BKA Virus, Netbook bootet jetzt nicht mehr

Jenniferle · 06.04.2012, 18:59

ich habe im BIOS Menü im Punkt "Main" einen "Sata Port 0", worunter ich die oben genannten Modi einstellen kann. dort habe ich aber leider nur die oben genannten Punkte, unter anderem auch den IDE Removable punkt, der weder RAID noch AHCI tauchen da bei mir auf

die Bootreihenfolge ist bei mir unter dem Menüpunkt "Boot", meine aufgezählten Punkte sollten tatsächlich den Modus des SATA-Controllers verändern.

Interessant ist, dass er das OTLPE mittlerweile auch über den "Auto" Modus bootet (vorhin musste ich dafür ja noch auf IDE umschalten), jedoch Windows immer noch mit Bluescreen wegschmiert, wenn ich es starten will oder in den abgesicherten Modus will.

Kann ich über OTLPE irgendwie den gesetzten Haken bei "SAFEBOOT" unter msconfig wegmachen? Bevor ich den gesetzt hatte konnte ich ja immer normal booten, halt nur nicht in den abgesicherten Modus.

Eben gesehen, dass du noch was ergänzt hast: Ich habe den Modus von "Auto" auf "IDE Removable" gesetzt damit OTLPE gebootet hat.

Okay, hier nochmal ein Update, ich habe nochmal mit OTLPE gestartet und über die Konsole dort den Haken bei SAFEBOOT entfernen können (musste mir davor den befehl msconfig per text datei auf USB Stick kopieren, da irgendwie die Vokale in OTLPE gefehlt haben).

Das Netbook bootet nun wieder, der abgesicherte Modus geht nach wie vor nicht (hier liegt wohl ein anderes Problem vor), aber ich komme im normalen Modus ganz normal wieder in Windows rein. Den _OTL Ordner habe ich gezippt und geuploaded habe ich die zip auch. Soll ich den Ordner an Ort und Stelle lassen oder löschen oder wie geht's weiter?

Auf jeden Fall möchte ich mich schonmal in aller Form bei Dir bedanken für deine Zeit und deine Hilfe! Ein frohes Osterfest

cosinus · 06.04.2012, 19:58

Hm, kann ich alles nicht so ganz nachvollziehen, aber immerhin geht der normale Modus wieder

Bitte nun routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden.

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

ATTFilter

 hier steht das Log

Jenniferle · 07.04.2012, 01:10

So, die Scans sind jetzt alle beendet. Hier noch die Ergebnisse!

Die Microsoft Security Essentials haben selbstständig auch gescannt bevor sie dann für die anderen Scans deaktiviert wurden. Von ihnen stammen folgende Meldungen:

Code:

ATTFilter

Kategorie: Trojaner

Beschreibung: Dieses Programm ist gefährlich. Es führt Befehle eines Angreifers aus.

Empfohlene Aktion: Entfernen Sie diese Software unverzüglich.

Security Essentials hat Programme erkannt, die Ihre Privatsphäre gefährden oder Ihren Computer beschädigen könnten. Sie können auf die von diesen Programmen verwendeten Dateien weiterhin zugreifen, ohne sie zu entfernen (nicht empfohlen). Wählen Sie zum Zugreifen auf diese Dateien die Aktion "Zulassen" aus, und klicken Sie dann auf "Aktionen anwenden". Wenn diese Option nicht verfügbar ist, melden Sie sich als Administrator an, oder bitten Sie den Sicherheitsadministrator um Unterstützung.

Elemente:
containerfile:C:\_OTL.zip
file:C:\_OTL.zip->_OTL/MovedFiles/04072012_014714/C_Dokumente und Einstellungen/Administrator/Lokale Einstellungen/Temp/ch8l0.exe

Kategorie: Ausnutzen

Beschreibung: Dieses Programm ist gefährlich. Es nutzt die Sicherheitslücken eines Computers aus.

Empfohlene Aktion: Entfernen Sie diese Software unverzüglich.

Security Essentials hat Programme erkannt, die Ihre Privatsphäre gefährden oder Ihren Computer beschädigen könnten. Sie können auf die von diesen Programmen verwendeten Dateien weiterhin zugreifen, ohne sie zu entfernen (nicht empfohlen). Wählen Sie zum Zugreifen auf diese Dateien die Aktion "Zulassen" aus, und klicken Sie dann auf "Aktionen anwenden". Wenn diese Option nicht verfügbar ist, melden Sie sich als Administrator an, oder bitten Sie den Sicherheitsadministrator um Unterstützung.

Elemente:
containerfile:C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\6\659f0946-20c0a725
file:C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\6\659f0946-20c0a725->ta/L.class
file:C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\6\659f0946-20c0a725->ta/ta.class
file:C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\6\659f0946-20c0a725->ta/tb.class

Lesen Sie im Internet weitere Informationen zu diesem Element.

Kategorie: Ausnutzen

Beschreibung: Dieses Programm ist gefährlich. Es nutzt die Sicherheitslücken eines Computers aus.

Empfohlene Aktion: Entfernen Sie diese Software unverzüglich.

Security Essentials hat Programme erkannt, die Ihre Privatsphäre gefährden oder Ihren Computer beschädigen könnten. Sie können auf die von diesen Programmen verwendeten Dateien weiterhin zugreifen, ohne sie zu entfernen (nicht empfohlen). Wählen Sie zum Zugreifen auf diese Dateien die Aktion "Zulassen" aus, und klicken Sie dann auf "Aktionen anwenden". Wenn diese Option nicht verfügbar ist, melden Sie sich als Administrator an, oder bitten Sie den Sicherheitsadministrator um Unterstützung.

Elemente:
file:C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\Main.class

Lesen Sie im Internet weitere Informationen zu diesem Element.

Im Anschluss erfolgte der Scan mit Malwarebytes:

Code:

ATTFilter

alwarebytes Anti-Malware (Test) 1.60.1.1000
www.malwarebytes.org

Datenbank Version: v2012.04.06.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
Administrator :: USER-017C622E09 [Administrator]

Schutz: Aktiviert

07.04.2012 07:34:48
mbam-log-2012-04-07 (07-34-48).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 223347
Laufzeit: 1 Stunde(n), 11 Minute(n), 49 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Und dann noch der ESET-Scan:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=22f117a7c8b7e14384fbe5ea14d93926
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-04-07 08:08:48
# local_time=2012-04-07 10:08:48 (+0100, Westeuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=5891 16776869 42 87 0 30656151 0 0
# compatibility_mode=8192 67108863 100 0 300 300 0 0
# scanned=50732
# found=2
# cleaned=0
# scan_time=4447
C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\11\45332a4b-5d4a28a7	multiple threats (unable to clean)	00000000000000000000000000000000	I
C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Mozilla\Firefox\Profiles\olth9wjy.default\Cache\A\BC\BB09Ad01	JS/Kryptik.LH trojan (unable to clean)	00000000000000000000000000000000	I

Gelöscht oder gemacht habe ich noch gar nichts. Die Dateien liegen im _OTL ordner auch noch auf C: vor... ist es dann nicht merkwürdig, dass Malwarebytes nichts findet?

cosinus · 07.04.2012, 17:41

Zitat:

Die Dateien liegen im _OTL ordner auch noch auf C: vor... ist es dann nicht merkwürdig, dass Malwarebytes nichts findet?

Daran ist nichts merkwürdig, das ist einfach der Q-Ordner von OTL! Und Schädlinge innerhalb einer ZIP-Datei sind was anderes als "direkt" auf der Platte liegende Schädlingsdateien.

Hätte da mal zwei Fragen bevor es weiter geht

1.) Geht der normale Modus wieder uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?

Jenniferle · 07.04.2012, 19:20

Ah ok, ich verstehe..

zu 1) ja, soweit alles wieder gut
zu 2) alles da und alles vorhanden

cosinus · 08.04.2012, 15:44

Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

ATTFilter

 hier steht das Log

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Setze oben mittig den Haken bei Scanne alle Benutzer
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet

Code:

ATTFilter

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf .
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

Jenniferle · 09.04.2012, 11:46

hier kommt die OTL.txt. die Extras.txt brauchtest du ja nicht oder?

Code:

ATTFilter

OTL logfile created on: 09.04.2012 12:08:37 - Run 1
OTL by OldTimer - Version 3.2.39.2     Folder = C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 1,36 Gb Available Physical Memory | 68,32% Memory free
3,33 Gb Paging File | 2,86 Gb Available in Paging File | 85,98% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 48,83 Gb Total Space | 30,57 Gb Free Space | 62,61% Space Free | Partition Type: NTFS
Drive D: | 100,21 Gb Total Space | 96,53 Gb Free Space | 96,33% Space Free | Partition Type: NTFS
 
Computer Name: USER-017C622E09 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.04.09 12:05:52 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads\OTL.exe
PRC - [2012.02.15 01:03:14 | 024,246,216 | ---- | M] (Dropbox, Inc.) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Dropbox\bin\Dropbox.exe
PRC - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.01.13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.10.24 22:32:00 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2011.06.15 15:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Security Client\msseces.exe
PRC - [2011.04.27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010.11.26 23:17:16 | 000,331,264 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Common Desktop Agent\CDASrv.exe
PRC - [2010.10.29 14:49:28 | 000,249,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2010.05.21 00:52:06 | 011,312,128 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.bin
PRC - [2010.05.21 00:52:04 | 011,318,784 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.exe
PRC - [2010.01.15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009.06.12 13:57:48 | 000,560,640 | ---- | M] (Thread Technology Co.,Ltd.) -- C:\Programme\Thread\SYDpresent.exe
PRC - [2008.04.14 09:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.06.24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll
MOD - [2011.06.24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll
MOD - [2010.11.26 23:17:20 | 000,049,664 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Common Desktop Agent\CDASrvPS.dll
MOD - [2010.11.26 23:17:16 | 000,331,264 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Common Desktop Agent\CDASrv.exe
MOD - [2010.07.30 07:43:28 | 000,026,624 | ---- | M] () -- C:\WINDOWS\system32\ssb6mlm.dll
MOD - [2010.05.04 15:36:28 | 000,970,752 | ---- | M] () -- C:\Programme\OpenOffice.org 3\program\libxml2.dll
MOD - [2009.01.12 16:13:50 | 000,088,576 | ---- | M] () -- C:\Programme\Thread\OSDDLL.dll
MOD - [2009.01.04 10:25:40 | 000,088,576 | ---- | M] () -- C:\Programme\Thread\ThreadACPI.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.10.24 22:32:00 | 000,055,144 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2011.04.27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010.01.15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2012.04.09 12:02:03 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{EC014BD1-A9FE-43ED-9C06-543202198459}\MpKsleaa9ba4b.sys -- (MpKsleaa9ba4b)
DRV - [2011.12.10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010.10.15 03:41:44 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\SSPORT.sys -- (SSPORT)
DRV - [2009.06.29 19:59:14 | 000,142,592 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009.06.03 12:16:38 | 005,085,696 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009.03.14 13:05:26 | 001,528,928 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2008.10.09 15:42:42 | 000,017,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2008.08.22 12:25:14 | 000,308,608 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rtl8187Se.sys -- (rtl8187Se)
DRV - [2008.08.05 14:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008.06.27 09:39:42 | 000,332,928 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8187.sys -- (RTLWUSB)
DRV - [2007.07.13 00:35:46 | 000,006,912 | ---- | M] (TPS Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\THREADACPI.sys -- (THREADACPI)
DRV - [2006.01.04 09:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1935655697-1004336348-527237240-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1935655697-1004336348-527237240-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.8.20100713041928
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.03.25 18:55:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.04.08 05:14:50 | 000,000,000 | ---D | M]
 
[2010.08.18 00:56:51 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Extensions
[2012.01.25 17:35:49 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\olth9wjy.default\extensions
[2012.01.25 17:35:49 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\olth9wjy.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011.12.30 23:42:06 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.03.25 18:55:50 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2011.02.02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2012.03.06 18:17:35 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.06 18:17:35 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.03.06 18:17:35 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.03.06 18:17:35 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.03.06 18:17:35 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.03.06 18:17:35 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012.04.07 07:47:15 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CDAServer] C:\Programme\Gemeinsame Dateien\Common Desktop Agent\CDASrv.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSC] C:\Programme\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Threadpresent] C:\Programme\Thread\SYDpresent.exe (Thread Technology Co.,Ltd.)
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] C:\Programme\Gemeinsame Dateien\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] C:\Programme\Gemeinsame Dateien\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart\Dropbox.lnk = C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart\OpenOffice.org 3.2.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk = C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1935655697-1004336348-527237240-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C0341F42-F7E6-4F0E-8305-E424D1D5EDE7}: DhcpNameServer = 192.168.123.254
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: 6to4 -  File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 2
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0
 
 
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offlinebrowsingpaket
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer-Hilfe
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsererweiterungen
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - Zugang zu MSN Site
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML-Datenbindung
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} - 
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer-Hauptschriftarten
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML-Hilfe
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
 
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.04.08 05:14:21 | 000,000,000 | ---D | C] -- C:\Programme\Adobe
[2012.04.08 05:13:34 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.04.07 08:49:41 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2012.04.07 07:47:14 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.04.07 06:18:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Malwarebytes
[2012.04.07 06:18:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.04.07 06:18:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.04.07 06:18:21 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.04.07 06:18:21 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2012.04.04 21:08:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2012.03.15 15:58:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Desktop\Material Esther
[2012.03.11 15:28:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\MAMA
[2012.03.11 12:14:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung
[2012.03.11 12:14:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Samsung
[2012.03.11 12:14:30 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Common Desktop Agent
[2012.03.11 12:14:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Samsung Printers
[2012.03.11 12:13:42 | 000,000,000 | ---D | C] -- C:\Programme\SamsungPrinterLiveUpdateInstaller
[2012.03.11 12:13:41 | 000,000,000 | ---D | C] -- C:\Programme\SamsungPrinterLiveUpdate
[2012.03.11 12:13:09 | 000,151,552 | ---- | C] (SS) -- C:\WINDOWS\System32\ssb6mci.exe
[2012.03.11 12:13:09 | 000,065,536 | ---- | C] (SS) -- C:\WINDOWS\System32\ssb6mci.dll
[2012.03.11 12:13:05 | 000,000,000 | ---D | C] -- C:\Programme\Samsung
[2012.03.11 12:12:08 | 000,000,000 | ---D | C] -- C:\Temp
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.04.09 12:06:44 | 000,000,416 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2012.04.09 12:03:06 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.04.09 12:01:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.04.08 05:14:50 | 000,001,709 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader 9.lnk
[2012.04.07 11:34:02 | 000,000,211 | ---- | M] () -- C:\boot.ini
[2012.04.07 06:18:37 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.03.16 09:58:15 | 000,285,312 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.03.14 20:40:32 | 003,219,696 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\Wenn Jesus ruft zu Tisch.MPG.mp3
[2012.03.14 08:32:31 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.04.08 05:14:50 | 000,002,295 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Reader 9.lnk
[2012.04.08 05:14:50 | 000,001,709 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader 9.lnk
[2012.04.07 06:18:37 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.03.14 20:40:29 | 003,219,696 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\Wenn Jesus ruft zu Tisch.MPG.mp3
[2012.03.11 12:13:09 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\ssb6mlm.dll
[2012.03.11 12:13:09 | 000,000,361 | ---- | C] () -- C:\WINDOWS\System32\ssb6mlm.smt
[2012.03.11 12:13:07 | 000,091,442 | ---- | C] () -- C:\WINDOWS\ssb6mA4.prn
[2012.03.11 12:13:07 | 000,085,342 | ---- | C] () -- C:\WINDOWS\ssb6mLTR.prn
[2012.02.16 14:55:52 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2010.11.26 23:16:56 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\CDASpl.dll
[2010.10.25 00:33:43 | 000,006,656 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.08 18:34:58 | 000,000,425 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2010.10.08 18:34:58 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2010.08.18 00:56:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
 
========== LOP Check ==========
 
[2012.04.09 12:02:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Dropbox
[2010.08.18 19:11:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\OpenOffice.org
[2012.03.11 12:14:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Samsung
[2012.03.11 12:14:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung
[2011.07.12 21:30:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012.04.09 12:06:44 | 000,000,416 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010.08.22 16:33:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Adobe
[2011.12.31 00:07:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Apple Computer
[2010.10.08 18:41:01 | 000,000,000 | R--D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Brother
[2012.04.09 12:02:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Dropbox
[2012.01.10 12:49:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\dvdcss
[2009.07.19 18:54:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Identities
[2009.09.23 22:09:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\InstallShield
[2010.08.18 18:48:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Macromedia
[2012.04.07 06:18:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Malwarebytes
[2009.03.09 03:13:28 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft
[2010.08.18 00:56:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla
[2010.08.18 19:11:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\OpenOffice.org
[2012.03.11 12:14:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Samsung
[2010.08.18 19:04:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Sun
[2012.03.14 20:43:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\vlc
 
< %APPDATA%\*.exe /s >
[2012.02.15 01:03:14 | 024,246,216 | ---- | M] (Dropbox, Inc.) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Dropbox\bin\Dropbox.exe
[2012.02.15 01:03:44 | 000,174,752 | ---- | M] (Dropbox, Inc.) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Dropbox\bin\Uninstall.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2008.04.14 10:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2008.04.14 10:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 02:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2008.04.14 09:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 09:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
 
< MD5 for: NETLOGON.DLL  >
[2008.04.14 09:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 09:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
 
< MD5 for: SCECLI.DLL  >
[2008.04.14 09:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 09:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.04.14 09:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\dllcache\user32.dll
[2008.04.14 09:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.04.14 09:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 09:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.01.13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 09:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 09:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2006.02.28 16:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2006.02.28 16:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2009.07.19 20:34:45 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009.07.19 20:34:44 | 001,089,536 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009.07.19 20:34:44 | 000,450,560 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[6 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< End of report >

cosinus · 09.04.2012, 17:19

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C

nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

Jenniferle · 15.04.2012, 14:22

sorry, hatte die Woche auf der arbeit superviel Stress und bin erst heute dazu gekommen, ich hoffe, du schaust nochmal rein bei zeiten!

hier der report des letzten schrittes:

Code:

