880 winmgmt - ok
20:09:52.0844 3880 WmdmPmSN (140ef97b64f560fd78643cae2cdad838) C:\WINDOWS\system32\mspmsnsv.dll
20:09:52.0844 3880 WmdmPmSN ( UnsignedFile.Multi.Generic ) - warning
20:09:52.0844 3880 WmdmPmSN - detected UnsignedFile.Multi.Generic (1)
20:09:53.0078 3880 Wmi (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
20:09:53.0094 3880 Wmi - ok
20:09:53.0328 3880 WmiApSrv (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:09:53.0406 3880 WmiApSrv - ok
20:09:53.0594 3880 wscsvc (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
20:09:53.0672 3880 wscsvc - ok
20:09:53.0891 3880 wuauserv (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
20:09:53.0969 3880 wuauserv - ok
20:09:54.0156 3880 WZCSVC (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
20:09:54.0250 3880 WZCSVC - ok
20:09:54.0469 3880 xmlprov (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
20:09:54.0547 3880 xmlprov - ok
20:09:54.0781 3880 yukonwxp (67331fd053f97a874a60374be6b59523) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
20:09:54.0797 3880 yukonwxp ( UnsignedFile.Multi.Generic ) - warning
20:09:54.0797 3880 yukonwxp - detected UnsignedFile.Multi.Generic (1)
20:09:54.0813 3880 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
20:09:55.0047 3880 \Device\Harddisk0\DR0 - ok
20:09:55.0047 3880 Boot (0x1200) (ad9b2e9358e75001c176ba303d0be1a7) \Device\Harddisk0\DR0\Partition0
20:09:55.0047 3880 \Device\Harddisk0\DR0\Partition0 - ok
20:09:55.0063 3880 Boot (0x1200) (990e0a47b01c3a67f714eca6fb01746c) \Device\Harddisk0\DR0\Partition1
20:09:55.0063 3880 \Device\Harddisk0\DR0\Partition1 - ok
20:09:55.0078 3880 Boot (0x1200) (d207b78b23fce40380e77c206316cf74) \Device\Harddisk0\DR0\Partition2
20:09:55.0078 3880 \Device\Harddisk0\DR0\Partition2 - ok
20:09:55.0094 3880 Boot (0x1200) (83beb912c3e32ffc494c0546a7eb946d) \Device\Harddisk0\DR0\Partition3
20:09:55.0094 3880 \Device\Harddisk0\DR0\Partition3 - ok
20:09:55.0094 3880 ============================================================
20:09:55.0094 3880 Scan finished
20:09:55.0094 3880 ============================================================
20:09:55.0203 3560 Detected object count: 19
20:09:55.0203 3560 Actual detected object count: 19
20:12:26.0578 3560 aec ( UnsignedFile.Multi.Generic ) - skipped by user
20:12:26.0578 3560 aec ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:12:26.0578 3560 DMusic ( UnsignedFile.Multi.Generic ) - skipped by user
20:12:26.0578 3560 DMusic ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:12:26.0578 3560 drmkaud ( UnsignedFile.Multi.Generic ) - skipped by user
20:12:26.0578 3560 drmkaud ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:12:26.0594 3560 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
20:12:26.0594 3560 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:12:26.0594 3560 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:12:26.0594 3560 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:12:26.0594 3560 IntcAzAudAddService ( UnsignedFile.Multi.Generic ) - skipped by user
20:12:26.0594 3560 IntcAzAudAddService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:12:26.0594 3560 kmixer ( UnsignedFile.Multi.Generic ) - skipped by user
20:12:26.0594 3560 kmixer ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:12:26.0594 3560 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
20:12:26.0594 3560 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:12:26.0594 3560 nv ( UnsignedFile.Multi.Generic ) - skipped by user
20:12:26.0594 3560 nv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:12:26.0594 3560 NVSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:12:26.0594 3560 NVSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:12:26.0594 3560 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
20:12:26.0594 3560 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:12:26.0594 3560 splitter ( UnsignedFile.Multi.Generic ) - skipped by user
20:12:26.0594 3560 splitter ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:12:26.0609 3560 swmidi ( UnsignedFile.Multi.Generic ) - skipped by user
20:12:26.0609 3560 swmidi ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:12:26.0609 3560 sysaudio ( UnsignedFile.Multi.Generic ) - skipped by user
20:12:26.0609 3560 sysaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:12:26.0609 3560 UMWdf ( UnsignedFile.Multi.Generic ) - skipped by user
20:12:26.0609 3560 UMWdf ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:12:26.0609 3560 usbscan ( UnsignedFile.Multi.Generic ) - skipped by user
20:12:26.0609 3560 usbscan ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:12:26.0609 3560 wdmaud ( UnsignedFile.Multi.Generic ) - skipped by user
20:12:26.0609 3560 wdmaud ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:12:26.0609 3560 WmdmPmSN ( UnsignedFile.Multi.Generic ) - skipped by user
20:12:26.0609 3560 WmdmPmSN ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:12:26.0609 3560 yukonwxp ( UnsignedFile.Multi.Generic ) - skipped by user
20:12:26.0609 3560 yukonwxp ( UnsignedFile.Multi.Generic ) - User select action: Skip
gestern wollte ich kaspersky-db aktualisieren, weil er gemeckert hat, dass er nicht auf dem neuesten stand ist. zweimal eingefroren (86%; mein konto und systemadmin). keine möglichkeit für öffnen des taskmanagers. ebenso ist mir firefox dreimal eingefroren. in beiden fällen half nur noch ein hard-reset. eben, bevor ich dir das log posten konnte, gleiches problem. ich hoffe, ich komme jetzt durch... grüße, michael |
|
| Themen zu Windows Security Center UKash-Aufforderung |
| aufrufe, ausgeführt, center, erscheint, euro, hinweis, hoffe, konten, logfiles, löschen, melde, problem, profil, registrierte, richtig, schei, security, sofort, software, sp2, stelle, tan, taskmanager, trojaner, ukash, versucht, windows, windows security center, zahlung |
Hybrid-Darstellung