ATTFilter

15:15:19.0843 4052	TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
15:15:19.0953 4052	============================================================
15:15:19.0953 4052	Current date / time: 2012/04/15 15:15:19.0953
15:15:19.0953 4052	SystemInfo:
15:15:19.0953 4052	
15:15:19.0953 4052	OS Version: 5.1.2600 ServicePack: 3.0
15:15:19.0953 4052	Product type: Workstation
15:15:19.0953 4052	ComputerName: USER-017C622E09
15:15:19.0953 4052	UserName: Administrator
15:15:19.0953 4052	Windows directory: C:\WINDOWS
15:15:19.0953 4052	System windows directory: C:\WINDOWS
15:15:19.0953 4052	Processor architecture: Intel x86
15:15:19.0953 4052	Number of processors: 2
15:15:19.0953 4052	Page size: 0x1000
15:15:19.0953 4052	Boot type: Normal boot
15:15:19.0953 4052	============================================================
15:15:21.0468 4052	Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
15:15:21.0468 4052	\Device\Harddisk0\DR0:
15:15:21.0468 4052	MBR used
15:15:21.0468 4052	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A7927
15:15:21.0484 4052	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x61A79A5, BlocksNum 0xC86D25B
15:15:21.0562 4052	Initialize success
15:15:21.0562 4052	============================================================
15:15:44.0359 1964	============================================================
15:15:44.0359 1964	Scan started
15:15:44.0359 1964	Mode: Manual; SigCheck; TDLFS; 
15:15:44.0359 1964	============================================================
15:15:44.0687 1964	Abiosdsk - ok
15:15:44.0718 1964	abp480n5 - ok
15:15:44.0765 1964	ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:15:44.0921 1964	ACPI ( UnsignedFile.Multi.Generic ) - warning
15:15:44.0937 1964	ACPI - detected UnsignedFile.Multi.Generic (1)
15:15:44.0953 1964	ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
15:15:44.0968 1964	ACPIEC ( UnsignedFile.Multi.Generic ) - warning
15:15:44.0968 1964	ACPIEC - detected UnsignedFile.Multi.Generic (1)
15:15:44.0984 1964	adpu160m - ok
15:15:45.0031 1964	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
15:15:45.0046 1964	aec ( UnsignedFile.Multi.Generic ) - warning
15:15:45.0046 1964	aec - detected UnsignedFile.Multi.Generic (1)
15:15:45.0093 1964	AFD             (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
15:15:45.0171 1964	AFD - ok
15:15:45.0171 1964	Aha154x - ok
15:15:45.0187 1964	aic78u2 - ok
15:15:45.0203 1964	aic78xx - ok
15:15:45.0234 1964	Alerter         (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
15:15:45.0234 1964	Alerter ( UnsignedFile.Multi.Generic ) - warning
15:15:45.0234 1964	Alerter - detected UnsignedFile.Multi.Generic (1)
15:15:45.0265 1964	ALG             (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
15:15:45.0265 1964	ALG ( UnsignedFile.Multi.Generic ) - warning
15:15:45.0265 1964	ALG - detected UnsignedFile.Multi.Generic (1)
15:15:45.0281 1964	AliIde - ok
15:15:45.0359 1964	Ambfilt         (f6af59d6eee5e1c304f7f73706ad11d8) C:\WINDOWS\system32\drivers\Ambfilt.sys
15:15:45.0484 1964	Ambfilt ( UnsignedFile.Multi.Generic ) - warning
15:15:45.0484 1964	Ambfilt - detected UnsignedFile.Multi.Generic (1)
15:15:45.0500 1964	amsint - ok
15:15:45.0578 1964	Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:15:45.0593 1964	Apple Mobile Device - ok
15:15:45.0625 1964	AppMgmt         (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
15:15:45.0640 1964	AppMgmt ( UnsignedFile.Multi.Generic ) - warning
15:15:45.0640 1964	AppMgmt - detected UnsignedFile.Multi.Generic (1)
15:15:45.0718 1964	AR5416          (e0ee769d14128014965e03b433f5f46e) C:\WINDOWS\system32\DRIVERS\athw.sys
15:15:45.0859 1964	AR5416 ( UnsignedFile.Multi.Generic ) - warning
15:15:45.0859 1964	AR5416 - detected UnsignedFile.Multi.Generic (1)
15:15:45.0875 1964	asc - ok
15:15:45.0890 1964	asc3350p - ok
15:15:45.0921 1964	asc3550 - ok
15:15:45.0953 1964	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:15:45.0968 1964	AsyncMac ( UnsignedFile.Multi.Generic ) - warning
15:15:45.0968 1964	AsyncMac - detected UnsignedFile.Multi.Generic (1)
15:15:46.0000 1964	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
15:15:46.0015 1964	atapi ( UnsignedFile.Multi.Generic ) - warning
15:15:46.0015 1964	atapi - detected UnsignedFile.Multi.Generic (1)
15:15:46.0031 1964	Atdisk - ok
15:15:46.0046 1964	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:15:46.0062 1964	Atmarpc ( UnsignedFile.Multi.Generic ) - warning
15:15:46.0062 1964	Atmarpc - detected UnsignedFile.Multi.Generic (1)
15:15:46.0093 1964	AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
15:15:46.0109 1964	AudioSrv ( UnsignedFile.Multi.Generic ) - warning
15:15:46.0109 1964	AudioSrv - detected UnsignedFile.Multi.Generic (1)
15:15:46.0156 1964	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
15:15:46.0156 1964	audstub ( UnsignedFile.Multi.Generic ) - warning
15:15:46.0156 1964	audstub - detected UnsignedFile.Multi.Generic (1)
15:15:46.0187 1964	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
15:15:46.0187 1964	Beep ( UnsignedFile.Multi.Generic ) - warning
15:15:46.0187 1964	Beep - detected UnsignedFile.Multi.Generic (1)
15:15:46.0265 1964	BITS            (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
15:15:46.0328 1964	BITS ( UnsignedFile.Multi.Generic ) - warning
15:15:46.0328 1964	BITS - detected UnsignedFile.Multi.Generic (1)
15:15:46.0437 1964	Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Programme\Bonjour\mDNSResponder.exe
15:15:46.0500 1964	Bonjour Service - ok
15:15:46.0546 1964	Browser         (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
15:15:46.0562 1964	Browser ( UnsignedFile.Multi.Generic ) - warning
15:15:46.0562 1964	Browser - detected UnsignedFile.Multi.Generic (1)
15:15:46.0593 1964	BrScnUsb        (92a964547b96d697e5e9ed43b4297f5a) C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys
15:15:46.0656 1964	BrScnUsb - ok
15:15:46.0687 1964	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
15:15:46.0687 1964	cbidf2k ( UnsignedFile.Multi.Generic ) - warning
15:15:46.0687 1964	cbidf2k - detected UnsignedFile.Multi.Generic (1)
15:15:46.0734 1964	CCDECODE        (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
15:15:46.0750 1964	CCDECODE ( UnsignedFile.Multi.Generic ) - warning
15:15:46.0750 1964	CCDECODE - detected UnsignedFile.Multi.Generic (1)
15:15:46.0750 1964	cd20xrnt - ok
15:15:46.0796 1964	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
15:15:46.0812 1964	Cdaudio ( UnsignedFile.Multi.Generic ) - warning
15:15:46.0812 1964	Cdaudio - detected UnsignedFile.Multi.Generic (1)
15:15:46.0843 1964	Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
15:15:46.0859 1964	Cdfs ( UnsignedFile.Multi.Generic ) - warning
15:15:46.0859 1964	Cdfs - detected UnsignedFile.Multi.Generic (1)
15:15:46.0890 1964	Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\drivers\Cdrom.sys
15:15:46.0906 1964	Cdrom ( UnsignedFile.Multi.Generic ) - warning
15:15:46.0906 1964	Cdrom - detected UnsignedFile.Multi.Generic (1)
15:15:46.0921 1964	Changer - ok
15:15:46.0953 1964	CiSvc           (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
15:15:46.0953 1964	CiSvc ( UnsignedFile.Multi.Generic ) - warning
15:15:46.0953 1964	CiSvc - detected UnsignedFile.Multi.Generic (1)
15:15:46.0984 1964	ClipSrv         (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
15:15:47.0000 1964	ClipSrv ( UnsignedFile.Multi.Generic ) - warning
15:15:47.0000 1964	ClipSrv - detected UnsignedFile.Multi.Generic (1)
15:15:47.0031 1964	CmBatt          (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
15:15:47.0031 1964	CmBatt ( UnsignedFile.Multi.Generic ) - warning
15:15:47.0031 1964	CmBatt - detected UnsignedFile.Multi.Generic (1)
15:15:47.0046 1964	CmdIde - ok
15:15:47.0062 1964	Compbatt        (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
15:15:47.0078 1964	Compbatt ( UnsignedFile.Multi.Generic ) - warning
15:15:47.0078 1964	Compbatt - detected UnsignedFile.Multi.Generic (1)
15:15:47.0078 1964	COMSysApp - ok
15:15:47.0109 1964	Cpqarray - ok
15:15:47.0140 1964	CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
15:15:47.0140 1964	CryptSvc ( UnsignedFile.Multi.Generic ) - warning
15:15:47.0140 1964	CryptSvc - detected UnsignedFile.Multi.Generic (1)
15:15:47.0156 1964	dac2w2k - ok
15:15:47.0171 1964	dac960nt - ok
15:15:47.0218 1964	DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
15:15:47.0265 1964	DcomLaunch - ok
15:15:47.0296 1964	Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
15:15:47.0328 1964	Dhcp ( UnsignedFile.Multi.Generic ) - warning
15:15:47.0328 1964	Dhcp - detected UnsignedFile.Multi.Generic (1)
15:15:47.0343 1964	Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
15:15:47.0359 1964	Disk ( UnsignedFile.Multi.Generic ) - warning
15:15:47.0359 1964	Disk - detected UnsignedFile.Multi.Generic (1)
15:15:47.0375 1964	dmadmin - ok
15:15:47.0421 1964	dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
15:15:47.0484 1964	dmboot ( UnsignedFile.Multi.Generic ) - warning
15:15:47.0484 1964	dmboot - detected UnsignedFile.Multi.Generic (1)
15:15:47.0500 1964	dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
15:15:47.0515 1964	dmio ( UnsignedFile.Multi.Generic ) - warning
15:15:47.0515 1964	dmio - detected UnsignedFile.Multi.Generic (1)
15:15:47.0531 1964	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
15:15:47.0546 1964	dmload ( UnsignedFile.Multi.Generic ) - warning
15:15:47.0546 1964	dmload - detected UnsignedFile.Multi.Generic (1)
15:15:47.0578 1964	dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
15:15:47.0578 1964	dmserver ( UnsignedFile.Multi.Generic ) - warning
15:15:47.0578 1964	dmserver - detected UnsignedFile.Multi.Generic (1)
15:15:47.0625 1964	DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
15:15:47.0640 1964	DMusic ( UnsignedFile.Multi.Generic ) - warning
15:15:47.0640 1964	DMusic - detected UnsignedFile.Multi.Generic (1)
15:15:47.0671 1964	Dnscache        (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
15:15:47.0703 1964	Dnscache - ok
15:15:47.0734 1964	Dot3svc         (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
15:15:47.0750 1964	Dot3svc ( UnsignedFile.Multi.Generic ) - warning
15:15:47.0750 1964	Dot3svc - detected UnsignedFile.Multi.Generic (1)
15:15:47.0765 1964	dpti2o - ok
15:15:47.0812 1964	drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
15:15:47.0812 1964	drmkaud ( UnsignedFile.Multi.Generic ) - warning
15:15:47.0812 1964	drmkaud - detected UnsignedFile.Multi.Generic (1)
15:15:47.0859 1964	EapHost         (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
15:15:47.0875 1964	EapHost ( UnsignedFile.Multi.Generic ) - warning
15:15:47.0875 1964	EapHost - detected UnsignedFile.Multi.Generic (1)
15:15:47.0906 1964	ERSvc           (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
15:15:47.0921 1964	ERSvc ( UnsignedFile.Multi.Generic ) - warning
15:15:47.0921 1964	ERSvc - detected UnsignedFile.Multi.Generic (1)
15:15:47.0968 1964	Eventlog        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
15:15:48.0000 1964	Eventlog - ok
15:15:48.0046 1964	EventSystem     (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
15:15:48.0093 1964	EventSystem - ok
15:15:48.0125 1964	Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
15:15:48.0140 1964	Fastfat ( UnsignedFile.Multi.Generic ) - warning
15:15:48.0140 1964	Fastfat - detected UnsignedFile.Multi.Generic (1)
15:15:48.0187 1964	FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
15:15:48.0218 1964	FastUserSwitchingCompatibility - ok
15:15:48.0234 1964	Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
15:15:48.0250 1964	Fdc ( UnsignedFile.Multi.Generic ) - warning
15:15:48.0250 1964	Fdc - detected UnsignedFile.Multi.Generic (1)
15:15:48.0265 1964	Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
15:15:48.0281 1964	Fips ( UnsignedFile.Multi.Generic ) - warning
15:15:48.0281 1964	Fips - detected UnsignedFile.Multi.Generic (1)
15:15:48.0296 1964	Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
15:15:48.0296 1964	Flpydisk ( UnsignedFile.Multi.Generic ) - warning
15:15:48.0296 1964	Flpydisk - detected UnsignedFile.Multi.Generic (1)
15:15:48.0343 1964	FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
15:15:48.0359 1964	FltMgr ( UnsignedFile.Multi.Generic ) - warning
15:15:48.0359 1964	FltMgr - detected UnsignedFile.Multi.Generic (1)
15:15:48.0375 1964	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:15:48.0390 1964	Fs_Rec ( UnsignedFile.Multi.Generic ) - warning
15:15:48.0390 1964	Fs_Rec - detected UnsignedFile.Multi.Generic (1)
15:15:48.0406 1964	Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:15:48.0406 1964	Ftdisk ( UnsignedFile.Multi.Generic ) - warning
15:15:48.0406 1964	Ftdisk - detected UnsignedFile.Multi.Generic (1)
15:15:48.0437 1964	GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
15:15:48.0453 1964	GEARAspiWDM - ok
15:15:48.0484 1964	Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:15:48.0500 1964	Gpc ( UnsignedFile.Multi.Generic ) - warning
15:15:48.0500 1964	Gpc - detected UnsignedFile.Multi.Generic (1)
15:15:48.0515 1964	HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:15:48.0531 1964	HDAudBus ( UnsignedFile.Multi.Generic ) - warning
15:15:48.0531 1964	HDAudBus - detected UnsignedFile.Multi.Generic (1)
15:15:48.0546 1964	helpsvc         (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:15:48.0562 1964	helpsvc ( UnsignedFile.Multi.Generic ) - warning
15:15:48.0562 1964	helpsvc - detected UnsignedFile.Multi.Generic (1)
15:15:48.0562 1964	HidServ - ok
15:15:48.0609 1964	HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:15:48.0625 1964	HidUsb ( UnsignedFile.Multi.Generic ) - warning
15:15:48.0625 1964	HidUsb - detected UnsignedFile.Multi.Generic (1)
15:15:48.0656 1964	hkmsvc          (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
15:15:48.0656 1964	hkmsvc ( UnsignedFile.Multi.Generic ) - warning
15:15:48.0656 1964	hkmsvc - detected UnsignedFile.Multi.Generic (1)
15:15:48.0671 1964	hpn - ok
15:15:48.0718 1964	HTTP            (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
15:15:48.0718 1964	HTTP ( UnsignedFile.Multi.Generic ) - warning
15:15:48.0718 1964	HTTP - detected UnsignedFile.Multi.Generic (1)
15:15:48.0765 1964	HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
15:15:48.0796 1964	HTTPFilter ( UnsignedFile.Multi.Generic ) - warning
15:15:48.0796 1964	HTTPFilter - detected UnsignedFile.Multi.Generic (1)
15:15:48.0796 1964	i2omgmt - ok
15:15:48.0812 1964	i2omp - ok
15:15:48.0843 1964	i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:15:48.0843 1964	i8042prt ( UnsignedFile.Multi.Generic ) - warning
15:15:48.0843 1964	i8042prt - detected UnsignedFile.Multi.Generic (1)
15:15:49.0109 1964	ialm            (48846b31be5a4fa662ccfde7a1ba86b9) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
15:15:50.0062 1964	ialm ( UnsignedFile.Multi.Generic ) - warning
15:15:50.0062 1964	ialm - detected UnsignedFile.Multi.Generic (1)
15:15:50.0203 1964	Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\drivers\Imapi.sys
15:15:50.0203 1964	Imapi ( UnsignedFile.Multi.Generic ) - warning
15:15:50.0203 1964	Imapi - detected UnsignedFile.Multi.Generic (1)
15:15:50.0234 1964	ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
15:15:50.0234 1964	ImapiService ( UnsignedFile.Multi.Generic ) - warning
15:15:50.0234 1964	ImapiService - detected UnsignedFile.Multi.Generic (1)
15:15:50.0250 1964	ini910u - ok
15:15:50.0468 1964	IntcAzAudAddService (588391c5bb6e2bed467f58ce3a6fa81e) C:\WINDOWS\system32\drivers\RtkHDAud.sys
15:15:50.0781 1964	IntcAzAudAddService ( UnsignedFile.Multi.Generic ) - warning
15:15:50.0781 1964	IntcAzAudAddService - detected UnsignedFile.Multi.Generic (1)
15:15:50.0796 1964	IntelIde - ok
15:15:50.0828 1964	intelppm        (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:15:50.0843 1964	intelppm ( UnsignedFile.Multi.Generic ) - warning
15:15:50.0843 1964	intelppm - detected UnsignedFile.Multi.Generic (1)
15:15:50.0859 1964	Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
15:15:50.0875 1964	Ip6Fw ( UnsignedFile.Multi.Generic ) - warning
15:15:50.0875 1964	Ip6Fw - detected UnsignedFile.Multi.Generic (1)
15:15:50.0906 1964	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:15:50.0906 1964	IpFilterDriver ( UnsignedFile.Multi.Generic ) - warning
15:15:50.0906 1964	IpFilterDriver - detected UnsignedFile.Multi.Generic (1)
15:15:50.0921 1964	IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:15:50.0921 1964	IpInIp ( UnsignedFile.Multi.Generic ) - warning
15:15:50.0921 1964	IpInIp - detected UnsignedFile.Multi.Generic (1)
15:15:50.0953 1964	IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:15:50.0968 1964	IpNat ( UnsignedFile.Multi.Generic ) - warning
15:15:50.0968 1964	IpNat - detected UnsignedFile.Multi.Generic (1)
15:15:51.0046 1964	iPod Service    (178fe38b7740f598391eb2f51ae4ccac) C:\Programme\iPod\bin\iPodService.exe
15:15:51.0125 1964	iPod Service - ok
15:15:51.0140 1964	IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:15:51.0171 1964	IPSec ( UnsignedFile.Multi.Generic ) - warning
15:15:51.0171 1964	IPSec - detected UnsignedFile.Multi.Generic (1)
15:15:51.0203 1964	IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
15:15:51.0218 1964	IRENUM ( UnsignedFile.Multi.Generic ) - warning
15:15:51.0218 1964	IRENUM - detected UnsignedFile.Multi.Generic (1)
15:15:51.0265 1964	isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:15:51.0265 1964	isapnp ( UnsignedFile.Multi.Generic ) - warning
15:15:51.0265 1964	isapnp - detected UnsignedFile.Multi.Generic (1)
15:15:51.0328 1964	JavaQuickStarterService (5e06a9d23727daf96faa796f1135fdcd) C:\Programme\Java\jre6\bin\jqs.exe
15:15:51.0343 1964	JavaQuickStarterService - ok
15:15:51.0375 1964	Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:15:51.0406 1964	Kbdclass ( UnsignedFile.Multi.Generic ) - warning
15:15:51.0406 1964	Kbdclass - detected UnsignedFile.Multi.Generic (1)
15:15:51.0437 1964	kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
15:15:51.0437 1964	kmixer ( UnsignedFile.Multi.Generic ) - warning
15:15:51.0437 1964	kmixer - detected UnsignedFile.Multi.Generic (1)
15:15:51.0484 1964	KMWDFILTER      (566c5fd480fdbce3ba5cf9fbcffaea9a) C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys
15:15:51.0515 1964	KMWDFILTER - ok
15:15:51.0546 1964	KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
15:15:51.0562 1964	KSecDD ( UnsignedFile.Multi.Generic ) - warning
15:15:51.0562 1964	KSecDD - detected UnsignedFile.Multi.Generic (1)
15:15:51.0609 1964	LanmanServer    (d6eb4916b203cbe525f8eff5fd5ab16c) C:\WINDOWS\System32\srvsvc.dll
15:15:51.0640 1964	LanmanServer ( UnsignedFile.Multi.Generic ) - warning
15:15:51.0640 1964	LanmanServer - detected UnsignedFile.Multi.Generic (1)
15:15:51.0687 1964	lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
15:15:51.0718 1964	lanmanworkstation - ok
15:15:51.0734 1964	lbrtfdc - ok
15:15:51.0781 1964	LmHosts         (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
15:15:51.0796 1964	LmHosts ( UnsignedFile.Multi.Generic ) - warning
15:15:51.0796 1964	LmHosts - detected UnsignedFile.Multi.Generic (1)
15:15:51.0843 1964	MBAMProtector   (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys
15:15:51.0953 1964	MBAMProtector - ok
15:15:52.0062 1964	MBAMService     (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
15:15:52.0140 1964	MBAMService - ok
15:15:52.0218 1964	McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe
15:15:52.0250 1964	McComponentHostService - ok
15:15:52.0296 1964	Messenger       (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
15:15:52.0296 1964	Messenger ( UnsignedFile.Multi.Generic ) - warning
15:15:52.0296 1964	Messenger - detected UnsignedFile.Multi.Generic (1)
15:15:52.0328 1964	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
15:15:52.0343 1964	mnmdd ( UnsignedFile.Multi.Generic ) - warning
15:15:52.0343 1964	mnmdd - detected UnsignedFile.Multi.Generic (1)
15:15:52.0390 1964	mnmsrvc         (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
15:15:52.0390 1964	mnmsrvc ( UnsignedFile.Multi.Generic ) - warning
15:15:52.0390 1964	mnmsrvc - detected UnsignedFile.Multi.Generic (1)
15:15:52.0437 1964	Modem           (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
15:15:52.0453 1964	Modem ( UnsignedFile.Multi.Generic ) - warning
15:15:52.0453 1964	Modem - detected UnsignedFile.Multi.Generic (1)
15:15:52.0531 1964	Monfilt         (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\Monfilt.sys
15:15:52.0640 1964	Monfilt ( UnsignedFile.Multi.Generic ) - warning
15:15:52.0656 1964	Monfilt - detected UnsignedFile.Multi.Generic (1)
15:15:52.0687 1964	Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:15:52.0687 1964	Mouclass ( UnsignedFile.Multi.Generic ) - warning
15:15:52.0687 1964	Mouclass - detected UnsignedFile.Multi.Generic (1)
15:15:52.0703 1964	mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:15:52.0718 1964	mouhid ( UnsignedFile.Multi.Generic ) - warning
15:15:52.0718 1964	mouhid - detected UnsignedFile.Multi.Generic (1)
15:15:52.0750 1964	MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
15:15:52.0750 1964	MountMgr ( UnsignedFile.Multi.Generic ) - warning
15:15:52.0750 1964	MountMgr - detected UnsignedFile.Multi.Generic (1)
15:15:52.0781 1964	MpFilter        (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
15:15:52.0828 1964	MpFilter - ok
15:15:52.0937 1964	MpKsl0e6b0031   (a69630d039c38018689190234f866d77) C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{BA8643C3-AE08-419A-A05B-723DB7B475F8}\MpKsl0e6b0031.sys
15:15:52.0953 1964	MpKsl0e6b0031 - ok
15:15:52.0968 1964	mraid35x - ok
15:15:52.0984 1964	MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:15:53.0000 1964	MRxDAV ( UnsignedFile.Multi.Generic ) - warning
15:15:53.0000 1964	MRxDAV - detected UnsignedFile.Multi.Generic (1)
15:15:53.0046 1964	MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:15:53.0093 1964	MRxSmb - ok
15:15:53.0140 1964	MSDTC           (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
15:15:53.0140 1964	MSDTC ( UnsignedFile.Multi.Generic ) - warning
15:15:53.0140 1964	MSDTC - detected UnsignedFile.Multi.Generic (1)
15:15:53.0156 1964	Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
15:15:53.0171 1964	Msfs ( UnsignedFile.Multi.Generic ) - warning
15:15:53.0171 1964	Msfs - detected UnsignedFile.Multi.Generic (1)
15:15:53.0171 1964	MSIServer - ok
15:15:53.0218 1964	MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:15:53.0234 1964	MSKSSRV ( UnsignedFile.Multi.Generic ) - warning
15:15:53.0234 1964	MSKSSRV - detected UnsignedFile.Multi.Generic (1)
15:15:53.0343 1964	MsMpSvc         (cfce43b70ca0cc4dcc8adb62b792b173) C:\Programme\Microsoft Security Client\Antimalware\MsMpEng.exe
15:15:53.0390 1964	MsMpSvc - ok
15:15:53.0406 1964	MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:15:53.0421 1964	MSPCLOCK ( UnsignedFile.Multi.Generic ) - warning
15:15:53.0421 1964	MSPCLOCK - detected UnsignedFile.Multi.Generic (1)
15:15:53.0437 1964	MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
15:15:53.0453 1964	MSPQM ( UnsignedFile.Multi.Generic ) - warning
15:15:53.0453 1964	MSPQM - detected UnsignedFile.Multi.Generic (1)
15:15:53.0500 1964	mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:15:53.0500 1964	mssmbios ( UnsignedFile.Multi.Generic ) - warning
15:15:53.0500 1964	mssmbios - detected UnsignedFile.Multi.Generic (1)
15:15:53.0531 1964	MSTEE           (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
15:15:53.0546 1964	MSTEE ( UnsignedFile.Multi.Generic ) - warning
15:15:53.0546 1964	MSTEE - detected UnsignedFile.Multi.Generic (1)
15:15:53.0578 1964	Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
15:15:53.0625 1964	Mup - ok
15:15:53.0656 1964	NABTSFEC        (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
15:15:53.0671 1964	NABTSFEC ( UnsignedFile.Multi.Generic ) - warning
15:15:53.0671 1964	NABTSFEC - detected UnsignedFile.Multi.Generic (1)
15:15:53.0718 1964	napagent        (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
15:15:53.0765 1964	napagent ( UnsignedFile.Multi.Generic ) - warning
15:15:53.0765 1964	napagent - detected UnsignedFile.Multi.Generic (1)
15:15:53.0812 1964	NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
15:15:53.0843 1964	NDIS ( UnsignedFile.Multi.Generic ) - warning
15:15:53.0843 1964	NDIS - detected UnsignedFile.Multi.Generic (1)
15:15:53.0859 1964	NdisIP          (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
15:15:53.0875 1964	NdisIP ( UnsignedFile.Multi.Generic ) - warning
15:15:53.0875 1964	NdisIP - detected UnsignedFile.Multi.Generic (1)
15:15:53.0906 1964	NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:15:53.0953 1964	NdisTapi - ok
15:15:53.0968 1964	Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:15:53.0984 1964	Ndisuio ( UnsignedFile.Multi.Generic ) - warning
15:15:53.0984 1964	Ndisuio - detected UnsignedFile.Multi.Generic (1)
15:15:54.0000 1964	NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:15:54.0015 1964	NdisWan ( UnsignedFile.Multi.Generic ) - warning
15:15:54.0015 1964	NdisWan - detected UnsignedFile.Multi.Generic (1)
15:15:54.0046 1964	NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
15:15:54.0062 1964	NDProxy - ok
15:15:54.0078 1964	NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
15:15:54.0093 1964	NetBIOS ( UnsignedFile.Multi.Generic ) - warning
15:15:54.0093 1964	NetBIOS - detected UnsignedFile.Multi.Generic (1)
15:15:54.0109 1964	NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
15:15:54.0125 1964	NetBT ( UnsignedFile.Multi.Generic ) - warning
15:15:54.0125 1964	NetBT - detected UnsignedFile.Multi.Generic (1)
15:15:54.0156 1964	NetDDE          (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
15:15:54.0171 1964	NetDDE ( UnsignedFile.Multi.Generic ) - warning
15:15:54.0171 1964	NetDDE - detected UnsignedFile.Multi.Generic (1)
15:15:54.0171 1964	NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
15:15:54.0187 1964	NetDDEdsdm ( UnsignedFile.Multi.Generic ) - warning
15:15:54.0187 1964	NetDDEdsdm - detected UnsignedFile.Multi.Generic (1)
15:15:54.0218 1964	Netlogon        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
15:15:54.0218 1964	Netlogon ( UnsignedFile.Multi.Generic ) - warning
15:15:54.0218 1964	Netlogon - detected UnsignedFile.Multi.Generic (1)
15:15:54.0250 1964	Netman          (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
15:15:54.0265 1964	Netman ( UnsignedFile.Multi.Generic ) - warning
15:15:54.0265 1964	Netman - detected UnsignedFile.Multi.Generic (1)
15:15:54.0312 1964	Nla             (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
15:15:54.0343 1964	Nla - ok
15:15:54.0343 1964	Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
15:15:54.0359 1964	Npfs ( UnsignedFile.Multi.Generic ) - warning
15:15:54.0359 1964	Npfs - detected UnsignedFile.Multi.Generic (1)
15:15:54.0390 1964	Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
15:15:54.0437 1964	Ntfs ( UnsignedFile.Multi.Generic ) - warning
15:15:54.0437 1964	Ntfs - detected UnsignedFile.Multi.Generic (1)
15:15:54.0437 1964	NtLmSsp         (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
15:15:54.0453 1964	NtLmSsp ( UnsignedFile.Multi.Generic ) - warning
15:15:54.0453 1964	NtLmSsp - detected UnsignedFile.Multi.Generic (1)
15:15:54.0484 1964	NtmsSvc         (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
15:15:54.0515 1964	NtmsSvc ( UnsignedFile.Multi.Generic ) - warning
15:15:54.0515 1964	NtmsSvc - detected UnsignedFile.Multi.Generic (1)
15:15:54.0562 1964	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
15:15:54.0562 1964	Null ( UnsignedFile.Multi.Generic ) - warning
15:15:54.0562 1964	Null - detected UnsignedFile.Multi.Generic (1)
15:15:54.0593 1964	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:15:54.0593 1964	NwlnkFlt ( UnsignedFile.Multi.Generic ) - warning
15:15:54.0593 1964	NwlnkFlt - detected UnsignedFile.Multi.Generic (1)
15:15:54.0750 1964	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:15:54.0750 1964	NwlnkFwd ( UnsignedFile.Multi.Generic ) - warning
15:15:54.0750 1964	NwlnkFwd - detected UnsignedFile.Multi.Generic (1)
15:15:54.0828 1964	Parport         (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\drivers\Parport.sys
15:15:54.0828 1964	Parport ( UnsignedFile.Multi.Generic ) - warning
15:15:54.0828 1964	Parport - detected UnsignedFile.Multi.Generic (1)
15:15:54.0843 1964	PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
15:15:54.0859 1964	PartMgr ( UnsignedFile.Multi.Generic ) - warning
15:15:54.0859 1964	PartMgr - detected UnsignedFile.Multi.Generic (1)
15:15:54.0875 1964	ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
15:15:54.0890 1964	ParVdm ( UnsignedFile.Multi.Generic ) - warning
15:15:54.0890 1964	ParVdm - detected UnsignedFile.Multi.Generic (1)
15:15:54.0906 1964	PCI             (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
15:15:54.0906 1964	PCI ( UnsignedFile.Multi.Generic ) - warning
15:15:54.0906 1964	PCI - detected UnsignedFile.Multi.Generic (1)
15:15:54.0921 1964	PCIDump - ok
15:15:54.0937 1964	PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
15:15:54.0968 1964	PCIIde ( UnsignedFile.Multi.Generic ) - warning
15:15:54.0968 1964	PCIIde - detected UnsignedFile.Multi.Generic (1)
15:15:54.0984 1964	Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
15:15:55.0000 1964	Pcmcia ( UnsignedFile.Multi.Generic ) - warning
15:15:55.0000 1964	Pcmcia - detected UnsignedFile.Multi.Generic (1)
15:15:55.0015 1964	PDCOMP - ok
15:15:55.0015 1964	PDFRAME - ok
15:15:55.0031 1964	PDRELI - ok
15:15:55.0046 1964	PDRFRAME - ok
15:15:55.0062 1964	perc2 - ok
15:15:55.0078 1964	perc2hib - ok
15:15:55.0140 1964	PlugPlay        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
15:15:55.0171 1964	PlugPlay - ok
15:15:55.0203 1964	PolicyAgent     (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
15:15:55.0218 1964	PolicyAgent ( UnsignedFile.Multi.Generic ) - warning
15:15:55.0218 1964	PolicyAgent - detected UnsignedFile.Multi.Generic (1)
15:15:55.0250 1964	PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:15:55.0250 1964	PptpMiniport ( UnsignedFile.Multi.Generic ) - warning
15:15:55.0250 1964	PptpMiniport - detected UnsignedFile.Multi.Generic (1)
15:15:55.0265 1964	ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
15:15:55.0281 1964	ProtectedStorage ( UnsignedFile.Multi.Generic ) - warning
15:15:55.0281 1964	ProtectedStorage - detected UnsignedFile.Multi.Generic (1)
15:15:55.0296 1964	PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
15:15:55.0296 1964	PSched ( UnsignedFile.Multi.Generic ) - warning
15:15:55.0296 1964	PSched - detected UnsignedFile.Multi.Generic (1)
15:15:55.0328 1964	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:15:55.0328 1964	Ptilink ( UnsignedFile.Multi.Generic ) - warning
15:15:55.0328 1964	Ptilink - detected UnsignedFile.Multi.Generic (1)
15:15:55.0343 1964	ql1080 - ok
15:15:55.0359 1964	Ql10wnt - ok
15:15:55.0359 1964	ql12160 - ok
15:15:55.0375 1964	ql1240 - ok
15:15:55.0390 1964	ql1280 - ok
15:15:55.0421 1964	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:15:55.0437 1964	RasAcd ( UnsignedFile.Multi.Generic ) - warning
15:15:55.0437 1964	RasAcd - detected UnsignedFile.Multi.Generic (1)
15:15:55.0468 1964	RasAuto         (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
15:15:55.0484 1964	RasAuto ( UnsignedFile.Multi.Generic ) - warning
15:15:55.0484 1964	RasAuto - detected UnsignedFile.Multi.Generic (1)
15:15:55.0515 1964	Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:15:55.0515 1964	Rasl2tp ( UnsignedFile.Multi.Generic ) - warning
15:15:55.0515 1964	Rasl2tp - detected UnsignedFile.Multi.Generic (1)
15:15:55.0546 1964	RasMan          (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
15:15:55.0562 1964	RasMan ( UnsignedFile.Multi.Generic ) - warning
15:15:55.0562 1964	RasMan - detected UnsignedFile.Multi.Generic (1)
15:15:55.0578 1964	RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:15:55.0578 1964	RasPppoe ( UnsignedFile.Multi.Generic ) - warning
15:15:55.0578 1964	RasPppoe - detected UnsignedFile.Multi.Generic (1)
15:15:55.0593 1964	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
15:15:55.0609 1964	Raspti ( UnsignedFile.Multi.Generic ) - warning
15:15:55.0609 1964	Raspti - detected UnsignedFile.Multi.Generic (1)
15:15:55.0640 1964	Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:15:55.0656 1964	Rdbss ( UnsignedFile.Multi.Generic ) - warning
15:15:55.0656 1964	Rdbss - detected UnsignedFile.Multi.Generic (1)
15:15:55.0671 1964	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:15:55.0671 1964	RDPCDD ( UnsignedFile.Multi.Generic ) - warning
15:15:55.0671 1964	RDPCDD - detected UnsignedFile.Multi.Generic (1)
15:15:55.0718 1964	rdpdr           (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:15:55.0734 1964	rdpdr ( UnsignedFile.Multi.Generic ) - warning
15:15:55.0734 1964	rdpdr - detected UnsignedFile.Multi.Generic (1)
15:15:55.0781 1964	RDPWD           (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
15:15:55.0796 1964	RDPWD - ok
15:15:55.0843 1964	RDSessMgr       (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
15:15:55.0843 1964	RDSessMgr ( UnsignedFile.Multi.Generic ) - warning
15:15:55.0843 1964	RDSessMgr - detected UnsignedFile.Multi.Generic (1)
15:15:55.0890 1964	RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
15:15:55.0906 1964	RemoteAccess ( UnsignedFile.Multi.Generic ) - warning
15:15:55.0906 1964	RemoteAccess - detected UnsignedFile.Multi.Generic (1)
15:15:55.0937 1964	RemoteRegistry  (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
15:15:55.0953 1964	RemoteRegistry ( UnsignedFile.Multi.Generic ) - warning
15:15:55.0953 1964	RemoteRegistry - detected UnsignedFile.Multi.Generic (1)
15:15:55.0968 1964	RpcLocator      (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
15:15:55.0984 1964	RpcLocator ( UnsignedFile.Multi.Generic ) - warning
15:15:55.0984 1964	RpcLocator - detected UnsignedFile.Multi.Generic (1)
15:15:56.0046 1964	RpcSs           (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
15:15:56.0078 1964	RpcSs - ok
15:15:56.0109 1964	RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
15:15:56.0125 1964	RSVP ( UnsignedFile.Multi.Generic ) - warning
15:15:56.0125 1964	RSVP - detected UnsignedFile.Multi.Generic (1)
15:15:56.0171 1964	rtl8187Se       (85334aa5417ba063e9aae58eb3c7280d) C:\WINDOWS\system32\DRIVERS\rtl8187Se.sys
15:15:56.0187 1964	rtl8187Se ( UnsignedFile.Multi.Generic ) - warning
15:15:56.0187 1964	rtl8187Se - detected UnsignedFile.Multi.Generic (1)
15:15:56.0234 1964	RTLE8023xp      (79b4fe884c18dd82d5449f6b6026d092) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
15:15:56.0265 1964	RTLE8023xp ( UnsignedFile.Multi.Generic ) - warning
15:15:56.0265 1964	RTLE8023xp - detected UnsignedFile.Multi.Generic (1)
15:15:56.0312 1964	RTLWUSB         (5a850259b849a899990379a75460a4eb) C:\WINDOWS\system32\DRIVERS\RTL8187.sys
15:15:56.0343 1964	RTLWUSB ( UnsignedFile.Multi.Generic ) - warning
15:15:56.0343 1964	RTLWUSB - detected UnsignedFile.Multi.Generic (1)
15:15:56.0375 1964	SamSs           (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
15:15:56.0390 1964	SamSs ( UnsignedFile.Multi.Generic ) - warning
15:15:56.0390 1964	SamSs - detected UnsignedFile.Multi.Generic (1)
15:15:56.0421 1964	SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
15:15:56.0437 1964	SCardSvr ( UnsignedFile.Multi.Generic ) - warning
15:15:56.0437 1964	SCardSvr - detected UnsignedFile.Multi.Generic (1)
15:15:56.0484 1964	Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
15:15:56.0515 1964	Schedule ( UnsignedFile.Multi.Generic ) - warning
15:15:56.0515 1964	Schedule - detected UnsignedFile.Multi.Generic (1)
15:15:56.0546 1964	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:15:56.0546 1964	Secdrv ( UnsignedFile.Multi.Generic ) - warning
15:15:56.0546 1964	Secdrv - detected UnsignedFile.Multi.Generic (1)
15:15:56.0578 1964	seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
15:15:56.0609 1964	seclogon ( UnsignedFile.Multi.Generic ) - warning
15:15:56.0609 1964	seclogon - detected UnsignedFile.Multi.Generic (1)
15:15:56.0625 1964	SENS            (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
15:15:56.0640 1964	SENS ( UnsignedFile.Multi.Generic ) - warning
15:15:56.0640 1964	SENS - detected UnsignedFile.Multi.Generic (1)
15:15:56.0671 1964	Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\drivers\Serial.sys
15:15:56.0687 1964	Serial ( UnsignedFile.Multi.Generic ) - warning
15:15:56.0687 1964	Serial - detected UnsignedFile.Multi.Generic (1)
15:15:56.0718 1964	Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
15:15:56.0718 1964	Sfloppy ( UnsignedFile.Multi.Generic ) - warning
15:15:56.0718 1964	Sfloppy - detected UnsignedFile.Multi.Generic (1)
15:15:56.0781 1964	SharedAccess    (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
15:15:56.0828 1964	SharedAccess ( UnsignedFile.Multi.Generic ) - warning
15:15:56.0828 1964	SharedAccess - detected UnsignedFile.Multi.Generic (1)
15:15:56.0859 1964	ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
15:15:56.0906 1964	ShellHWDetection - ok
15:15:56.0937 1964	Simbad - ok
15:15:56.0984 1964	SLIP            (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
15:15:56.0984 1964	SLIP ( UnsignedFile.Multi.Generic ) - warning
15:15:56.0984 1964	SLIP - detected UnsignedFile.Multi.Generic (1)
15:15:57.0000 1964	Sparrow - ok
15:15:57.0046 1964	splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
15:15:57.0062 1964	splitter ( UnsignedFile.Multi.Generic ) - warning
15:15:57.0062 1964	splitter - detected UnsignedFile.Multi.Generic (1)
15:15:57.0093 1964	Spooler         (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
15:15:57.0140 1964	Spooler - ok
15:15:57.0187 1964	sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
15:15:57.0203 1964	sr ( UnsignedFile.Multi.Generic ) - warning
15:15:57.0203 1964	sr - detected UnsignedFile.Multi.Generic (1)
15:15:57.0234 1964	srservice       (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
15:15:57.0265 1964	srservice ( UnsignedFile.Multi.Generic ) - warning
15:15:57.0265 1964	srservice - detected UnsignedFile.Multi.Generic (1)
15:15:57.0312 1964	Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
15:15:57.0390 1964	Srv - ok
15:15:57.0437 1964	SSDPSRV         (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
15:15:57.0453 1964	SSDPSRV ( UnsignedFile.Multi.Generic ) - warning
15:15:57.0453 1964	SSDPSRV - detected UnsignedFile.Multi.Generic (1)
15:15:57.0500 1964	SSPORT          (ef3458337d7341a05169cefc73709264) C:\WINDOWS\system32\Drivers\SSPORT.sys
15:15:57.0500 1964	SSPORT ( UnsignedFile.Multi.Generic ) - warning
15:15:57.0500 1964	SSPORT - detected UnsignedFile.Multi.Generic (1)
15:15:57.0546 1964	stisvc          (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
15:15:57.0578 1964	stisvc ( UnsignedFile.Multi.Generic ) - warning
15:15:57.0578 1964	stisvc - detected UnsignedFile.Multi.Generic (1)
15:15:57.0609 1964	streamip        (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
15:15:57.0625 1964	streamip ( UnsignedFile.Multi.Generic ) - warning
15:15:57.0625 1964	streamip - detected UnsignedFile.Multi.Generic (1)
15:15:57.0656 1964	swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
15:15:57.0656 1964	swenum ( UnsignedFile.Multi.Generic ) - warning
15:15:57.0656 1964	swenum - detected UnsignedFile.Multi.Generic (1)
15:15:57.0718 1964	swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
15:15:57.0718 1964	swmidi ( UnsignedFile.Multi.Generic ) - warning
15:15:57.0718 1964	swmidi - detected UnsignedFile.Multi.Generic (1)
15:15:57.0734 1964	SwPrv - ok
15:15:57.0750 1964	symc810 - ok
15:15:57.0781 1964	symc8xx - ok
15:15:57.0796 1964	sym_hi - ok
15:15:57.0812 1964	sym_u3 - ok
15:15:57.0890 1964	SynTP           (7d48367a65c546b0d2505946120bcce9) C:\WINDOWS\system32\DRIVERS\SynTP.sys
15:15:57.0906 1964	SynTP ( UnsignedFile.Multi.Generic ) - warning
15:15:57.0906 1964	SynTP - detected UnsignedFile.Multi.Generic (1)
15:15:57.0953 1964	sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
15:15:57.0968 1964	sysaudio ( UnsignedFile.Multi.Generic ) - warning
15:15:57.0968 1964	sysaudio - detected UnsignedFile.Multi.Generic (1)
15:15:58.0015 1964	SysmonLog       (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
15:15:58.0031 1964	SysmonLog ( UnsignedFile.Multi.Generic ) - warning
15:15:58.0031 1964	SysmonLog - detected UnsignedFile.Multi.Generic (1)
15:15:58.0062 1964	TapiSrv         (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
15:15:58.0109 1964	TapiSrv ( UnsignedFile.Multi.Generic ) - warning
15:15:58.0109 1964	TapiSrv - detected UnsignedFile.Multi.Generic (1)
15:15:58.0156 1964	Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:15:58.0250 1964	Tcpip - ok
15:15:58.0281 1964	TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
15:15:58.0296 1964	TDPIPE ( UnsignedFile.Multi.Generic ) - warning
15:15:58.0296 1964	TDPIPE - detected UnsignedFile.Multi.Generic (1)
15:15:58.0328 1964	TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
15:15:58.0328 1964	TDTCP ( UnsignedFile.Multi.Generic ) - warning
15:15:58.0328 1964	TDTCP - detected UnsignedFile.Multi.Generic (1)
15:15:58.0375 1964	TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
15:15:58.0390 1964	TermDD ( UnsignedFile.Multi.Generic ) - warning
15:15:58.0390 1964	TermDD - detected UnsignedFile.Multi.Generic (1)
15:15:58.0500 1964	TermService     (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
15:15:58.0578 1964	TermService ( UnsignedFile.Multi.Generic ) - warning
15:15:58.0578 1964	TermService - detected UnsignedFile.Multi.Generic (1)
15:15:58.0671 1964	Themes          (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
15:15:58.0718 1964	Themes - ok
15:15:58.0812 1964	THREADACPI      (a3633e498acd7869553f1e5f229a39b1) C:\WINDOWS\system32\DRIVERS\THREADACPI.SYS
15:15:58.0828 1964	THREADACPI ( UnsignedFile.Multi.Generic ) - warning
15:15:58.0828 1964	THREADACPI - detected UnsignedFile.Multi.Generic (1)
15:15:58.0921 1964	TlntSvr         (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\system32\tlntsvr.exe
15:15:58.0937 1964	TlntSvr ( UnsignedFile.Multi.Generic ) - warning
15:15:58.0937 1964	TlntSvr - detected UnsignedFile.Multi.Generic (1)
15:15:59.0000 1964	TosIde - ok
15:15:59.0046 1964	TrkWks          (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
15:15:59.0062 1964	TrkWks ( UnsignedFile.Multi.Generic ) - warning
15:15:59.0062 1964	TrkWks - detected UnsignedFile.Multi.Generic (1)
15:15:59.0140 1964	Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
15:15:59.0140 1964	Udfs ( UnsignedFile.Multi.Generic ) - warning
15:15:59.0156 1964	Udfs - detected UnsignedFile.Multi.Generic (1)
15:15:59.0187 1964	ultra - ok
15:15:59.0390 1964	Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
15:15:59.0453 1964	Update ( UnsignedFile.Multi.Generic ) - warning
15:15:59.0453 1964	Update - detected UnsignedFile.Multi.Generic (1)
15:15:59.0531 1964	upnphost        (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
15:15:59.0562 1964	upnphost ( UnsignedFile.Multi.Generic ) - warning
15:15:59.0562 1964	upnphost - detected UnsignedFile.Multi.Generic (1)
15:15:59.0593 1964	UPS             (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
15:15:59.0609 1964	UPS ( UnsignedFile.Multi.Generic ) - warning
15:15:59.0609 1964	UPS - detected UnsignedFile.Multi.Generic (1)
15:15:59.0687 1964	USBAAPL         (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
15:15:59.0718 1964	USBAAPL - ok
15:15:59.0828 1964	usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:15:59.0828 1964	usbccgp ( UnsignedFile.Multi.Generic ) - warning
15:15:59.0828 1964	usbccgp - detected UnsignedFile.Multi.Generic (1)
15:15:59.0937 1964	usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:15:59.0937 1964	usbehci ( UnsignedFile.Multi.Generic ) - warning
15:15:59.0937 1964	usbehci - detected UnsignedFile.Multi.Generic (1)
15:16:00.0000 1964	usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:16:00.0000 1964	usbhub ( UnsignedFile.Multi.Generic ) - warning
15:16:00.0000 1964	usbhub - detected UnsignedFile.Multi.Generic (1)
15:16:00.0125 1964	usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:16:00.0140 1964	usbprint ( UnsignedFile.Multi.Generic ) - warning
15:16:00.0140 1964	usbprint - detected UnsignedFile.Multi.Generic (1)
15:16:00.0187 1964	usbscan         (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:16:00.0203 1964	usbscan ( UnsignedFile.Multi.Generic ) - warning
15:16:00.0203 1964	usbscan - detected UnsignedFile.Multi.Generic (1)
15:16:00.0281 1964	usbstor         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:16:00.0281 1964	usbstor ( UnsignedFile.Multi.Generic ) - warning
15:16:00.0281 1964	usbstor - detected UnsignedFile.Multi.Generic (1)
15:16:00.0375 1964	usbuhci         (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
15:16:00.0406 1964	usbuhci ( UnsignedFile.Multi.Generic ) - warning
15:16:00.0406 1964	usbuhci - detected UnsignedFile.Multi.Generic (1)
15:16:00.0468 1964	usbvideo        (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
15:16:00.0484 1964	usbvideo ( UnsignedFile.Multi.Generic ) - warning
15:16:00.0484 1964	usbvideo - detected UnsignedFile.Multi.Generic (1)
15:16:00.0593 1964	VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
15:16:00.0593 1964	VgaSave ( UnsignedFile.Multi.Generic ) - warning
15:16:00.0593 1964	VgaSave - detected UnsignedFile.Multi.Generic (1)
15:16:00.0656 1964	ViaIde - ok
15:16:00.0734 1964	VolSnap         (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
15:16:00.0734 1964	VolSnap ( UnsignedFile.Multi.Generic ) - warning
15:16:00.0734 1964	VolSnap - detected UnsignedFile.Multi.Generic (1)
15:16:00.0906 1964	VSS             (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
15:16:00.0921 1964	VSS ( UnsignedFile.Multi.Generic ) - warning
15:16:00.0921 1964	VSS - detected UnsignedFile.Multi.Generic (1)
15:16:00.0984 1964	W32Time         (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
15:16:01.0000 1964	W32Time ( UnsignedFile.Multi.Generic ) - warning
15:16:01.0000 1964	W32Time - detected UnsignedFile.Multi.Generic (1)
15:16:01.0046 1964	Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:16:01.0093 1964	Wanarp ( UnsignedFile.Multi.Generic ) - warning
15:16:01.0093 1964	Wanarp - detected UnsignedFile.Multi.Generic (1)
15:16:01.0125 1964	WDICA - ok
15:16:01.0203 1964	wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
15:16:01.0218 1964	wdmaud ( UnsignedFile.Multi.Generic ) - warning
15:16:01.0218 1964	wdmaud - detected UnsignedFile.Multi.Generic (1)
15:16:01.0281 1964	WebClient       (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
15:16:01.0312 1964	WebClient ( UnsignedFile.Multi.Generic ) - warning
15:16:01.0312 1964	WebClient - detected UnsignedFile.Multi.Generic (1)
15:16:01.0453 1964	winmgmt         (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
15:16:01.0453 1964	winmgmt ( UnsignedFile.Multi.Generic ) - warning
15:16:01.0453 1964	winmgmt - detected UnsignedFile.Multi.Generic (1)
15:16:01.0546 1964	WmdmPmSN        (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
15:16:01.0609 1964	WmdmPmSN - ok
15:16:01.0843 1964	Wmi             (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
15:16:01.0953 1964	Wmi - ok
15:16:02.0250 1964	WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:16:02.0281 1964	WmiApSrv ( UnsignedFile.Multi.Generic ) - warning
15:16:02.0281 1964	WmiApSrv - detected UnsignedFile.Multi.Generic (1)
15:16:02.0625 1964	WMPNetworkSvc   (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
15:16:02.0750 1964	WMPNetworkSvc - ok
15:16:03.0031 1964	wscsvc          (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
15:16:03.0046 1964	wscsvc ( UnsignedFile.Multi.Generic ) - warning
15:16:03.0046 1964	wscsvc - detected UnsignedFile.Multi.Generic (1)
15:16:03.0140 1964	WSTCODEC        (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
15:16:03.0140 1964	WSTCODEC ( UnsignedFile.Multi.Generic ) - warning
15:16:03.0140 1964	WSTCODEC - detected UnsignedFile.Multi.Generic (1)
15:16:03.0203 1964	wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
15:16:03.0234 1964	wuauserv ( UnsignedFile.Multi.Generic ) - warning
15:16:03.0234 1964	wuauserv - detected UnsignedFile.Multi.Generic (1)
15:16:03.0312 1964	WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:16:03.0359 1964	WudfPf - ok
15:16:03.0406 1964	WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:16:03.0453 1964	WudfRd - ok
15:16:03.0625 1964	WudfSvc         (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
15:16:03.0656 1964	WudfSvc - ok
15:16:03.0875 1964	WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
15:16:03.0937 1964	WZCSVC ( UnsignedFile.Multi.Generic ) - warning
15:16:03.0937 1964	WZCSVC - detected UnsignedFile.Multi.Generic (1)
15:16:04.0187 1964	xmlprov         (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
15:16:04.0203 1964	xmlprov ( UnsignedFile.Multi.Generic ) - warning
15:16:04.0203 1964	xmlprov - detected UnsignedFile.Multi.Generic (1)
15:16:04.0250 1964	MBR (0x1B8)     (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
15:16:09.0109 1964	\Device\Harddisk0\DR0 - ok
15:16:09.0125 1964	Boot (0x1200)   (4adaf1bf1be43fb0c91700bdb11c034f) \Device\Harddisk0\DR0\Partition0
15:16:09.0125 1964	\Device\Harddisk0\DR0\Partition0 - ok
15:16:09.0156 1964	Boot (0x1200)   (b7f56f754802b7c9f4f86547e9c6d9bb) \Device\Harddisk0\DR0\Partition1
15:16:09.0187 1964	\Device\Harddisk0\DR0\Partition1 - ok
15:16:09.0187 1964	============================================================
15:16:09.0187 1964	Scan finished
15:16:09.0187 1964	============================================================
15:16:09.0312 2052	Detected object count: 188
15:16:09.0312 2052	Actual detected object count: 188
15:17:03.0750 2052	ACPI ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0750 2052	ACPI ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0750 2052	ACPIEC ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0750 2052	ACPIEC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0765 2052	aec ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0765 2052	aec ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0765 2052	Alerter ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0765 2052	Alerter ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0765 2052	ALG ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0765 2052	ALG ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0765 2052	Ambfilt ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0765 2052	Ambfilt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0765 2052	AppMgmt ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0765 2052	AppMgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0781 2052	AR5416 ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0781 2052	AR5416 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0781 2052	AsyncMac ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0781 2052	AsyncMac ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0781 2052	atapi ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0781 2052	atapi ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0781 2052	Atmarpc ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0781 2052	Atmarpc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0796 2052	AudioSrv ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0796 2052	AudioSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0796 2052	audstub ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0796 2052	audstub ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0796 2052	Beep ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0796 2052	Beep ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0796 2052	BITS ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0812 2052	BITS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0812 2052	Browser ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0812 2052	Browser ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0812 2052	cbidf2k ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0812 2052	cbidf2k ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0812 2052	CCDECODE ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0812 2052	CCDECODE ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0812 2052	Cdaudio ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0812 2052	Cdaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0828 2052	Cdfs ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0828 2052	Cdfs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0828 2052	Cdrom ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0828 2052	Cdrom ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0828 2052	CiSvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0828 2052	CiSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0828 2052	ClipSrv ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0828 2052	ClipSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0843 2052	CmBatt ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0843 2052	CmBatt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0843 2052	Compbatt ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0843 2052	Compbatt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0843 2052	CryptSvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0843 2052	CryptSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0843 2052	Dhcp ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0859 2052	Dhcp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0859 2052	Disk ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0859 2052	Disk ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0859 2052	dmboot ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0859 2052	dmboot ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0859 2052	dmio ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0859 2052	dmio ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0859 2052	dmload ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0859 2052	dmload ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0859 2052	dmserver ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0859 2052	dmserver ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0875 2052	DMusic ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0875 2052	DMusic ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0875 2052	Dot3svc ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0875 2052	Dot3svc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0875 2052	drmkaud ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0875 2052	drmkaud ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0875 2052	EapHost ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0875 2052	EapHost ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0875 2052	ERSvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0890 2052	ERSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0890 2052	Fastfat ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0890 2052	Fastfat ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0890 2052	Fdc ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0890 2052	Fdc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0890 2052	Fips ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0890 2052	Fips ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0890 2052	Flpydisk ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0906 2052	Flpydisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0906 2052	FltMgr ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0906 2052	FltMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0906 2052	Fs_Rec ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0906 2052	Fs_Rec ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0906 2052	Ftdisk ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0906 2052	Ftdisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0906 2052	Gpc ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0906 2052	Gpc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0906 2052	HDAudBus ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0906 2052	HDAudBus ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0906 2052	helpsvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0906 2052	helpsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0921 2052	HidUsb ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0921 2052	HidUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0921 2052	hkmsvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0921 2052	hkmsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0921 2052	HTTP ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0921 2052	HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0921 2052	HTTPFilter ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0921 2052	HTTPFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0937 2052	i8042prt ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0937 2052	i8042prt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0937 2052	ialm ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0937 2052	ialm ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0937 2052	Imapi ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0937 2052	Imapi ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0937 2052	ImapiService ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0937 2052	ImapiService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0937 2052	IntcAzAudAddService ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0937 2052	IntcAzAudAddService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0953 2052	intelppm ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0953 2052	intelppm ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0953 2052	Ip6Fw ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0953 2052	Ip6Fw ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0953 2052	IpFilterDriver ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0953 2052	IpFilterDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0953 2052	IpInIp ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0953 2052	IpInIp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0968 2052	IpNat ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0968 2052	IpNat ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0968 2052	IPSec ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0968 2052	IPSec ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0968 2052	IRENUM ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0968 2052	IRENUM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0968 2052	isapnp ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0968 2052	isapnp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0984 2052	Kbdclass ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0984 2052	Kbdclass ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0984 2052	kmixer ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0984 2052	kmixer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0984 2052	KSecDD ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0984 2052	KSecDD ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:03.0984 2052	LanmanServer ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:03.0984 2052	LanmanServer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0000 2052	LmHosts ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0000 2052	LmHosts ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0000 2052	Messenger ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0000 2052	Messenger ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0000 2052	mnmdd ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0000 2052	mnmdd ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0000 2052	mnmsrvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0015 2052	mnmsrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0015 2052	Modem ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0015 2052	Modem ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0015 2052	Monfilt ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0015 2052	Monfilt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0015 2052	Mouclass ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0015 2052	Mouclass ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0015 2052	mouhid ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0015 2052	mouhid ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0031 2052	MountMgr ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0031 2052	MountMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0031 2052	MRxDAV ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0031 2052	MRxDAV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0031 2052	MSDTC ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0031 2052	MSDTC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0031 2052	Msfs ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0031 2052	Msfs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0046 2052	MSKSSRV ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0046 2052	MSKSSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0046 2052	MSPCLOCK ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0046 2052	MSPCLOCK ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0046 2052	MSPQM ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0046 2052	MSPQM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0046 2052	mssmbios ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0046 2052	mssmbios ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0062 2052	MSTEE ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0062 2052	MSTEE ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0062 2052	NABTSFEC ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0062 2052	NABTSFEC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0062 2052	napagent ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0062 2052	napagent ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0062 2052	NDIS ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0062 2052	NDIS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0078 2052	NdisIP ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0078 2052	NdisIP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0078 2052	Ndisuio ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0078 2052	Ndisuio ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0078 2052	NdisWan ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0078 2052	NdisWan ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0078 2052	NetBIOS ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0078 2052	NetBIOS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0093 2052	NetBT ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0093 2052	NetBT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0093 2052	NetDDE ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0093 2052	NetDDE ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0093 2052	NetDDEdsdm ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0093 2052	NetDDEdsdm ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0093 2052	Netlogon ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0093 2052	Netlogon ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0093 2052	Netman ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0093 2052	Netman ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0109 2052	Npfs ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0109 2052	Npfs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0109 2052	Ntfs ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0109 2052	Ntfs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0109 2052	NtLmSsp ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0109 2052	NtLmSsp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0109 2052	NtmsSvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0109 2052	NtmsSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0125 2052	Null ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0125 2052	Null ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0125 2052	NwlnkFlt ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0125 2052	NwlnkFlt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0125 2052	NwlnkFwd ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0125 2052	NwlnkFwd ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0125 2052	Parport ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0125 2052	Parport ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0140 2052	PartMgr ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0140 2052	PartMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0140 2052	ParVdm ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0140 2052	ParVdm ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0140 2052	PCI ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0140 2052	PCI ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0140 2052	PCIIde ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0140 2052	PCIIde ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0156 2052	Pcmcia ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0156 2052	Pcmcia ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0156 2052	PolicyAgent ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0156 2052	PolicyAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0156 2052	PptpMiniport ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0156 2052	PptpMiniport ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0156 2052	ProtectedStorage ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0156 2052	ProtectedStorage ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0156 2052	PSched ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0156 2052	PSched ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0171 2052	Ptilink ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0171 2052	Ptilink ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0171 2052	RasAcd ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0171 2052	RasAcd ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0171 2052	RasAuto ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0171 2052	RasAuto ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0171 2052	Rasl2tp ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0171 2052	Rasl2tp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0187 2052	RasMan ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0187 2052	RasMan ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0187 2052	RasPppoe ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0187 2052	RasPppoe ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0187 2052	Raspti ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0187 2052	Raspti ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0187 2052	Rdbss ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0187 2052	Rdbss ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0203 2052	RDPCDD ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0203 2052	RDPCDD ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0203 2052	rdpdr ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0203 2052	rdpdr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0203 2052	RDSessMgr ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0203 2052	RDSessMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0203 2052	RemoteAccess ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0203 2052	RemoteAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0218 2052	RemoteRegistry ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0218 2052	RemoteRegistry ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0218 2052	RpcLocator ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0218 2052	RpcLocator ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0218 2052	RSVP ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0218 2052	RSVP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0218 2052	rtl8187Se ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0218 2052	rtl8187Se ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0234 2052	RTLE8023xp ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0234 2052	RTLE8023xp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0234 2052	RTLWUSB ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0234 2052	RTLWUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0234 2052	SamSs ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0234 2052	SamSs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0234 2052	SCardSvr ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0234 2052	SCardSvr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0250 2052	Schedule ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0250 2052	Schedule ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0250 2052	Secdrv ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0250 2052	Secdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0250 2052	seclogon ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0250 2052	seclogon ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0250 2052	SENS ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0250 2052	SENS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0265 2052	Serial ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0265 2052	Serial ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0265 2052	Sfloppy ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0265 2052	Sfloppy ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0265 2052	SharedAccess ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0265 2052	SharedAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0265 2052	SLIP ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0265 2052	SLIP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0281 2052	splitter ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0281 2052	splitter ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0281 2052	sr ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0281 2052	sr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0281 2052	srservice ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0281 2052	srservice ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0281 2052	SSDPSRV ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0281 2052	SSDPSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0296 2052	SSPORT ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0296 2052	SSPORT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0296 2052	stisvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0296 2052	stisvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0296 2052	streamip ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0296 2052	streamip ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0296 2052	swenum ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0296 2052	swenum ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0312 2052	swmidi ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0312 2052	swmidi ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0312 2052	SynTP ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0312 2052	SynTP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0312 2052	sysaudio ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0312 2052	sysaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0312 2052	SysmonLog ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0312 2052	SysmonLog ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0312 2052	TapiSrv ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0312 2052	TapiSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0328 2052	TDPIPE ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0328 2052	TDPIPE ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0328 2052	TDTCP ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0328 2052	TDTCP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0328 2052	TermDD ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0328 2052	TermDD ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0328 2052	TermService ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0328 2052	TermService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0328 2052	THREADACPI ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0328 2052	THREADACPI ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0328 2052	TlntSvr ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0328 2052	TlntSvr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0343 2052	TrkWks ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0343 2052	TrkWks ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0343 2052	Udfs ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0343 2052	Udfs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0343 2052	Update ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0343 2052	Update ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0343 2052	upnphost ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0343 2052	upnphost ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0343 2052	UPS ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0343 2052	UPS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0343 2052	usbccgp ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0343 2052	usbccgp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0359 2052	usbehci ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0359 2052	usbehci ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0359 2052	usbhub ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0359 2052	usbhub ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0359 2052	usbprint ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0359 2052	usbprint ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0359 2052	usbscan ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0359 2052	usbscan ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0359 2052	usbstor ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0359 2052	usbstor ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0359 2052	usbuhci ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0359 2052	usbuhci ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0359 2052	usbvideo ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0359 2052	usbvideo ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0375 2052	VgaSave ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0375 2052	VgaSave ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0375 2052	VolSnap ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0375 2052	VolSnap ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0375 2052	VSS ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0375 2052	VSS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0375 2052	W32Time ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0375 2052	W32Time ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0390 2052	Wanarp ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0390 2052	Wanarp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0390 2052	wdmaud ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0390 2052	wdmaud ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0390 2052	WebClient ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0390 2052	WebClient ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0390 2052	winmgmt ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0390 2052	winmgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0406 2052	WmiApSrv ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0406 2052	WmiApSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0406 2052	wscsvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0406 2052	wscsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0406 2052	WSTCODEC ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0406 2052	WSTCODEC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0406 2052	wuauserv ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0406 2052	wuauserv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0406 2052	WZCSVC ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0421 2052	WZCSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:04.0421 2052	xmlprov ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:04.0421 2052	xmlprov ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:30.0328 4052	============================================================

cosinus · 15.04.2012, 16:24

Log ist unvollständig, der untere Teil mit der Zusammenfassung fehlt

Jenniferle · 15.04.2012, 17:01

komisch, hier ein neuer versuch:

Code:

ATTFilter

17:58:44.0984 3536	TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
17:58:45.0625 3536	============================================================
17:58:45.0625 3536	Current date / time: 2012/04/15 17:58:45.0625
17:58:45.0625 3536	SystemInfo:
17:58:45.0625 3536	
17:58:45.0625 3536	OS Version: 5.1.2600 ServicePack: 3.0
17:58:45.0625 3536	Product type: Workstation
17:58:45.0625 3536	ComputerName: USER-017C622E09
17:58:45.0625 3536	UserName: Administrator
17:58:45.0625 3536	Windows directory: C:\WINDOWS
17:58:45.0625 3536	System windows directory: C:\WINDOWS
17:58:45.0625 3536	Processor architecture: Intel x86
17:58:45.0625 3536	Number of processors: 2
17:58:45.0625 3536	Page size: 0x1000
17:58:45.0625 3536	Boot type: Normal boot
17:58:45.0625 3536	============================================================
17:58:47.0328 3536	Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:58:47.0328 3536	\Device\Harddisk0\DR0:
17:58:47.0328 3536	MBR used
17:58:47.0328 3536	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A7927
17:58:47.0343 3536	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x61A79A5, BlocksNum 0xC86D25B
17:58:47.0421 3536	Initialize success
17:58:47.0421 3536	============================================================
17:58:53.0546 2636	============================================================
17:58:53.0546 2636	Scan started
17:58:53.0546 2636	Mode: Manual; SigCheck; TDLFS; 
17:58:53.0546 2636	============================================================
17:58:54.0984 2636	Abiosdsk - ok
17:58:55.0000 2636	abp480n5 - ok
17:58:55.0140 2636	ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:58:55.0375 2636	ACPI ( UnsignedFile.Multi.Generic ) - warning
17:58:55.0375 2636	ACPI - detected UnsignedFile.Multi.Generic (1)
17:58:56.0125 2636	ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
17:58:56.0203 2636	ACPIEC ( UnsignedFile.Multi.Generic ) - warning
17:58:56.0203 2636	ACPIEC - detected UnsignedFile.Multi.Generic (1)
17:58:57.0046 2636	adpu160m - ok
17:58:57.0343 2636	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
17:58:57.0375 2636	aec ( UnsignedFile.Multi.Generic ) - warning
17:58:57.0375 2636	aec - detected UnsignedFile.Multi.Generic (1)
17:58:57.0515 2636	AFD             (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
17:58:57.0906 2636	AFD - ok
17:58:58.0140 2636	Aha154x - ok
17:58:58.0375 2636	aic78u2 - ok
17:58:58.0437 2636	aic78xx - ok
17:58:58.0562 2636	Alerter         (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
17:58:58.0593 2636	Alerter ( UnsignedFile.Multi.Generic ) - warning
17:58:58.0593 2636	Alerter - detected UnsignedFile.Multi.Generic (1)
17:58:58.0796 2636	ALG             (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
17:58:58.0796 2636	ALG ( UnsignedFile.Multi.Generic ) - warning
17:58:58.0796 2636	ALG - detected UnsignedFile.Multi.Generic (1)
17:58:58.0843 2636	AliIde - ok
17:58:59.0359 2636	Ambfilt         (f6af59d6eee5e1c304f7f73706ad11d8) C:\WINDOWS\system32\drivers\Ambfilt.sys
17:58:59.0875 2636	Ambfilt ( UnsignedFile.Multi.Generic ) - warning
17:58:59.0875 2636	Ambfilt - detected UnsignedFile.Multi.Generic (1)
17:59:00.0171 2636	amsint - ok
17:59:00.0453 2636	Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:59:00.0515 2636	Apple Mobile Device - ok
17:59:00.0875 2636	AppMgmt         (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
17:59:00.0968 2636	AppMgmt ( UnsignedFile.Multi.Generic ) - warning
17:59:00.0968 2636	AppMgmt - detected UnsignedFile.Multi.Generic (1)
17:59:01.0593 2636	AR5416          (e0ee769d14128014965e03b433f5f46e) C:\WINDOWS\system32\DRIVERS\athw.sys
17:59:02.0390 2636	AR5416 ( UnsignedFile.Multi.Generic ) - warning
17:59:02.0390 2636	AR5416 - detected UnsignedFile.Multi.Generic (1)
17:59:02.0656 2636	asc - ok
17:59:02.0734 2636	asc3350p - ok
17:59:02.0781 2636	asc3550 - ok
17:59:02.0906 2636	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:59:02.0968 2636	AsyncMac ( UnsignedFile.Multi.Generic ) - warning
17:59:02.0968 2636	AsyncMac - detected UnsignedFile.Multi.Generic (1)
17:59:03.0031 2636	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
17:59:03.0031 2636	atapi ( UnsignedFile.Multi.Generic ) - warning
17:59:03.0031 2636	atapi - detected UnsignedFile.Multi.Generic (1)
17:59:03.0078 2636	Atdisk - ok
17:59:03.0140 2636	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:59:03.0187 2636	Atmarpc ( UnsignedFile.Multi.Generic ) - warning
17:59:03.0187 2636	Atmarpc - detected UnsignedFile.Multi.Generic (1)
17:59:03.0218 2636	AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
17:59:03.0265 2636	AudioSrv ( UnsignedFile.Multi.Generic ) - warning
17:59:03.0265 2636	AudioSrv - detected UnsignedFile.Multi.Generic (1)
17:59:03.0359 2636	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
17:59:03.0390 2636	audstub ( UnsignedFile.Multi.Generic ) - warning
17:59:03.0390 2636	audstub - detected UnsignedFile.Multi.Generic (1)
17:59:03.0484 2636	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
17:59:03.0500 2636	Beep ( UnsignedFile.Multi.Generic ) - warning
17:59:03.0500 2636	Beep - detected UnsignedFile.Multi.Generic (1)
17:59:04.0031 2636	BITS            (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
17:59:04.0250 2636	BITS ( UnsignedFile.Multi.Generic ) - warning
17:59:04.0250 2636	BITS - detected UnsignedFile.Multi.Generic (1)
17:59:04.0812 2636	Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Programme\Bonjour\mDNSResponder.exe
17:59:05.0015 2636	Bonjour Service - ok
17:59:05.0406 2636	Browser         (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
17:59:05.0453 2636	Browser ( UnsignedFile.Multi.Generic ) - warning
17:59:05.0453 2636	Browser - detected UnsignedFile.Multi.Generic (1)
17:59:05.0656 2636	BrScnUsb        (92a964547b96d697e5e9ed43b4297f5a) C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys
17:59:05.0781 2636	BrScnUsb - ok
17:59:06.0187 2636	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
17:59:06.0531 2636	cbidf2k ( UnsignedFile.Multi.Generic ) - warning
17:59:06.0531 2636	cbidf2k - detected UnsignedFile.Multi.Generic (1)
17:59:07.0593 2636	CCDECODE        (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
17:59:07.0625 2636	CCDECODE ( UnsignedFile.Multi.Generic ) - warning
17:59:07.0640 2636	CCDECODE - detected UnsignedFile.Multi.Generic (1)
17:59:08.0265 2636	cd20xrnt - ok
17:59:08.0453 2636	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
17:59:08.0468 2636	Cdaudio ( UnsignedFile.Multi.Generic ) - warning
17:59:08.0468 2636	Cdaudio - detected UnsignedFile.Multi.Generic (1)
17:59:08.0578 2636	Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
17:59:08.0625 2636	Cdfs ( UnsignedFile.Multi.Generic ) - warning
17:59:08.0625 2636	Cdfs - detected UnsignedFile.Multi.Generic (1)
17:59:08.0703 2636	Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\drivers\Cdrom.sys
17:59:08.0703 2636	Cdrom ( UnsignedFile.Multi.Generic ) - warning
17:59:08.0703 2636	Cdrom - detected UnsignedFile.Multi.Generic (1)
17:59:08.0718 2636	Changer - ok
17:59:08.0765 2636	CiSvc           (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
17:59:08.0765 2636	CiSvc ( UnsignedFile.Multi.Generic ) - warning
17:59:08.0765 2636	CiSvc - detected UnsignedFile.Multi.Generic (1)
17:59:08.0796 2636	ClipSrv         (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
17:59:08.0812 2636	ClipSrv ( UnsignedFile.Multi.Generic ) - warning
17:59:08.0828 2636	ClipSrv - detected UnsignedFile.Multi.Generic (1)
17:59:08.0859 2636	CmBatt          (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
17:59:08.0875 2636	CmBatt ( UnsignedFile.Multi.Generic ) - warning
17:59:08.0875 2636	CmBatt - detected UnsignedFile.Multi.Generic (1)
17:59:08.0890 2636	CmdIde - ok
17:59:08.0953 2636	Compbatt        (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
17:59:09.0062 2636	Compbatt ( UnsignedFile.Multi.Generic ) - warning
17:59:09.0062 2636	Compbatt - detected UnsignedFile.Multi.Generic (1)
17:59:09.0078 2636	COMSysApp - ok
17:59:09.0093 2636	Cpqarray - ok
17:59:09.0171 2636	CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
17:59:09.0203 2636	CryptSvc ( UnsignedFile.Multi.Generic ) - warning
17:59:09.0203 2636	CryptSvc - detected UnsignedFile.Multi.Generic (1)
17:59:09.0203 2636	dac2w2k - ok
17:59:09.0234 2636	dac960nt - ok
17:59:09.0312 2636	DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
17:59:09.0437 2636	DcomLaunch - ok
17:59:09.0484 2636	Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
17:59:09.0484 2636	Dhcp ( UnsignedFile.Multi.Generic ) - warning
17:59:09.0484 2636	Dhcp - detected UnsignedFile.Multi.Generic (1)
17:59:09.0546 2636	Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
17:59:09.0562 2636	Disk ( UnsignedFile.Multi.Generic ) - warning
17:59:09.0562 2636	Disk - detected UnsignedFile.Multi.Generic (1)
17:59:09.0562 2636	dmadmin - ok
17:59:09.0625 2636	dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
17:59:09.0703 2636	dmboot ( UnsignedFile.Multi.Generic ) - warning
17:59:09.0703 2636	dmboot - detected UnsignedFile.Multi.Generic (1)
17:59:09.0734 2636	dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
17:59:09.0750 2636	dmio ( UnsignedFile.Multi.Generic ) - warning
17:59:09.0750 2636	dmio - detected UnsignedFile.Multi.Generic (1)
17:59:09.0796 2636	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
17:59:09.0812 2636	dmload ( UnsignedFile.Multi.Generic ) - warning
17:59:09.0828 2636	dmload - detected UnsignedFile.Multi.Generic (1)
17:59:09.0843 2636	dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
17:59:09.0843 2636	dmserver ( UnsignedFile.Multi.Generic ) - warning
17:59:09.0843 2636	dmserver - detected UnsignedFile.Multi.Generic (1)
17:59:09.0890 2636	DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
17:59:09.0906 2636	DMusic ( UnsignedFile.Multi.Generic ) - warning
17:59:09.0906 2636	DMusic - detected UnsignedFile.Multi.Generic (1)
17:59:09.0968 2636	Dnscache        (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
17:59:10.0093 2636	Dnscache - ok
17:59:10.0125 2636	Dot3svc         (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
17:59:10.0343 2636	Dot3svc ( UnsignedFile.Multi.Generic ) - warning
17:59:10.0343 2636	Dot3svc - detected UnsignedFile.Multi.Generic (1)
17:59:10.0484 2636	dpti2o - ok
17:59:10.0578 2636	drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
17:59:10.0609 2636	drmkaud ( UnsignedFile.Multi.Generic ) - warning
17:59:10.0609 2636	drmkaud - detected UnsignedFile.Multi.Generic (1)
17:59:10.0656 2636	EapHost         (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
17:59:10.0656 2636	EapHost ( UnsignedFile.Multi.Generic ) - warning
17:59:10.0656 2636	EapHost - detected UnsignedFile.Multi.Generic (1)
17:59:10.0703 2636	ERSvc           (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
17:59:10.0703 2636	ERSvc ( UnsignedFile.Multi.Generic ) - warning
17:59:10.0703 2636	ERSvc - detected UnsignedFile.Multi.Generic (1)
17:59:10.0781 2636	Eventlog        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
17:59:10.0828 2636	Eventlog - ok
17:59:11.0000 2636	EventSystem     (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
17:59:11.0187 2636	EventSystem - ok
17:59:11.0328 2636	Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
17:59:11.0406 2636	Fastfat ( UnsignedFile.Multi.Generic ) - warning
17:59:11.0406 2636	Fastfat - detected UnsignedFile.Multi.Generic (1)
17:59:11.0578 2636	FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
17:59:11.0703 2636	FastUserSwitchingCompatibility - ok
17:59:11.0765 2636	Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
17:59:11.0781 2636	Fdc ( UnsignedFile.Multi.Generic ) - warning
17:59:11.0781 2636	Fdc - detected UnsignedFile.Multi.Generic (1)
17:59:11.0828 2636	Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
17:59:11.0843 2636	Fips ( UnsignedFile.Multi.Generic ) - warning
17:59:11.0843 2636	Fips - detected UnsignedFile.Multi.Generic (1)
17:59:11.0859 2636	Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
17:59:11.0859 2636	Flpydisk ( UnsignedFile.Multi.Generic ) - warning
17:59:11.0875 2636	Flpydisk - detected UnsignedFile.Multi.Generic (1)
17:59:12.0031 2636	FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
17:59:12.0093 2636	FltMgr ( UnsignedFile.Multi.Generic ) - warning
17:59:12.0093 2636	FltMgr - detected UnsignedFile.Multi.Generic (1)
17:59:12.0609 2636	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:59:12.0640 2636	Fs_Rec ( UnsignedFile.Multi.Generic ) - warning
17:59:12.0640 2636	Fs_Rec - detected UnsignedFile.Multi.Generic (1)
17:59:12.0890 2636	Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:59:12.0937 2636	Ftdisk ( UnsignedFile.Multi.Generic ) - warning
17:59:12.0937 2636	Ftdisk - detected UnsignedFile.Multi.Generic (1)
17:59:12.0984 2636	GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
17:59:13.0015 2636	GEARAspiWDM - ok
17:59:13.0187 2636	Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:59:13.0203 2636	Gpc ( UnsignedFile.Multi.Generic ) - warning
17:59:13.0203 2636	Gpc - detected UnsignedFile.Multi.Generic (1)
17:59:13.0328 2636	HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:59:13.0343 2636	HDAudBus ( UnsignedFile.Multi.Generic ) - warning
17:59:13.0343 2636	HDAudBus - detected UnsignedFile.Multi.Generic (1)
17:59:13.0437 2636	helpsvc         (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:59:13.0437 2636	helpsvc ( UnsignedFile.Multi.Generic ) - warning
17:59:13.0437 2636	helpsvc - detected UnsignedFile.Multi.Generic (1)
17:59:13.0468 2636	HidServ - ok
17:59:13.0531 2636	HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:59:13.0593 2636	HidUsb ( UnsignedFile.Multi.Generic ) - warning
17:59:13.0593 2636	HidUsb - detected UnsignedFile.Multi.Generic (1)
17:59:13.0781 2636	hkmsvc          (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
17:59:13.0796 2636	hkmsvc ( UnsignedFile.Multi.Generic ) - warning
17:59:13.0796 2636	hkmsvc - detected UnsignedFile.Multi.Generic (1)
17:59:13.0859 2636	hpn - ok
17:59:14.0015 2636	HTTP            (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
17:59:14.0046 2636	HTTP ( UnsignedFile.Multi.Generic ) - warning
17:59:14.0046 2636	HTTP - detected UnsignedFile.Multi.Generic (1)
17:59:14.0156 2636	HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
17:59:14.0203 2636	HTTPFilter ( UnsignedFile.Multi.Generic ) - warning
17:59:14.0203 2636	HTTPFilter - detected UnsignedFile.Multi.Generic (1)
17:59:14.0250 2636	i2omgmt - ok
17:59:14.0296 2636	i2omp - ok
17:59:14.0421 2636	i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:59:14.0453 2636	i8042prt ( UnsignedFile.Multi.Generic ) - warning
17:59:14.0453 2636	i8042prt - detected UnsignedFile.Multi.Generic (1)
17:59:15.0781 2636	ialm            (48846b31be5a4fa662ccfde7a1ba86b9) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
17:59:17.0531 2636	ialm ( UnsignedFile.Multi.Generic ) - warning
17:59:17.0531 2636	ialm - detected UnsignedFile.Multi.Generic (1)
17:59:17.0812 2636	Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\drivers\Imapi.sys
17:59:17.0828 2636	Imapi ( UnsignedFile.Multi.Generic ) - warning
17:59:17.0828 2636	Imapi - detected UnsignedFile.Multi.Generic (1)
17:59:17.0953 2636	ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
17:59:17.0968 2636	ImapiService ( UnsignedFile.Multi.Generic ) - warning
17:59:17.0984 2636	ImapiService - detected UnsignedFile.Multi.Generic (1)
17:59:18.0140 2636	ini910u - ok
17:59:19.0156 2636	IntcAzAudAddService (588391c5bb6e2bed467f58ce3a6fa81e) C:\WINDOWS\system32\drivers\RtkHDAud.sys
17:59:20.0203 2636	IntcAzAudAddService ( UnsignedFile.Multi.Generic ) - warning
17:59:20.0203 2636	IntcAzAudAddService - detected UnsignedFile.Multi.Generic (1)
17:59:20.0546 2636	IntelIde - ok
17:59:20.0687 2636	intelppm        (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:59:20.0703 2636	intelppm ( UnsignedFile.Multi.Generic ) - warning
17:59:20.0703 2636	intelppm - detected UnsignedFile.Multi.Generic (1)
17:59:21.0031 2636	Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
17:59:21.0078 2636	Ip6Fw ( UnsignedFile.Multi.Generic ) - warning
17:59:21.0078 2636	Ip6Fw - detected UnsignedFile.Multi.Generic (1)
17:59:21.0359 2636	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:59:21.0375 2636	IpFilterDriver ( UnsignedFile.Multi.Generic ) - warning
17:59:21.0375 2636	IpFilterDriver - detected UnsignedFile.Multi.Generic (1)
17:59:21.0625 2636	IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:59:21.0656 2636	IpInIp ( UnsignedFile.Multi.Generic ) - warning
17:59:21.0656 2636	IpInIp - detected UnsignedFile.Multi.Generic (1)
17:59:21.0843 2636	IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:59:21.0890 2636	IpNat ( UnsignedFile.Multi.Generic ) - warning
17:59:21.0890 2636	IpNat - detected UnsignedFile.Multi.Generic (1)
17:59:22.0140 2636	iPod Service    (178fe38b7740f598391eb2f51ae4ccac) C:\Programme\iPod\bin\iPodService.exe
17:59:22.0281 2636	iPod Service - ok
17:59:22.0625 2636	IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:59:22.0656 2636	IPSec ( UnsignedFile.Multi.Generic ) - warning
17:59:22.0656 2636	IPSec - detected UnsignedFile.Multi.Generic (1)
17:59:23.0046 2636	IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
17:59:23.0078 2636	IRENUM ( UnsignedFile.Multi.Generic ) - warning
17:59:23.0078 2636	IRENUM - detected UnsignedFile.Multi.Generic (1)
17:59:23.0328 2636	isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:59:23.0359 2636	isapnp ( UnsignedFile.Multi.Generic ) - warning
17:59:23.0359 2636	isapnp - detected UnsignedFile.Multi.Generic (1)
17:59:23.0531 2636	JavaQuickStarterService (5e06a9d23727daf96faa796f1135fdcd) C:\Programme\Java\jre6\bin\jqs.exe
17:59:23.0593 2636	JavaQuickStarterService - ok
17:59:23.0828 2636	Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:59:23.0859 2636	Kbdclass ( UnsignedFile.Multi.Generic ) - warning
17:59:23.0859 2636	Kbdclass - detected UnsignedFile.Multi.Generic (1)
17:59:24.0156 2636	kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
17:59:24.0171 2636	kmixer ( UnsignedFile.Multi.Generic ) - warning
17:59:24.0171 2636	kmixer - detected UnsignedFile.Multi.Generic (1)
17:59:24.0421 2636	KMWDFILTER      (566c5fd480fdbce3ba5cf9fbcffaea9a) C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys
17:59:24.0515 2636	KMWDFILTER - ok
17:59:24.0734 2636	KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
17:59:24.0781 2636	KSecDD ( UnsignedFile.Multi.Generic ) - warning
17:59:24.0781 2636	KSecDD - detected UnsignedFile.Multi.Generic (1)
17:59:25.0015 2636	LanmanServer    (d6eb4916b203cbe525f8eff5fd5ab16c) C:\WINDOWS\System32\srvsvc.dll
17:59:25.0062 2636	LanmanServer ( UnsignedFile.Multi.Generic ) - warning
17:59:25.0062 2636	LanmanServer - detected UnsignedFile.Multi.Generic (1)
17:59:25.0296 2636	lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
17:59:25.0437 2636	lanmanworkstation - ok
17:59:25.0593 2636	lbrtfdc - ok
17:59:25.0859 2636	LmHosts         (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
17:59:25.0875 2636	LmHosts ( UnsignedFile.Multi.Generic ) - warning
17:59:25.0875 2636	LmHosts - detected UnsignedFile.Multi.Generic (1)
17:59:26.0218 2636	MBAMProtector   (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys
17:59:26.0328 2636	MBAMProtector - ok
17:59:26.0593 2636	MBAMService     (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
17:59:27.0031 2636	MBAMService - ok
17:59:27.0218 2636	McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe
17:59:27.0437 2636	McComponentHostService - ok
17:59:27.0640 2636	Messenger       (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
17:59:27.0687 2636	Messenger ( UnsignedFile.Multi.Generic ) - warning
17:59:27.0687 2636	Messenger - detected UnsignedFile.Multi.Generic (1)
17:59:27.0906 2636	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
17:59:27.0953 2636	mnmdd ( UnsignedFile.Multi.Generic ) - warning
17:59:27.0953 2636	mnmdd - detected UnsignedFile.Multi.Generic (1)
17:59:28.0234 2636	mnmsrvc         (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
17:59:28.0265 2636	mnmsrvc ( UnsignedFile.Multi.Generic ) - warning
17:59:28.0265 2636	mnmsrvc - detected UnsignedFile.Multi.Generic (1)
17:59:28.0390 2636	Modem           (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
17:59:28.0406 2636	Modem ( UnsignedFile.Multi.Generic ) - warning
17:59:28.0406 2636	Modem - detected UnsignedFile.Multi.Generic (1)
17:59:28.0484 2636	Monfilt         (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\Monfilt.sys
17:59:28.0890 2636	Monfilt ( UnsignedFile.Multi.Generic ) - warning
17:59:28.0890 2636	Monfilt - detected UnsignedFile.Multi.Generic (1)
17:59:29.0125 2636	Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:59:29.0156 2636	Mouclass ( UnsignedFile.Multi.Generic ) - warning
17:59:29.0156 2636	Mouclass - detected UnsignedFile.Multi.Generic (1)
17:59:29.0437 2636	mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:59:29.0484 2636	mouhid ( UnsignedFile.Multi.Generic ) - warning
17:59:29.0484 2636	mouhid - detected UnsignedFile.Multi.Generic (1)
17:59:29.0765 2636	MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
17:59:29.0812 2636	MountMgr ( UnsignedFile.Multi.Generic ) - warning
17:59:29.0812 2636	MountMgr - detected UnsignedFile.Multi.Generic (1)
17:59:30.0156 2636	MpFilter        (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
17:59:30.0234 2636	MpFilter - ok
17:59:30.0484 2636	MpKsl211d8393   (a69630d039c38018689190234f866d77) C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{B8C1822D-98B5-4817-9266-5B562720CCCD}\MpKsl211d8393.sys
17:59:30.0531 2636	MpKsl211d8393 - ok
17:59:30.0765 2636	mraid35x - ok
17:59:31.0046 2636	MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:59:31.0140 2636	MRxDAV ( UnsignedFile.Multi.Generic ) - warning
17:59:31.0140 2636	MRxDAV - detected UnsignedFile.Multi.Generic (1)
17:59:31.0468 2636	MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:59:31.0609 2636	MRxSmb - ok
17:59:31.0703 2636	MSDTC           (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
17:59:31.0718 2636	MSDTC ( UnsignedFile.Multi.Generic ) - warning
17:59:31.0718 2636	MSDTC - detected UnsignedFile.Multi.Generic (1)
17:59:31.0765 2636	Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
17:59:31.0781 2636	Msfs ( UnsignedFile.Multi.Generic ) - warning
17:59:31.0781 2636	Msfs - detected UnsignedFile.Multi.Generic (1)
17:59:31.0796 2636	MSIServer - ok
17:59:31.0859 2636	MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:59:31.0875 2636	MSKSSRV ( UnsignedFile.Multi.Generic ) - warning
17:59:31.0875 2636	MSKSSRV - detected UnsignedFile.Multi.Generic (1)
17:59:31.0984 2636	MsMpSvc         (cfce43b70ca0cc4dcc8adb62b792b173) C:\Programme\Microsoft Security Client\Antimalware\MsMpEng.exe
17:59:32.0031 2636	MsMpSvc - ok
17:59:32.0062 2636	MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:59:32.0078 2636	MSPCLOCK ( UnsignedFile.Multi.Generic ) - warning
17:59:32.0078 2636	MSPCLOCK - detected UnsignedFile.Multi.Generic (1)
17:59:32.0125 2636	MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
17:59:32.0140 2636	MSPQM ( UnsignedFile.Multi.Generic ) - warning
17:59:32.0140 2636	MSPQM - detected UnsignedFile.Multi.Generic (1)
17:59:32.0187 2636	mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:59:32.0203 2636	mssmbios ( UnsignedFile.Multi.Generic ) - warning
17:59:32.0203 2636	mssmbios - detected UnsignedFile.Multi.Generic (1)
17:59:32.0250 2636	MSTEE           (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
17:59:32.0265 2636	MSTEE ( UnsignedFile.Multi.Generic ) - warning
17:59:32.0265 2636	MSTEE - detected UnsignedFile.Multi.Generic (1)
17:59:32.0312 2636	Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
17:59:32.0375 2636	Mup - ok
17:59:32.0406 2636	NABTSFEC        (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
17:59:32.0437 2636	NABTSFEC ( UnsignedFile.Multi.Generic ) - warning
17:59:32.0437 2636	NABTSFEC - detected UnsignedFile.Multi.Generic (1)
17:59:32.0500 2636	napagent        (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
17:59:32.0546 2636	napagent ( UnsignedFile.Multi.Generic ) - warning
17:59:32.0546 2636	napagent - detected UnsignedFile.Multi.Generic (1)
17:59:32.0593 2636	NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
17:59:32.0625 2636	NDIS ( UnsignedFile.Multi.Generic ) - warning
17:59:32.0625 2636	NDIS - detected UnsignedFile.Multi.Generic (1)
17:59:32.0656 2636	NdisIP          (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
17:59:32.0656 2636	NdisIP ( UnsignedFile.Multi.Generic ) - warning
17:59:32.0656 2636	NdisIP - detected UnsignedFile.Multi.Generic (1)
17:59:32.0703 2636	NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:59:32.0781 2636	NdisTapi - ok
17:59:32.0796 2636	Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:59:32.0812 2636	Ndisuio ( UnsignedFile.Multi.Generic ) - warning
17:59:32.0812 2636	Ndisuio - detected UnsignedFile.Multi.Generic (1)
17:59:32.0828 2636	NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:59:32.0843 2636	NdisWan ( UnsignedFile.Multi.Generic ) - warning
17:59:32.0843 2636	NdisWan - detected UnsignedFile.Multi.Generic (1)
17:59:32.0890 2636	NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
17:59:32.0953 2636	NDProxy - ok
17:59:33.0000 2636	NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
17:59:33.0015 2636	NetBIOS ( UnsignedFile.Multi.Generic ) - warning
17:59:33.0015 2636	NetBIOS - detected UnsignedFile.Multi.Generic (1)
17:59:33.0046 2636	NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
17:59:33.0062 2636	NetBT ( UnsignedFile.Multi.Generic ) - warning
17:59:33.0062 2636	NetBT - detected UnsignedFile.Multi.Generic (1)
17:59:33.0109 2636	NetDDE          (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
17:59:33.0125 2636	NetDDE ( UnsignedFile.Multi.Generic ) - warning
17:59:33.0125 2636	NetDDE - detected UnsignedFile.Multi.Generic (1)
17:59:33.0140 2636	NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
17:59:33.0156 2636	NetDDEdsdm ( UnsignedFile.Multi.Generic ) - warning
17:59:33.0156 2636	NetDDEdsdm - detected UnsignedFile.Multi.Generic (1)
17:59:33.0203 2636	Netlogon        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
17:59:33.0218 2636	Netlogon ( UnsignedFile.Multi.Generic ) - warning
17:59:33.0218 2636	Netlogon - detected UnsignedFile.Multi.Generic (1)
17:59:33.0234 2636	Netman          (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
17:59:33.0265 2636	Netman ( UnsignedFile.Multi.Generic ) - warning
17:59:33.0265 2636	Netman - detected UnsignedFile.Multi.Generic (1)
17:59:33.0312 2636	Nla             (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
17:59:33.0375 2636	Nla - ok
17:59:33.0390 2636	Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
17:59:33.0390 2636	Npfs ( UnsignedFile.Multi.Generic ) - warning
17:59:33.0390 2636	Npfs - detected UnsignedFile.Multi.Generic (1)
17:59:33.0437 2636	Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
17:59:33.0484 2636	Ntfs ( UnsignedFile.Multi.Generic ) - warning
17:59:33.0484 2636	Ntfs - detected UnsignedFile.Multi.Generic (1)
17:59:33.0500 2636	NtLmSsp         (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
17:59:33.0515 2636	NtLmSsp ( UnsignedFile.Multi.Generic ) - warning
17:59:33.0515 2636	NtLmSsp - detected UnsignedFile.Multi.Generic (1)
17:59:33.0562 2636	NtmsSvc         (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
17:59:33.0609 2636	NtmsSvc ( UnsignedFile.Multi.Generic ) - warning
17:59:33.0609 2636	NtmsSvc - detected UnsignedFile.Multi.Generic (1)
17:59:33.0656 2636	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
17:59:33.0671 2636	Null ( UnsignedFile.Multi.Generic ) - warning
17:59:33.0671 2636	Null - detected UnsignedFile.Multi.Generic (1)
17:59:33.0703 2636	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:59:33.0718 2636	NwlnkFlt ( UnsignedFile.Multi.Generic ) - warning
17:59:33.0718 2636	NwlnkFlt - detected UnsignedFile.Multi.Generic (1)
17:59:33.0734 2636	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:59:33.0734 2636	NwlnkFwd ( UnsignedFile.Multi.Generic ) - warning
17:59:33.0734 2636	NwlnkFwd - detected UnsignedFile.Multi.Generic (1)
17:59:33.0765 2636	Parport         (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\drivers\Parport.sys
17:59:33.0781 2636	Parport ( UnsignedFile.Multi.Generic ) - warning
17:59:33.0781 2636	Parport - detected UnsignedFile.Multi.Generic (1)
17:59:33.0796 2636	PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
17:59:33.0812 2636	PartMgr ( UnsignedFile.Multi.Generic ) - warning
17:59:33.0812 2636	PartMgr - detected UnsignedFile.Multi.Generic (1)
17:59:33.0843 2636	ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
17:59:33.0859 2636	ParVdm ( UnsignedFile.Multi.Generic ) - warning
17:59:33.0859 2636	ParVdm - detected UnsignedFile.Multi.Generic (1)
17:59:33.0890 2636	PCI             (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
17:59:33.0906 2636	PCI ( UnsignedFile.Multi.Generic ) - warning
17:59:33.0906 2636	PCI - detected UnsignedFile.Multi.Generic (1)
17:59:33.0921 2636	PCIDump - ok
17:59:33.0953 2636	PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
17:59:33.0968 2636	PCIIde ( UnsignedFile.Multi.Generic ) - warning
17:59:33.0968 2636	PCIIde - detected UnsignedFile.Multi.Generic (1)
17:59:34.0000 2636	Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
17:59:34.0015 2636	Pcmcia ( UnsignedFile.Multi.Generic ) - warning
17:59:34.0015 2636	Pcmcia - detected UnsignedFile.Multi.Generic (1)
17:59:34.0031 2636	PDCOMP - ok
17:59:34.0046 2636	PDFRAME - ok
17:59:34.0078 2636	PDRELI - ok
17:59:34.0093 2636	PDRFRAME - ok
17:59:34.0109 2636	perc2 - ok
17:59:34.0125 2636	perc2hib - ok
17:59:34.0203 2636	PlugPlay        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
17:59:34.0234 2636	PlugPlay - ok
17:59:34.0265 2636	PolicyAgent     (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
17:59:34.0265 2636	PolicyAgent ( UnsignedFile.Multi.Generic ) - warning
17:59:34.0265 2636	PolicyAgent - detected UnsignedFile.Multi.Generic (1)
17:59:34.0312 2636	PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:59:34.0312 2636	PptpMiniport ( UnsignedFile.Multi.Generic ) - warning
17:59:34.0312 2636	PptpMiniport - detected UnsignedFile.Multi.Generic (1)
17:59:34.0328 2636	ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
17:59:34.0328 2636	ProtectedStorage ( UnsignedFile.Multi.Generic ) - warning
17:59:34.0328 2636	ProtectedStorage - detected UnsignedFile.Multi.Generic (1)
17:59:34.0343 2636	PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
17:59:34.0375 2636	PSched ( UnsignedFile.Multi.Generic ) - warning
17:59:34.0375 2636	PSched - detected UnsignedFile.Multi.Generic (1)
17:59:34.0406 2636	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:59:34.0406 2636	Ptilink ( UnsignedFile.Multi.Generic ) - warning
17:59:34.0406 2636	Ptilink - detected UnsignedFile.Multi.Generic (1)
17:59:34.0421 2636	ql1080 - ok
17:59:34.0437 2636	Ql10wnt - ok
17:59:34.0453 2636	ql12160 - ok
17:59:34.0468 2636	ql1240 - ok
17:59:34.0484 2636	ql1280 - ok
17:59:34.0500 2636	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:59:34.0515 2636	RasAcd ( UnsignedFile.Multi.Generic ) - warning
17:59:34.0515 2636	RasAcd - detected UnsignedFile.Multi.Generic (1)
17:59:34.0546 2636	RasAuto         (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
17:59:34.0562 2636	RasAuto ( UnsignedFile.Multi.Generic ) - warning
17:59:34.0562 2636	RasAuto - detected UnsignedFile.Multi.Generic (1)
17:59:34.0593 2636	Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:59:34.0593 2636	Rasl2tp ( UnsignedFile.Multi.Generic ) - warning
17:59:34.0593 2636	Rasl2tp - detected UnsignedFile.Multi.Generic (1)
17:59:34.0625 2636	RasMan          (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
17:59:34.0640 2636	RasMan ( UnsignedFile.Multi.Generic ) - warning
17:59:34.0640 2636	RasMan - detected UnsignedFile.Multi.Generic (1)
17:59:34.0656 2636	RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:59:34.0656 2636	RasPppoe ( UnsignedFile.Multi.Generic ) - warning
17:59:34.0656 2636	RasPppoe - detected UnsignedFile.Multi.Generic (1)
17:59:34.0671 2636	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
17:59:34.0687 2636	Raspti ( UnsignedFile.Multi.Generic ) - warning
17:59:34.0687 2636	Raspti - detected UnsignedFile.Multi.Generic (1)
17:59:34.0703 2636	Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:59:34.0718 2636	Rdbss ( UnsignedFile.Multi.Generic ) - warning
17:59:34.0718 2636	Rdbss - detected UnsignedFile.Multi.Generic (1)
17:59:34.0734 2636	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:59:34.0750 2636	RDPCDD ( UnsignedFile.Multi.Generic ) - warning
17:59:34.0750 2636	RDPCDD - detected UnsignedFile.Multi.Generic (1)
17:59:34.0812 2636	rdpdr           (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:59:34.0828 2636	rdpdr ( UnsignedFile.Multi.Generic ) - warning
17:59:34.0828 2636	rdpdr - detected UnsignedFile.Multi.Generic (1)
17:59:34.0890 2636	RDPWD           (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
17:59:34.0953 2636	RDPWD - ok
17:59:35.0000 2636	RDSessMgr       (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
17:59:35.0015 2636	RDSessMgr ( UnsignedFile.Multi.Generic ) - warning
17:59:35.0015 2636	RDSessMgr - detected UnsignedFile.Multi.Generic (1)
17:59:35.0078 2636	RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
17:59:35.0093 2636	RemoteAccess ( UnsignedFile.Multi.Generic ) - warning
17:59:35.0093 2636	RemoteAccess - detected UnsignedFile.Multi.Generic (1)
17:59:35.0125 2636	RemoteRegistry  (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
17:59:35.0140 2636	RemoteRegistry ( UnsignedFile.Multi.Generic ) - warning
17:59:35.0140 2636	RemoteRegistry - detected UnsignedFile.Multi.Generic (1)
17:59:35.0171 2636	RpcLocator      (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
17:59:35.0187 2636	RpcLocator ( UnsignedFile.Multi.Generic ) - warning
17:59:35.0187 2636	RpcLocator - detected UnsignedFile.Multi.Generic (1)
17:59:35.0234 2636	RpcSs           (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
17:59:35.0281 2636	RpcSs - ok
17:59:35.0312 2636	RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
17:59:35.0328 2636	RSVP ( UnsignedFile.Multi.Generic ) - warning
17:59:35.0328 2636	RSVP - detected UnsignedFile.Multi.Generic (1)
17:59:35.0390 2636	rtl8187Se       (85334aa5417ba063e9aae58eb3c7280d) C:\WINDOWS\system32\DRIVERS\rtl8187Se.sys
17:59:35.0421 2636	rtl8187Se ( UnsignedFile.Multi.Generic ) - warning
17:59:35.0421 2636	rtl8187Se - detected UnsignedFile.Multi.Generic (1)
17:59:35.0468 2636	RTLE8023xp      (79b4fe884c18dd82d5449f6b6026d092) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
17:59:35.0484 2636	RTLE8023xp ( UnsignedFile.Multi.Generic ) - warning
17:59:35.0484 2636	RTLE8023xp - detected UnsignedFile.Multi.Generic (1)
17:59:35.0546 2636	RTLWUSB         (5a850259b849a899990379a75460a4eb) C:\WINDOWS\system32\DRIVERS\RTL8187.sys
17:59:35.0578 2636	RTLWUSB ( UnsignedFile.Multi.Generic ) - warning
17:59:35.0578 2636	RTLWUSB - detected UnsignedFile.Multi.Generic (1)
17:59:35.0625 2636	SamSs           (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
17:59:35.0640 2636	SamSs ( UnsignedFile.Multi.Generic ) - warning
17:59:35.0640 2636	SamSs - detected UnsignedFile.Multi.Generic (1)
17:59:35.0671 2636	SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
17:59:35.0687 2636	SCardSvr ( UnsignedFile.Multi.Generic ) - warning
17:59:35.0687 2636	SCardSvr - detected UnsignedFile.Multi.Generic (1)
17:59:35.0718 2636	Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
17:59:35.0750 2636	Schedule ( UnsignedFile.Multi.Generic ) - warning
17:59:35.0750 2636	Schedule - detected UnsignedFile.Multi.Generic (1)
17:59:35.0781 2636	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:59:35.0781 2636	Secdrv ( UnsignedFile.Multi.Generic ) - warning
17:59:35.0781 2636	Secdrv - detected UnsignedFile.Multi.Generic (1)
17:59:35.0812 2636	seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
17:59:35.0843 2636	seclogon ( UnsignedFile.Multi.Generic ) - warning
17:59:35.0843 2636	seclogon - detected UnsignedFile.Multi.Generic (1)
17:59:35.0875 2636	SENS            (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
17:59:35.0875 2636	SENS ( UnsignedFile.Multi.Generic ) - warning
17:59:35.0875 2636	SENS - detected UnsignedFile.Multi.Generic (1)
17:59:35.0921 2636	Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\drivers\Serial.sys
17:59:35.0953 2636	Serial ( UnsignedFile.Multi.Generic ) - warning
17:59:35.0953 2636	Serial - detected UnsignedFile.Multi.Generic (1)
17:59:35.0984 2636	Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
17:59:35.0984 2636	Sfloppy ( UnsignedFile.Multi.Generic ) - warning
17:59:35.0984 2636	Sfloppy - detected UnsignedFile.Multi.Generic (1)
17:59:36.0046 2636	SharedAccess    (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
17:59:36.0093 2636	SharedAccess ( UnsignedFile.Multi.Generic ) - warning
17:59:36.0093 2636	SharedAccess - detected UnsignedFile.Multi.Generic (1)
17:59:36.0140 2636	ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
17:59:36.0187 2636	ShellHWDetection - ok
17:59:36.0203 2636	Simbad - ok
17:59:36.0234 2636	SLIP            (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
17:59:36.0234 2636	SLIP ( UnsignedFile.Multi.Generic ) - warning
17:59:36.0234 2636	SLIP - detected UnsignedFile.Multi.Generic (1)
17:59:36.0250 2636	Sparrow - ok
17:59:36.0312 2636	splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
17:59:36.0312 2636	splitter ( UnsignedFile.Multi.Generic ) - warning
17:59:36.0312 2636	splitter - detected UnsignedFile.Multi.Generic (1)
17:59:36.0375 2636	Spooler         (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
17:59:36.0687 2636	Spooler - ok
17:59:36.0718 2636	sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
17:59:36.0734 2636	sr ( UnsignedFile.Multi.Generic ) - warning
17:59:36.0734 2636	sr - detected UnsignedFile.Multi.Generic (1)
17:59:36.0765 2636	srservice       (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
17:59:36.0796 2636	srservice ( UnsignedFile.Multi.Generic ) - warning
17:59:36.0796 2636	srservice - detected UnsignedFile.Multi.Generic (1)
17:59:36.0828 2636	Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
17:59:36.0937 2636	Srv - ok
17:59:37.0000 2636	SSDPSRV         (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
17:59:37.0015 2636	SSDPSRV ( UnsignedFile.Multi.Generic ) - warning
17:59:37.0015 2636	SSDPSRV - detected UnsignedFile.Multi.Generic (1)
17:59:37.0046 2636	SSPORT          (ef3458337d7341a05169cefc73709264) C:\WINDOWS\system32\Drivers\SSPORT.sys
17:59:37.0078 2636	SSPORT ( UnsignedFile.Multi.Generic ) - warning
17:59:37.0078 2636	SSPORT - detected UnsignedFile.Multi.Generic (1)
17:59:37.0109 2636	stisvc          (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
17:59:37.0156 2636	stisvc ( UnsignedFile.Multi.Generic ) - warning
17:59:37.0156 2636	stisvc - detected UnsignedFile.Multi.Generic (1)
17:59:37.0187 2636	streamip        (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
17:59:37.0203 2636	streamip ( UnsignedFile.Multi.Generic ) - warning
17:59:37.0203 2636	streamip - detected UnsignedFile.Multi.Generic (1)
17:59:37.0234 2636	swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
17:59:37.0234 2636	swenum ( UnsignedFile.Multi.Generic ) - warning
17:59:37.0250 2636	swenum - detected UnsignedFile.Multi.Generic (1)
17:59:37.0296 2636	swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
17:59:37.0296 2636	swmidi ( UnsignedFile.Multi.Generic ) - warning
17:59:37.0296 2636	swmidi - detected UnsignedFile.Multi.Generic (1)
17:59:37.0312 2636	SwPrv - ok
17:59:37.0343 2636	symc810 - ok
17:59:37.0359 2636	symc8xx - ok
17:59:37.0375 2636	sym_hi - ok
17:59:37.0390 2636	sym_u3 - ok
17:59:37.0453 2636	SynTP           (7d48367a65c546b0d2505946120bcce9) C:\WINDOWS\system32\DRIVERS\SynTP.sys
17:59:37.0500 2636	SynTP ( UnsignedFile.Multi.Generic ) - warning
17:59:37.0500 2636	SynTP - detected UnsignedFile.Multi.Generic (1)
17:59:37.0562 2636	sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
17:59:37.0578 2636	sysaudio ( UnsignedFile.Multi.Generic ) - warning
17:59:37.0578 2636	sysaudio - detected UnsignedFile.Multi.Generic (1)
17:59:37.0609 2636	SysmonLog       (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
17:59:37.0625 2636	SysmonLog ( UnsignedFile.Multi.Generic ) - warning
17:59:37.0625 2636	SysmonLog - detected UnsignedFile.Multi.Generic (1)
17:59:37.0640 2636	TapiSrv         (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
17:59:37.0671 2636	TapiSrv ( UnsignedFile.Multi.Generic ) - warning
17:59:37.0671 2636	TapiSrv - detected UnsignedFile.Multi.Generic (1)
17:59:37.0765 2636	Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:59:37.0796 2636	Tcpip - ok
17:59:37.0875 2636	TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
17:59:37.0875 2636	TDPIPE ( UnsignedFile.Multi.Generic ) - warning
17:59:37.0875 2636	TDPIPE - detected UnsignedFile.Multi.Generic (1)
17:59:37.0906 2636	TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
17:59:37.0921 2636	TDTCP ( UnsignedFile.Multi.Generic ) - warning
17:59:37.0921 2636	TDTCP - detected UnsignedFile.Multi.Generic (1)
17:59:37.0953 2636	TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
17:59:37.0968 2636	TermDD ( UnsignedFile.Multi.Generic ) - warning
17:59:37.0968 2636	TermDD - detected UnsignedFile.Multi.Generic (1)
17:59:38.0015 2636	TermService     (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
17:59:38.0031 2636	TermService ( UnsignedFile.Multi.Generic ) - warning
17:59:38.0031 2636	TermService - detected UnsignedFile.Multi.Generic (1)
17:59:38.0062 2636	Themes          (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
17:59:38.0093 2636	Themes - ok
17:59:38.0125 2636	THREADACPI      (a3633e498acd7869553f1e5f229a39b1) C:\WINDOWS\system32\DRIVERS\THREADACPI.SYS
17:59:38.0140 2636	THREADACPI ( UnsignedFile.Multi.Generic ) - warning
17:59:38.0140 2636	THREADACPI - detected UnsignedFile.Multi.Generic (1)
17:59:38.0187 2636	TlntSvr         (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\system32\tlntsvr.exe
17:59:38.0203 2636	TlntSvr ( UnsignedFile.Multi.Generic ) - warning
17:59:38.0203 2636	TlntSvr - detected UnsignedFile.Multi.Generic (1)
17:59:38.0203 2636	TosIde - ok
17:59:38.0250 2636	TrkWks          (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
17:59:38.0250 2636	TrkWks ( UnsignedFile.Multi.Generic ) - warning
17:59:38.0250 2636	TrkWks - detected UnsignedFile.Multi.Generic (1)
17:59:38.0281 2636	Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
17:59:38.0296 2636	Udfs ( UnsignedFile.Multi.Generic ) - warning
17:59:38.0296 2636	Udfs - detected UnsignedFile.Multi.Generic (1)
17:59:38.0296 2636	ultra - ok
17:59:38.0343 2636	Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
17:59:38.0375 2636	Update ( UnsignedFile.Multi.Generic ) - warning
17:59:38.0375 2636	Update - detected UnsignedFile.Multi.Generic (1)
17:59:38.0406 2636	upnphost        (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
17:59:38.0421 2636	upnphost ( UnsignedFile.Multi.Generic ) - warning
17:59:38.0421 2636	upnphost - detected UnsignedFile.Multi.Generic (1)
17:59:38.0453 2636	UPS             (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
17:59:38.0453 2636	UPS ( UnsignedFile.Multi.Generic ) - warning
17:59:38.0453 2636	UPS - detected UnsignedFile.Multi.Generic (1)
17:59:38.0500 2636	USBAAPL         (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
17:59:38.0546 2636	USBAAPL - ok
17:59:38.0578 2636	usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:59:38.0593 2636	usbccgp ( UnsignedFile.Multi.Generic ) - warning
17:59:38.0593 2636	usbccgp - detected UnsignedFile.Multi.Generic (1)
17:59:38.0625 2636	usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:59:38.0625 2636	usbehci ( UnsignedFile.Multi.Generic ) - warning
17:59:38.0625 2636	usbehci - detected UnsignedFile.Multi.Generic (1)
17:59:38.0656 2636	usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:59:38.0671 2636	usbhub ( UnsignedFile.Multi.Generic ) - warning
17:59:38.0671 2636	usbhub - detected UnsignedFile.Multi.Generic (1)
17:59:38.0703 2636	usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:59:38.0703 2636	usbprint ( UnsignedFile.Multi.Generic ) - warning
17:59:38.0703 2636	usbprint - detected UnsignedFile.Multi.Generic (1)
17:59:38.0750 2636	usbscan         (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:59:38.0750 2636	usbscan ( UnsignedFile.Multi.Generic ) - warning
17:59:38.0750 2636	usbscan - detected UnsignedFile.Multi.Generic (1)
17:59:38.0812 2636	usbstor         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:59:38.0812 2636	usbstor ( UnsignedFile.Multi.Generic ) - warning
17:59:38.0812 2636	usbstor - detected UnsignedFile.Multi.Generic (1)
17:59:38.0859 2636	usbuhci         (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:59:38.0875 2636	usbuhci ( UnsignedFile.Multi.Generic ) - warning
17:59:38.0875 2636	usbuhci - detected UnsignedFile.Multi.Generic (1)
17:59:38.0906 2636	usbvideo        (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
17:59:38.0906 2636	usbvideo ( UnsignedFile.Multi.Generic ) - warning
17:59:38.0906 2636	usbvideo - detected UnsignedFile.Multi.Generic (1)
17:59:38.0953 2636	VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
17:59:38.0968 2636	VgaSave ( UnsignedFile.Multi.Generic ) - warning
17:59:38.0968 2636	VgaSave - detected UnsignedFile.Multi.Generic (1)
17:59:38.0984 2636	ViaIde - ok
17:59:39.0000 2636	VolSnap         (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
17:59:39.0015 2636	VolSnap ( UnsignedFile.Multi.Generic ) - warning
17:59:39.0015 2636	VolSnap - detected UnsignedFile.Multi.Generic (1)
17:59:39.0062 2636	VSS             (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
17:59:39.0078 2636	VSS ( UnsignedFile.Multi.Generic ) - warning
17:59:39.0078 2636	VSS - detected UnsignedFile.Multi.Generic (1)
17:59:39.0109 2636	W32Time         (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
17:59:39.0109 2636	W32Time ( UnsignedFile.Multi.Generic ) - warning
17:59:39.0109 2636	W32Time - detected UnsignedFile.Multi.Generic (1)
17:59:39.0125 2636	Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:59:39.0140 2636	Wanarp ( UnsignedFile.Multi.Generic ) - warning
17:59:39.0140 2636	Wanarp - detected UnsignedFile.Multi.Generic (1)
17:59:39.0156 2636	WDICA - ok
17:59:39.0187 2636	wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
17:59:39.0203 2636	wdmaud ( UnsignedFile.Multi.Generic ) - warning
17:59:39.0203 2636	wdmaud - detected UnsignedFile.Multi.Generic (1)
17:59:39.0218 2636	WebClient       (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
17:59:39.0234 2636	WebClient ( UnsignedFile.Multi.Generic ) - warning
17:59:39.0234 2636	WebClient - detected UnsignedFile.Multi.Generic (1)
17:59:39.0281 2636	winmgmt         (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
17:59:39.0281 2636	winmgmt ( UnsignedFile.Multi.Generic ) - warning
17:59:39.0281 2636	winmgmt - detected UnsignedFile.Multi.Generic (1)
17:59:39.0343 2636	WmdmPmSN        (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
17:59:39.0437 2636	WmdmPmSN - ok
17:59:39.0500 2636	Wmi             (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
17:59:39.0546 2636	Wmi - ok
17:59:39.0578 2636	WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:59:39.0593 2636	WmiApSrv ( UnsignedFile.Multi.Generic ) - warning
17:59:39.0593 2636	WmiApSrv - detected UnsignedFile.Multi.Generic (1)
17:59:39.0718 2636	WMPNetworkSvc   (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
17:59:39.0796 2636	WMPNetworkSvc - ok
17:59:39.0843 2636	wscsvc          (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
17:59:39.0843 2636	wscsvc ( UnsignedFile.Multi.Generic ) - warning
17:59:39.0843 2636	wscsvc - detected UnsignedFile.Multi.Generic (1)
17:59:39.0890 2636	WSTCODEC        (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
17:59:39.0890 2636	WSTCODEC ( UnsignedFile.Multi.Generic ) - warning
17:59:39.0890 2636	WSTCODEC - detected UnsignedFile.Multi.Generic (1)
17:59:39.0937 2636	wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
17:59:39.0937 2636	wuauserv ( UnsignedFile.Multi.Generic ) - warning
17:59:39.0937 2636	wuauserv - detected UnsignedFile.Multi.Generic (1)
17:59:40.0000 2636	WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:59:40.0046 2636	WudfPf - ok
17:59:40.0078 2636	WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:59:40.0093 2636	WudfRd - ok
17:59:40.0109 2636	WudfSvc         (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
17:59:40.0156 2636	WudfSvc - ok
17:59:40.0187 2636	WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
17:59:40.0234 2636	WZCSVC ( UnsignedFile.Multi.Generic ) - warning
17:59:40.0234 2636	WZCSVC - detected UnsignedFile.Multi.Generic (1)
17:59:40.0250 2636	xmlprov         (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
17:59:40.0265 2636	xmlprov ( UnsignedFile.Multi.Generic ) - warning
17:59:40.0265 2636	xmlprov - detected UnsignedFile.Multi.Generic (1)
17:59:40.0296 2636	MBR (0x1B8)     (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
17:59:40.0625 2636	\Device\Harddisk0\DR0 - ok
17:59:40.0625 2636	Boot (0x1200)   (4adaf1bf1be43fb0c91700bdb11c034f) \Device\Harddisk0\DR0\Partition0
17:59:40.0625 2636	\Device\Harddisk0\DR0\Partition0 - ok
17:59:40.0625 2636	Boot (0x1200)   (b7f56f754802b7c9f4f86547e9c6d9bb) \Device\Harddisk0\DR0\Partition1
17:59:40.0640 2636	\Device\Harddisk0\DR0\Partition1 - ok
17:59:40.0640 2636	============================================================
17:59:40.0640 2636	Scan finished
17:59:40.0640 2636	============================================================
17:59:40.0781 2616	Detected object count: 188
17:59:40.0781 2616	Actual detected object count: 188
17:59:45.0265 2616	ACPI ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0265 2616	ACPI ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0265 2616	ACPIEC ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0265 2616	ACPIEC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0265 2616	aec ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0265 2616	aec ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0281 2616	Alerter ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0281 2616	Alerter ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0281 2616	ALG ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0281 2616	ALG ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0281 2616	Ambfilt ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0281 2616	Ambfilt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0281 2616	AppMgmt ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0281 2616	AppMgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0281 2616	AR5416 ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0281 2616	AR5416 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0296 2616	AsyncMac ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0296 2616	AsyncMac ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0296 2616	atapi ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0296 2616	atapi ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0296 2616	Atmarpc ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0296 2616	Atmarpc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0296 2616	AudioSrv ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0296 2616	AudioSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0296 2616	audstub ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0296 2616	audstub ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0312 2616	Beep ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0312 2616	Beep ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0312 2616	BITS ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0312 2616	BITS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0312 2616	Browser ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0312 2616	Browser ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0312 2616	cbidf2k ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0312 2616	cbidf2k ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0328 2616	CCDECODE ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0328 2616	CCDECODE ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0328 2616	Cdaudio ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0328 2616	Cdaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0328 2616	Cdfs ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0328 2616	Cdfs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0328 2616	Cdrom ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0328 2616	Cdrom ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0328 2616	CiSvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0328 2616	CiSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0343 2616	ClipSrv ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0343 2616	ClipSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0343 2616	CmBatt ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0343 2616	CmBatt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0343 2616	Compbatt ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0343 2616	Compbatt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0343 2616	CryptSvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0343 2616	CryptSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0343 2616	Dhcp ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0343 2616	Dhcp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0359 2616	Disk ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0359 2616	Disk ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0359 2616	dmboot ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0359 2616	dmboot ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0359 2616	dmio ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0359 2616	dmio ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0359 2616	dmload ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0359 2616	dmload ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0375 2616	dmserver ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0375 2616	dmserver ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0375 2616	DMusic ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0375 2616	DMusic ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0375 2616	Dot3svc ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0375 2616	Dot3svc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0375 2616	drmkaud ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0375 2616	drmkaud ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0375 2616	EapHost ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0375 2616	EapHost ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0390 2616	ERSvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0390 2616	ERSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0390 2616	Fastfat ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0390 2616	Fastfat ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0390 2616	Fdc ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0390 2616	Fdc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0390 2616	Fips ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0390 2616	Fips ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0390 2616	Flpydisk ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0390 2616	Flpydisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0406 2616	FltMgr ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0406 2616	FltMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0406 2616	Fs_Rec ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0406 2616	Fs_Rec ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0406 2616	Ftdisk ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0406 2616	Ftdisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0406 2616	Gpc ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0406 2616	Gpc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0421 2616	HDAudBus ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0421 2616	HDAudBus ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0421 2616	helpsvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0421 2616	helpsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0421 2616	HidUsb ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0421 2616	HidUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0421 2616	hkmsvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0421 2616	hkmsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0421 2616	HTTP ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0421 2616	HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0437 2616	HTTPFilter ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0437 2616	HTTPFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0437 2616	i8042prt ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0437 2616	i8042prt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0437 2616	ialm ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0437 2616	ialm ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0437 2616	Imapi ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0437 2616	Imapi ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0437 2616	ImapiService ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0437 2616	ImapiService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0453 2616	IntcAzAudAddService ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0453 2616	IntcAzAudAddService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0453 2616	intelppm ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0453 2616	intelppm ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0453 2616	Ip6Fw ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0453 2616	Ip6Fw ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0453 2616	IpFilterDriver ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0453 2616	IpFilterDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0468 2616	IpInIp ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0468 2616	IpInIp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0468 2616	IpNat ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0468 2616	IpNat ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0468 2616	IPSec ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0468 2616	IPSec ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0468 2616	IRENUM ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0468 2616	IRENUM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0468 2616	isapnp ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0468 2616	isapnp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0484 2616	Kbdclass ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0484 2616	Kbdclass ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0484 2616	kmixer ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0484 2616	kmixer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0484 2616	KSecDD ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0484 2616	KSecDD ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0484 2616	LanmanServer ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0484 2616	LanmanServer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0484 2616	LmHosts ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0484 2616	LmHosts ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0500 2616	Messenger ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0500 2616	Messenger ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0500 2616	mnmdd ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0500 2616	mnmdd ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0500 2616	mnmsrvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0500 2616	mnmsrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0500 2616	Modem ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0500 2616	Modem ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0500 2616	Monfilt ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0500 2616	Monfilt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0515 2616	Mouclass ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0515 2616	Mouclass ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0515 2616	mouhid ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0515 2616	mouhid ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0515 2616	MountMgr ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0515 2616	MountMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0515 2616	MRxDAV ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0515 2616	MRxDAV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0515 2616	MSDTC ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0531 2616	MSDTC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0531 2616	Msfs ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0531 2616	Msfs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0531 2616	MSKSSRV ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0531 2616	MSKSSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0531 2616	MSPCLOCK ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0531 2616	MSPCLOCK ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0531 2616	MSPQM ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0531 2616	MSPQM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0546 2616	mssmbios ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0546 2616	mssmbios ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0546 2616	MSTEE ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0546 2616	MSTEE ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0546 2616	NABTSFEC ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0546 2616	NABTSFEC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0546 2616	napagent ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0546 2616	napagent ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0546 2616	NDIS ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0546 2616	NDIS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0562 2616	NdisIP ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0562 2616	NdisIP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0562 2616	Ndisuio ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0562 2616	Ndisuio ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0562 2616	NdisWan ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0562 2616	NdisWan ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0562 2616	NetBIOS ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0562 2616	NetBIOS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0578 2616	NetBT ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0578 2616	NetBT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0578 2616	NetDDE ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0578 2616	NetDDE ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0578 2616	NetDDEdsdm ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0578 2616	NetDDEdsdm ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0578 2616	Netlogon ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0578 2616	Netlogon ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0578 2616	Netman ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0578 2616	Netman ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0593 2616	Npfs ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0593 2616	Npfs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0593 2616	Ntfs ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0593 2616	Ntfs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0593 2616	NtLmSsp ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0593 2616	NtLmSsp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0593 2616	NtmsSvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0593 2616	NtmsSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0593 2616	Null ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0593 2616	Null ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0609 2616	NwlnkFlt ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0609 2616	NwlnkFlt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0609 2616	NwlnkFwd ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0609 2616	NwlnkFwd ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0609 2616	Parport ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0609 2616	Parport ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0609 2616	PartMgr ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0609 2616	PartMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0625 2616	ParVdm ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0625 2616	ParVdm ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0625 2616	PCI ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0625 2616	PCI ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0625 2616	PCIIde ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0625 2616	PCIIde ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0625 2616	Pcmcia ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0625 2616	Pcmcia ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0625 2616	PolicyAgent ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0625 2616	PolicyAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0640 2616	PptpMiniport ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0640 2616	PptpMiniport ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0640 2616	ProtectedStorage ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0640 2616	ProtectedStorage ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0640 2616	PSched ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0640 2616	PSched ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0640 2616	Ptilink ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0640 2616	Ptilink ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0656 2616	RasAcd ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0656 2616	RasAcd ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0656 2616	RasAuto ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0656 2616	RasAuto ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0656 2616	Rasl2tp ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0656 2616	Rasl2tp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0656 2616	RasMan ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0656 2616	RasMan ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0656 2616	RasPppoe ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0656 2616	RasPppoe ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0671 2616	Raspti ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0671 2616	Raspti ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0671 2616	Rdbss ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0671 2616	Rdbss ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0671 2616	RDPCDD ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0671 2616	RDPCDD ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0671 2616	rdpdr ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0671 2616	rdpdr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0671 2616	RDSessMgr ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0671 2616	RDSessMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0687 2616	RemoteAccess ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0687 2616	RemoteAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0687 2616	RemoteRegistry ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0687 2616	RemoteRegistry ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0687 2616	RpcLocator ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0687 2616	RpcLocator ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0687 2616	RSVP ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0687 2616	RSVP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0703 2616	rtl8187Se ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0703 2616	rtl8187Se ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0703 2616	RTLE8023xp ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0703 2616	RTLE8023xp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0703 2616	RTLWUSB ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0703 2616	RTLWUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0703 2616	SamSs ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0703 2616	SamSs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0703 2616	SCardSvr ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0703 2616	SCardSvr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0734 2616	Schedule ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0734 2616	Schedule ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0734 2616	Secdrv ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0734 2616	Secdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0734 2616	seclogon ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0734 2616	seclogon ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0734 2616	SENS ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0734 2616	SENS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0734 2616	Serial ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0734 2616	Serial ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0750 2616	Sfloppy ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0750 2616	Sfloppy ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0750 2616	SharedAccess ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0750 2616	SharedAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0750 2616	SLIP ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0750 2616	SLIP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0750 2616	splitter ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0750 2616	splitter ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0750 2616	sr ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0765 2616	sr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0765 2616	srservice ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0765 2616	srservice ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0765 2616	SSDPSRV ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0765 2616	SSDPSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0765 2616	SSPORT ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0765 2616	SSPORT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0765 2616	stisvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0765 2616	stisvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0781 2616	streamip ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0781 2616	streamip ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0781 2616	swenum ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0781 2616	swenum ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0781 2616	swmidi ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0781 2616	swmidi ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0781 2616	SynTP ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0781 2616	SynTP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0781 2616	sysaudio ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0781 2616	sysaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0796 2616	SysmonLog ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0796 2616	SysmonLog ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0796 2616	TapiSrv ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0796 2616	TapiSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0796 2616	TDPIPE ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0796 2616	TDPIPE ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0796 2616	TDTCP ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0796 2616	TDTCP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0796 2616	TermDD ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0796 2616	TermDD ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0812 2616	TermService ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0812 2616	TermService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0812 2616	THREADACPI ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0812 2616	THREADACPI ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0812 2616	TlntSvr ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0812 2616	TlntSvr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0812 2616	TrkWks ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0812 2616	TrkWks ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0828 2616	Udfs ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0828 2616	Udfs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0828 2616	Update ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0828 2616	Update ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0828 2616	upnphost ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0828 2616	upnphost ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0828 2616	UPS ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0828 2616	UPS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0828 2616	usbccgp ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0828 2616	usbccgp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0843 2616	usbehci ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0843 2616	usbehci ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0843 2616	usbhub ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0843 2616	usbhub ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0843 2616	usbprint ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0843 2616	usbprint ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0843 2616	usbscan ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0843 2616	usbscan ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0843 2616	usbstor ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0843 2616	usbstor ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0859 2616	usbuhci ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0859 2616	usbuhci ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0859 2616	usbvideo ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0859 2616	usbvideo ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0859 2616	VgaSave ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0859 2616	VgaSave ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0859 2616	VolSnap ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0859 2616	VolSnap ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0859 2616	VSS ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0859 2616	VSS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0875 2616	W32Time ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0875 2616	W32Time ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0875 2616	Wanarp ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0875 2616	Wanarp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0875 2616	wdmaud ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0875 2616	wdmaud ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0875 2616	WebClient ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0875 2616	WebClient ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0890 2616	winmgmt ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0890 2616	winmgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0890 2616	WmiApSrv ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0890 2616	WmiApSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0890 2616	wscsvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0890 2616	wscsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0890 2616	WSTCODEC ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0890 2616	WSTCODEC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0890 2616	wuauserv ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0890 2616	wuauserv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0906 2616	WZCSVC ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0906 2616	WZCSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:59:45.0906 2616	xmlprov ( UnsignedFile.Multi.Generic ) - skipped by user
17:59:45.0906 2616	xmlprov ( UnsignedFile.Multi.Generic ) - User select action: Skip

cosinus · 15.04.2012, 17:49

Oh

das Log war doch vollständig, nur hab ich das bei den 188 "Funden" vom TDSS-Killer anderes gedeutet , sry

Die Funde kannst du ignorieren

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Lade dir ComboFix hier herunter auf deinen Desktop.

Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

Jenniferle · 15.04.2012, 19:42

so, habe den combo fix scan durchbeführt- im anschluss war auf einmal der internet explorer bei mir installiert sowie als standard-browser gesetzt, sonst ist aber alles beim alten. hier der log:

Code:

ATTFilter

ComboFix 12-04-15.02 - Administrator 15.04.2012  20:23:46.1.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.49.1031.18.2038.1527 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Administrator\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\SET35.tmp
c:\windows\system32\SET38.tmp
c:\windows\system32\SET3A.tmp
c:\windows\system32\SET3B.tmp
c:\windows\system32\SET42.tmp
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-03-15 bis 2012-04-15  ))))))))))))))))))))))))))))))
.
.
2012-04-15 17:57 . 2012-04-15 17:57	29904	----a-w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{E6C8325B-811F-4B26-8ACB-ACA24F1E72BC}\MpKslc3400293.sys
2012-04-15 16:03 . 2012-03-14 02:15	6582328	----a-w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{E6C8325B-811F-4B26-8ACB-ACA24F1E72BC}\mpengine.dll
2012-04-07 06:49 . 2012-04-07 06:49	--------	d-----w-	c:\programme\ESET
2012-04-07 05:47 . 2012-04-07 05:47	--------	d-----w-	C:\_OTL
2012-04-07 04:18 . 2012-04-07 04:18	--------	d-----w-	c:\dokumente und einstellungen\Administrator\Anwendungsdaten\Malwarebytes
2012-04-07 04:18 . 2012-04-07 04:18	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes
2012-04-07 04:18 . 2012-04-07 04:18	--------	d-----w-	c:\programme\Malwarebytes' Anti-Malware
2012-04-07 04:18 . 2011-12-10 13:24	20464	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-03-25 16:55 . 2012-03-25 16:55	592824	----a-w-	c:\programme\Mozilla Firefox\gkmedias.dll
2012-03-25 16:55 . 2012-03-25 16:55	44472	----a-w-	c:\programme\Mozilla Firefox\mozglue.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-14 02:15 . 2011-10-27 18:25	6582328	----a-w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-02-29 14:09 . 2009-07-19 17:56	148480	----a-w-	c:\windows\system32\imagehlp.dll
2012-02-29 14:09 . 2009-07-19 17:49	177664	----a-w-	c:\windows\system32\wintrust.dll
2012-02-28 18:49 . 2009-07-19 17:41	672768	----a-w-	c:\windows\system32\wininet.dll
2012-02-28 18:49 . 2009-07-19 17:26	61952	----a-w-	c:\windows\system32\tdc.ocx
2012-02-28 18:49 . 2009-07-19 17:56	81920	----a-w-	c:\windows\system32\ieencode.dll
2012-02-28 18:47 . 2009-07-19 17:27	371200	----a-w-	c:\windows\system32\html.iec
2012-02-03 09:57 . 2009-07-19 17:29	1860224	----a-w-	c:\windows\system32\win32k.sys
2012-01-31 12:44 . 2010-08-18 16:37	237072	------w-	c:\windows\system32\MpSigStub.exe
2012-03-25 16:55 . 2011-12-30 21:42	97208	----a-w-	c:\programme\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\atapi.sys
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
.
[-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\asyncmac.sys
[-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys
.
[-] 2006-02-28 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[-] 2006-02-28 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys
.
[-] 2008-04-14 . 1704D8C4C8807B889E43C649B478A452 . 25216 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys
.
[-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ndis.sys
[-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys
.
[-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ntfs.sys
[-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys
.
[-] 2006-02-28 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[-] 2006-02-28 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys
.
[-] 2008-04-14 . B42057F06BBB98B31876C0B3F2B54E33 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll
[-] 2008-04-14 . B42057F06BBB98B31876C0B3F2B54E33 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\browser.dll
.
[-] 2008-04-14 . AFB8261B56CBA0D86AEB6DF682AF9785 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[-] 2008-04-14 . AFB8261B56CBA0D86AEB6DF682AF9785 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lsass.exe
.
[-] 2008-04-14 . E6D88F1F6745BF00B57E7855A2AB696C . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
[-] 2008-04-14 . E6D88F1F6745BF00B57E7855A2AB696C . 198144 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netman.dll
.
[-] 2008-04-14 07:52 . D0DE8A2EC95184E5193BB4B3112E29DF . 846848 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
[-] 2008-04-14 07:52 . D0DE8A2EC95184E5193BB4B3112E29DF . 846848 . . [2001.12.4414.700] . . c:\windows\system32\dllcache\comres.dll
.
[-] 2008-04-14 . D6F603772A789BB3228F310D650B8BD1 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[-] 2008-04-14 . D6F603772A789BB3228F310D650B8BD1 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\dllcache\qmgr.dll
.
[-] 2008-04-14 . F09A527B422E25C478E38CAA0E44417A . 513024 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2008-04-14 . F09A527B422E25C478E38CAA0E44417A . 513024 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\winlogon.exe
.
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ipsec.sys
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
.
[-] 2008-04-14 . 611F824E5C703A5A899F84C5F1699E4D . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[-] 2008-04-14 . 611F824E5C703A5A899F84C5F1699E4D . 62464 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cryptsvc.dll
.
[-] 2008-04-14 . F9954695D246B33A5BF105029A4C6AB6 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[-] 2008-04-14 . F9954695D246B33A5BF105029A4C6AB6 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\imm32.dll
.
[-] 2008-04-14 . 5543A9D4A1D0F9F84092482A9373A024 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2008-04-14 . 5543A9D4A1D0F9F84092482A9373A024 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\linkinfo.dll
.
[-] 2008-04-14 . F38F3C47BBFFD748C1359AB171C3A630 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[-] 2008-04-14 . F38F3C47BBFFD748C1359AB171C3A630 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lpk.dll
.
[-] 2008-04-14 . C6A6E53A0C34EC87883137A6CB87AE5E . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[-] 2008-04-14 . C6A6E53A0C34EC87883137A6CB87AE5E . 343040 . . [7.0.2600.5512] . . c:\windows\system32\dllcache\msvcrt.dll
[-] 2008-04-14 . C536AAD8A71608FE33CD956214EDD366 . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
[-] 2006-02-28 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
.
[-] 2008-04-14 . 0098D35F91DEAB9C127360A877F2CF84 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[-] 2008-04-14 . 0098D35F91DEAB9C127360A877F2CF84 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netlogon.dll
.
[-] 2008-04-14 . C8C0BDABC966B6C24D337DF0A0A399E1 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[-] 2008-04-14 . C8C0BDABC966B6C24D337DF0A0A399E1 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\powrprof.dll
.
[-] 2008-04-14 . 5132443DF6FC3771A17AB4AE55DCBC28 . 187904 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[-] 2008-04-14 . 5132443DF6FC3771A17AB4AE55DCBC28 . 187904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\scecli.dll
.
[-] 2008-04-14 . 44161A59DC33AC2EA9C95438ADFFFB7F . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[-] 2008-04-14 . 44161A59DC33AC2EA9C95438ADFFFB7F . 5120 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\sfc.dll
.
[-] 2008-04-14 . 4FBC75B74479C7A6F829E0CA19DF3366 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[-] 2008-04-14 . 4FBC75B74479C7A6F829E0CA19DF3366 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\svchost.exe
.
[-] 2008-04-14 . 05903CAC4B98908D55EA5774775B382E . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[-] 2008-04-14 . 05903CAC4B98908D55EA5774775B382E . 249856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\tapisrv.dll
.
[-] 2008-04-14 . B0050CC5340E3A0760DD8B417FF7AEBD . 580096 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2008-04-14 . B0050CC5340E3A0760DD8B417FF7AEBD . 580096 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\user32.dll
.
[-] 2008-04-14 . 788F95312E26389D596C0FA55834E106 . 26624 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[-] 2008-04-14 . 788F95312E26389D596C0FA55834E106 . 26624 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\userinit.exe
.
[-] 2008-04-14 . 6A35E2D6F5F052C84EC2CEB296389439 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[-] 2008-04-14 . 6A35E2D6F5F052C84EC2CEB296389439 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2_32.dll
.
[-] 2008-04-14 . C7D8A0517CBF16B84F657DE87EBE9D4B . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll
[-] 2008-04-14 . C7D8A0517CBF16B84F657DE87EBE9D4B . 19968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2help.dll
.
[-] 2008-04-14 . 418045A93CD87A352098AB7DABE1B53E . 1036800 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 418045A93CD87A352098AB7DABE1B53E . 1036800 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\explorer.exe
.
[-] 2008-04-14 . AD9226BF3CED13636083BB9C76E9D2A2 . 153600 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[-] 2008-04-14 . AD9226BF3CED13636083BB9C76E9D2A2 . 153600 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regedit.exe
.
[-] 2008-04-14 . 671ABB33C712B1585A5BF7ADD36AD96E . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ksuser.dll
[-] 2008-04-14 . 671ABB33C712B1585A5BF7ADD36AD96E . 4096 . . [5.3.2600.5512] . . c:\windows\system32\dllcache\ksuser.dll
[-] 2008-04-14 . 671ABB33C712B1585A5BF7ADD36AD96E . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ReinstallBackups\0011\DriverFiles\i386\ksuser.dll
.
[-] 2008-04-14 . 01B4E6E990B6C5EA8856D96C7FD044B2 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2008-04-14 . 01B4E6E990B6C5EA8856D96C7FD044B2 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ctfmon.exe
.
[-] 2008-04-14 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2008-04-14 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\srsvc.dll
.
[-] 2008-04-14 . EDAFBE25FB6480CE68F688BA691890DC . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[-] 2008-04-14 . EDAFBE25FB6480CE68F688BA691890DC . 13824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wscntfy.exe
.
[-] 2008-04-14 . 0ADA34871A2E1CD2CAAFED1237A47750 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[-] 2008-04-14 . 0ADA34871A2E1CD2CAAFED1237A47750 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\xmlprov.dll
.
[-] 2008-04-14 . 04955AA695448C181B367D964AF158AA . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
[-] 2008-04-14 . 04955AA695448C181B367D964AF158AA . 56320 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\eventlog.dll
.
[-] 2008-04-14 . 5251425B86EA4A3532B8BB8D14044E61 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[-] 2008-04-14 . 5251425B86EA4A3532B8BB8D14044E61 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\sfcfiles.dll
.
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ipsec.sys
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
.
[-] 2008-04-14 . E4CD1F3D84E1C2CA0B8CF7501E201593 . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[-] 2008-04-14 . E4CD1F3D84E1C2CA0B8CF7501E201593 . 59904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regsvc.dll
.
[-] 2008-04-14 . A050194A44D7FA8D7186ED2F4E8367AE . 193536 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[-] 2008-04-14 . A050194A44D7FA8D7186ED2F4E8367AE . 193536 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\schedsvc.dll
.
[-] 2008-04-14 . 4DF5B05DFAEC29E13E1ED6F6EE12C500 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[-] 2008-04-14 . 4DF5B05DFAEC29E13E1ED6F6EE12C500 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ssdpsrv.dll
.
[-] 2008-04-14 . B7DE02C863D8F5A005A7BF375375A6A4 . 297472 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[-] 2008-04-14 . B7DE02C863D8F5A005A7BF375375A6A4 . 297472 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\termsrv.dll
.
[-] 2008-04-14 . 0DAF0705D7B39C94E287913226688804 . 348672 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll
[-] 2008-04-14 . 0DAF0705D7B39C94E287913226688804 . 348672 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\hnetcfg.dll
.
[-] 2008-04-14 . D45960BE52C3C610D361977057F98C54 . 175616 . . [5.1.2600.5512] . . c:\windows\system32\appmgmts.dll
[-] 2008-04-14 . D45960BE52C3C610D361977057F98C54 . 175616 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\appmgmts.dll
.
[-] 2006-02-28 . 9E1CA3160DAFB159CA14F83B1E317F75 . 12160 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
.
[-] 2008-04-13 20:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\dllcache\aec.sys
[-] 2008-04-13 20:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
.
[-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ip6fw.sys
[-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
.
[-] 2008-04-14 . B7550A7107281D170CE85524B1488C98 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[-] 2008-04-14 . B7550A7107281D170CE85524B1488C98 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\msgsvc.dll
.
[-] 2008-04-14 07:52 . 56AF4064996FA5BAC9C449B1514B4770 . 438272 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[-] 2008-04-14 07:52 . 56AF4064996FA5BAC9C449B1514B4770 . 438272 . . [5.1.2400.5512] . . c:\windows\system32\dllcache\ntmssvc.dll
.
[-] 2008-04-14 . 1DFD8975D8C89214B98D9387C1125B49 . 186880 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[-] 2008-04-14 . 1DFD8975D8C89214B98D9387C1125B49 . 186880 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\upnphost.dll
.
[-] 2008-04-14 . 9236E736EDB57BE7D1EF6274410E3BAC . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
[-] 2008-04-14 . 9236E736EDB57BE7D1EF6274410E3BAC . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dllcache\dsound.dll
.
[-] 2008-04-14 . 36969CF86E51EC8ED202B40F2FA80AA6 . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll
[-] 2008-04-14 . 36969CF86E51EC8ED202B40F2FA80AA6 . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\dllcache\d3d9.dll
.
[-] 2008-04-14 . 4A37188B83B00DD9CFBA049687AD0DAF . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll
[-] 2008-04-14 . 4A37188B83B00DD9CFBA049687AD0DAF . 279552 . . [5.03.2600.5512] . . c:\windows\system32\dllcache\ddraw.dll
.
[-] 2008-04-14 07:52 . 5D7F5A46975D2E59A6FECB6C231D200F . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll
[-] 2008-04-14 07:52 . 5D7F5A46975D2E59A6FECB6C231D200F . 84992 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\olepro32.dll
.
[-] 2008-04-14 . C47FD93010649AC0D79022D9B69ADBE4 . 41984 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll
[-] 2008-04-14 . C47FD93010649AC0D79022D9B69ADBE4 . 41984 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\perfctrs.dll
.
[-] 2008-04-14 . F86000634319F71535BCE6B06995EE99 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll
[-] 2008-04-14 . F86000634319F71535BCE6B06995EE99 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\version.dll
.
[-] 2008-04-14 . 3BFE49B4CDFAC83B0F3C79412895A179 . 93184 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\iexplore.exe
.
[-] 2008-04-14 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2008-04-14 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\srsvc.dll
.
[-] 2008-04-14 . 7B353059E665F8B7AD2BBEAEF597CF45 . 177152 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll
[-] 2008-04-14 . 7B353059E665F8B7AD2BBEAEF597CF45 . 177152 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\w32time.dll
.
[-] 2008-04-14 . BC2C5985611C5356B24AEB370953DED9 . 334336 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll
[-] 2008-04-14 . BC2C5985611C5356B24AEB370953DED9 . 334336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wiaservc.dll
.
[-] 2008-04-14 . 2CF969B9BF1EF069075DCDCE309FAAE1 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\midimap.dll
[-] 2008-04-14 . 2CF969B9BF1EF069075DCDCE309FAAE1 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\midimap.dll
.
[-] 2008-04-14 . 469FED8597896DB77B49384BE90E2E0A . 7680 . . [5.1.2600.5512] . . c:\windows\system32\rasadhlp.dll
[-] 2008-04-14 . 469FED8597896DB77B49384BE90E2E0A . 7680 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\rasadhlp.dll
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\dokumente und einstellungen\Administrator\Anwendungsdaten\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\dokumente und einstellungen\Administrator\Anwendungsdaten\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\dokumente und einstellungen\Administrator\Anwendungsdaten\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\dokumente und einstellungen\Administrator\Anwendungsdaten\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 131072]
"SynTPEnh"="c:\programme\Synaptics\SynTP\SynTPEnh.exe" [2008-10-16 1347584]
"Threadpresent"="c:\programme\Thread\SYDpresent.exe" [2009-06-12 560640]
"RTHDCPL"="RTHDCPL.EXE" [2009-05-21 17881600]
"MSC"="c:\programme\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2010-10-29 249064]
"QuickTime Task"="c:\programme\QuickTime\QTTask.exe" [2011-07-05 421888]
"APSDaemon"="c:\programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"iTunesHelper"="c:\programme\iTunes\iTunesHelper.exe" [2011-12-08 421736]
"CDAServer"="c:\programme\Gemeinsame Dateien\Common Desktop Agent\CDASrv.exe" [2010-11-26 331264]
"Malwarebytes' Anti-Malware"="c:\programme\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
"Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\GEMEIN~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]
.
c:\dokumente und einstellungen\Administrator\Startmenü\Programme\Autostart\
Dropbox.lnk - c:\dokumente und einstellungen\Administrator\Anwendungsdaten\Dropbox\bin\Dropbox.exe [2012-2-15 24246216]
OpenOffice.org 3.2.lnk - c:\programme\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]
.
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\
McAfee Security Scan Plus.lnk - c:\programme\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Dokumente und Einstellungen\\Administrator\\Anwendungsdaten\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Programme\\Gemeinsame Dateien\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Programme\\Bonjour\\mDNSResponder.exe"=
"c:\\Programme\\iTunes\\iTunes.exe"=
"c:\\Programme\\Gemeinsame Dateien\\Common Desktop Agent\\CDASrv.exe"=
"c:\\Programme\\Samsung\\Easy Printer Manager\\IDS.Application.exe"=
"c:\\Programme\\Samsung\\Easy Printer Manager\\OrderSupplies.exe"=
"c:\\Programme\\Samsung\\Easy Printer Manager\\IDSAlert.exe"=
"c:\\Programme\\Samsung\\Easy Printer Manager\\CDAS2PC\\CDAS2PC.exe"=
.
R0 THREADACPI;THREAD Firmware Extension Device Driver;c:\windows\system32\drivers\THREADACPI.sys [23.09.2009 22:09 6912]
R1 MpKslc3400293;MpKslc3400293;c:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{E6C8325B-811F-4B26-8ACB-ACA24F1E72BC}\MpKslc3400293.sys [15.04.2012 19:57 29904]
R2 MBAMService;MBAMService;c:\programme\Malwarebytes' Anti-Malware\mbamservice.exe [07.04.2012 06:18 652360]
R2 SSPORT;SSPORT;c:\windows\system32\drivers\SSPORT.sys [15.10.2010 03:41 5120]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [07.04.2012 06:18 20464]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [19.07.2009 19:15 1684736]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\programme\McAfee Security Scan\2.0.181\McCHSvc.exe [15.01.2010 14:49 227232]
S3 RTLWUSB;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187.sys [27.06.2008 09:39 332928]
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2011-08-13 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programme\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]
.
2012-04-15 c:\windows\Tasks\MP Scheduled Scan.job
- c:\programme\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 13:39]
.
.
------- Zusätzlicher Suchlauf -------
.
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 78.42.43.62 192.168.0.1
FF - ProfilePath - c:\dokumente und einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\olth9wjy.default\
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-04-15 20:30
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-04-15  20:35:21
ComboFix-quarantined-files.txt  2012-04-15 18:35
.
Vor Suchlauf: 7 Verzeichnis(se), 32.463.900.672 Bytes frei
Nach Suchlauf: 9 Verzeichnis(se), 32.709.095.424 Bytes frei
.
WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe
[Boot Loader]
timeout=2
Default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[Operating Systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 65591B56392EA2008F5BE5EA30DE2B4A

cosinus · 15.04.2012, 20:33

Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte

aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe - (aswMBR.exe Anleitung)
Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS-Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

Jenniferle · 29.04.2012, 18:31

Sooo, das war jetzt ziemlich viel!!

Hier erstmal der Log aus GMER:

Code:

ATTFilter

GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-04-29 18:40:28
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-5 WDC_WD1600BEVT-00ZCT0 rev.11.01A11
Running: pi9h9zfs.exe; Driver: C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\aflcrfob.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice  \Driver\Kbdclass \Device\KeyboardClass0  SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice  \Driver\Kbdclass \Device\KeyboardClass1  SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

---- EOF - GMER 1.0.15 ----

hier aus OSAM:

Code:

ATTFilter

Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 18:50:56 on 29.04.2012

OS: Windows XP Professional Service Pack 3 (Build 2600)
Default Browser: Mozilla Corporation Firefox 11.0

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Boot Execute]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Session Manager )-----
"BootExecute" - "Microsoft Corporation" - C:\WINDOWS\system32\autochk.exe

[Common]
-----( %SystemRoot%\Tasks )-----
"AppleSoftwareUpdate.job" - "Apple Inc." - C:\Programme\Apple Software Update\SoftwareUpdate.exe
"MP Scheduled Scan.job" - "Microsoft Corporation" - C:\Programme\Microsoft Security Client\Antimalware\MpCmdRun.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"access.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\access.cpl
"ALSNDMGR.CPL" - "Realtek Semiconductor Corp." - C:\WINDOWS\system32\ALSNDMGR.CPL
"appwiz.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\appwiz.cpl
"bthprops.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\bthprops.cpl
"desk.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\desk.cpl
"firewall.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\firewall.cpl
"hdwwiz.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\hdwwiz.cpl
"igfxcpl.cpl" - "Intel Corporation" - C:\WINDOWS\system32\igfxcpl.cpl
"inetcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\inetcpl.cpl
"intl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\intl.cpl
"irprops.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\irprops.cpl
"javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl
"joy.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\joy.cpl
"main.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\main.cpl
"mmsys.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\mmsys.cpl
"ncpa.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\ncpa.cpl
"netsetup.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\netsetup.cpl
"nusrmgr.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\nusrmgr.cpl
"nwc.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\nwc.cpl
"odbccp32.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\odbccp32.cpl
"powercfg.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\powercfg.cpl
"RTSndMgr.CPL" - "Realtek Semiconductor Corp." - C:\WINDOWS\system32\RTSndMgr.CPL
"sysdm.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\sysdm.cpl
"telephon.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\telephon.cpl
"timedate.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\timedate.cpl
"wscui.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\wscui.cpl
"wuaucpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\wuaucpl.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"Internet Connection Firewall" - "Microsoft Corporation" - C:\WINDOWS\system32\Firewall.cpl
"NetSetupWizard" - "Microsoft Corporation" - C:\WINDOWS\system32\NetSetup.cpl
"QuickTime" - "Apple Inc." - C:\Programme\QuickTime\QTSystem\QuickTime.cpl
"Speech" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Speech\sapi.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"Ambfilt" (Ambfilt) - "Creative" - C:\WINDOWS\System32\drivers\Ambfilt.sys
"Asynchroner RAS -Medientreiber" (AsyncMac) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\asyncmac.sys
"Atheros AR5008 Wireless Network Adapter Service" (AR5416) - "Atheros Communications, Inc." - C:\WINDOWS\System32\DRIVERS\athw.sys
"Audiostubtreiber" (audstub) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\audstub.sys
"BDA Slip De-Framer" (SLIP) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\SLIP.sys
"BDA-IPSink" (streamip) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\StreamIP.sys
"Beep" (Beep) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Beep.sys
"catchme" (catchme) - ? - C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\catchme.sys  (File not found)
"Cdaudio" (Cdaudio) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Cdaudio.sys
"Cdrom" (Cdrom) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Cdrom.sys
"Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys  (File not found)
"dmload" (dmload) - "Microsoft Corp., Veritas Software." - C:\WINDOWS\System32\drivers\dmload.sys
"Fdc" (Fdc) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Fdc.sys
"Filtertreiber für IP-Verkehr" (IpFilterDriver) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys
"Filtertreiber für IPX-Verkehr" (NwlnkFlt) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys
"Filtertreiber für Systemwiederherstellung" (sr) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\sr.sys
"Fips" (Fips) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Fips.sys
"Flpydisk" (Flpydisk) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Flpydisk.sys
"FltMgr" (FltMgr) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\fltMgr.sys
"Fs_Rec" (Fs_Rec) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Fs_Rec.sys
"HTTP" (HTTP) - "Microsoft Corporation" - C:\WINDOWS\System32\Drivers\HTTP.sys
"i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys  (File not found)
"i8042-Tastatur- und PS/2-Mausanschluss-Treiber" (i8042prt) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\i8042prt.sys
"ialm" (ialm) - "Intel Corporation" - C:\WINDOWS\System32\DRIVERS\igxpmp32.sys
"Imapi" (Imapi) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Imapi.sys
"Intel-Prozessortreiber" (intelppm) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\intelppm.sys
"IP/IP-Tunneltreiber" (IpInIp) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ipinip.sys
"IPSEC-Treiber" (IPSec) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ipsec.sys
"IPv6-Windows-Firewalltreiber" (Ip6Fw) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\Ip6Fw.sys
"IR-Enumeratordienst" (IRENUM) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\irenum.sys
"KSecDD" (KSecDD) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\KSecDD.sys
"Laufwerktreiber" (Disk) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\disk.sys
"lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys  (File not found)
"Maus-HID-Treiber" (mouhid) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\mouhid.sys
"Mausklassentreiber" (Mouclass) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\mouclass.sys
"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\WINDOWS\system32\drivers\mbam.sys
"Microcode Updatetreiber" (Update) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\update.sys
"Microsoft ACPI-Treiber" (ACPI) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ACPI.sys
"Microsoft Composite Battery-Treiber" (Compbatt) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\compbatt.sys
"Microsoft Embedded Controllertreiber" (ACPIEC) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ACPIEC.sys
"Microsoft HID Class-Treiber" (HidUsb) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\hidusb.sys
"Microsoft Kernel GS Wavetablesynthesizer" (swmidi) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\swmidi.sys
"Microsoft Kernel-Audiosplitter" (splitter) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\splitter.sys
"Microsoft Kernel-DLS-Synthesizer" (DMusic) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\DMusic.sys
"Microsoft Kernel-DRM-Audioentschlüsselung" (drmkaud) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\drmkaud.sys
"Microsoft Kernel-Echounterdrückung" (aec) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\aec.sys
"Microsoft Kernel-Systemaudiogerät" (sysaudio) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\sysaudio.sys
"Microsoft Kernel-Waveaudiomixer" (kmixer) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\kmixer.sys
"Microsoft Proxy für Streaming Clock" (MSPCLOCK) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\MSPCLOCK.sys
"Microsoft Proxy für Streaming Quality Manager" (MSPQM) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\MSPQM.sys
"Microsoft Standard-USB-Haupttreiber" (usbccgp) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\usbccgp.sys
"Microsoft Streaming Service Proxy" (MSKSSRV) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\MSKSSRV.sys
"Microsoft Streaming Tee/Sink-to-Sink-Konvertierung" (MSTEE) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\MSTEE.sys
"Microsoft TV-/Videoverbindung" (NdisIP) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\NdisIP.sys
"Microsoft UAA-Bustreiber für High Definition Audio" (HDAudBus) - "Windows (R) Server 2003 DDK provider" - C:\WINDOWS\System32\DRIVERS\HDAudBus.sys
"Microsoft USB-Druckerklasse" (usbprint) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\usbprint.sys
"Microsoft-Systemverwaltungs-BIOS-Treiber" (mssmbios) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\mssmbios.sys
"Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller" (usbehci) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\usbehci.sys
"Miniporttreiber für universellen Microsoft USB-Hostcontroller" (usbuhci) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\usbuhci.sys
"mnmdd" (mnmdd) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\mnmdd.sys
"Modem" (Modem) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Modem.sys
"Monfilt" (Monfilt) - "Creative Technology Ltd." - C:\WINDOWS\System32\drivers\Monfilt.sys
"MountMgr" (MountMgr) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\MountMgr.sys
"Msfs" (Msfs) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Msfs.sys
"NABTS/FEC VBI-Codec" (NABTSFEC) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys
"NDIS-Benutzermodus-E/A-Protokoll" (Ndisuio) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ndisuio.sys
"NDIS-Systemtreiber" (NDIS) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\NDIS.sys
"NetBios über TCP/IP" (NetBT) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\netbt.sys
"NetBIOS-Schnittstelle" (NetBIOS) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\netbios.sys
"Npfs" (Npfs) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Npfs.sys
"Ntfs" (Ntfs) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Ntfs.sys
"Null" (Null) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Null.sys
"Parallelanschluss (direkt)" (Raspti) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\raspti.sys
"Parport" (Parport) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Parport.sys
"PartMgr" (PartMgr) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\PartMgr.sys
"ParVdm" (ParVdm) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\ParVdm.sys
"PCI-Bus-Treiber" (PCI) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\pci.sys
"PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys  (File not found)
"PCIIde" (PCIIde) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\pciide.sys
"PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys  (File not found)
"PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys  (File not found)
"PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys  (File not found)
"PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys  (File not found)
"PnP-ISA/EISA-Bus-Treiber" (isapnp) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\isapnp.sys
"Protokoll für ATM ARP-Client" (Atmarpc) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\atmarpc.sys
"QoS-Paketplaner" (PSched) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\psched.sys
"RAS-IP-ARP-Treiber" (Wanarp) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\wanarp.sys
"RAS-NDIS-WAN-Treiber" (NdisWan) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ndiswan.sys
"Rdbss" (Rdbss) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\rdbss.sys
"RDPCDD" (RDPCDD) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
"Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver" (RTLE8023xp) - "Realtek Semiconductor Corporation                           " - C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys
"Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter" (RTLWUSB) - "Realtek Semiconductor Corporation                           " - C:\WINDOWS\System32\DRIVERS\RTL8187.sys
"Realtek RTL8187SE Wireless LAN PCIE Network Adapter" (rtl8187Se) - "Realtek Semiconductor Corporation                           " - C:\WINDOWS\System32\DRIVERS\rtl8187Se.sys
"Redirector für WebDav-Client" (MRxDAV) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\mrxdav.sys
"Remotezugriff-PPPOE-Treiber" (RasPppoe) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\raspppoe.sys
"Secdrv" (Secdrv) - "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." - C:\WINDOWS\System32\DRIVERS\secdrv.sys
"Serial" (Serial) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Serial.sys
"Service for Realtek HD Audio (WDM)" (IntcAzAudAddService) - "Realtek Semiconductor Corp." - C:\WINDOWS\System32\drivers\RtkHDAud.sys
"Sfloppy" (Sfloppy) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Sfloppy.sys
"Software-Bus-Treiber" (swenum) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\swenum.sys
"SSPORT" (SSPORT) - "Samsung Electronics" - C:\WINDOWS\system32\Drivers\SSPORT.sys
"Standard-IDE/ESDI-Festplattencontroller" (atapi) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\atapi.sys
"Standardpaketklassifizierung" (Gpc) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\msgpc.sys
"Synaptics TouchPad Driver" (SynTP) - "Synaptics, Inc." - C:\WINDOWS\System32\DRIVERS\SynTP.sys
"Tastaturklassentreiber" (Kbdclass) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\kbdclass.sys
"TDPIPE" (TDPIPE) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\TDPIPE.sys
"TDTCP" (TDTCP) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\TDTCP.sys
"Terminal-Gerätetreiber" (TermDD) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\termdd.sys
"THREAD Firmware Extension Device Driver" (THREADACPI) - "TPS Corporation" - C:\WINDOWS\System32\DRIVERS\THREADACPI.SYS
"Treiber für automatische RAS-Verbindung" (RasAcd) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\rasacd.sys
"Treiber für die Verwaltung logischer Datenträger" (dmio) - "Microsoft Corp., Veritas Software" - C:\WINDOWS\System32\drivers\dmio.sys
"Treiber für direkte Parallelverbindung" (Ptilink) - "Parallel Technologies, Inc." - C:\WINDOWS\System32\DRIVERS\ptilink.sys
"Treiber für IPX-Verkehrsweiterleitung" (NwlnkFwd) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys
"Treiber für Microsoft WINMM-WDM-Audiokompatibilität" (wdmaud) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\wdmaud.sys
"Treiber für Microsoft-ACPI-Kontrollmethodenkompatible Batterie" (CmBatt) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\CmBatt.sys
"Treiber für Terminalserver-Geräteumleitung" (rdpdr) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\rdpdr.sys
"Treiber für Volume-Manager" (Ftdisk) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ftdisk.sys
"Untertiteldecoder" (CCDECODE) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\CCDECODE.sys
"USB-Massenspeichertreiber" (usbstor) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS
"USB-Scannertreiber" (usbscan) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\usbscan.sys
"USB-Videogerät (WDM)" (usbvideo) - "Microsoft Corporation" - C:\WINDOWS\System32\Drivers\usbvideo.sys
"USB2-aktivierter Hub" (usbhub) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\usbhub.sys
"VgaSave" (VgaSave) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\vga.sys
"VolSnap" (VolSnap) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\VolSnap.sys
"WAN-Miniport (L2TP)" (Rasl2tp) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\rasl2tp.sys
"WAN-Miniport (PPTP)" (PptpMiniport) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\raspptp.sys
"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys  (File not found)
"Windows Socket 2.0 Non-IFS Service Provider Support Environment" (WS2IFSL) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\ws2ifsl.sys
"World Standard Teletext-Codec" (WSTCODEC) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS
"Übersetzer für IP-Netzwerkadressen" (IpNat) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ipnat.sys

[Explorer]
-----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -   (File not found | COM-object registry key not found)
{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -   (File not found | COM-object registry key not found)
{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -   (File not found | COM-object registry key not found)
{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{7790769C-0471-11d2-AF11-00C04FA35D02} "Adressbuch 6" - "Microsoft Corporation" - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS "Browseranpassungen" - "Microsoft Corporation" - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
>{26923b43-4d38-484f-9b9e-de460746276c} "Internet Explorer" - "Microsoft Corporation" - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
{89820200-ECBD-11cf-8B85-00AA005B4383} "Internet Explorer 6" - "Microsoft Corporation" - %SystemRoot%\system32\ie4uinit.exe
{44BBA840-CC51-11CF-AAFA-00AA00B6015C} "Microsoft Outlook Express 6" - "Microsoft Corporation" - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
{6BF52A52-394A-11d3-B153-00C04F79FAA6} "Microsoft Windows Media Player" - "Microsoft Corporation" - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub
{44BBA842-CC51-11CF-AAFA-00AA00B6015B} "NetMeeting 3.01" - "Microsoft Corporation" - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
>{881dd1c5-3dcf-431b-b061-f3f88e8be88a} "Outlook Express" - "Microsoft Corporation" - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
{2C7339CF-2B09-4501-B3F3-F3508C9228ED} "Themes Setup" - "Microsoft Corporation" - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
{5945c046-1e7d-11d1-bc44-00c04fd912be} "Windows Messenger 4.7" - "Microsoft Corporation" - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
-----( HKLM\Software\Classes\Protocols\Handler )-----
{12D51199-0DB5-46FE-A120-47A3D7D937CC} "DVD: Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\msvidctl.dll
{9D148291-B9C8-11D0-A4CC-0000F80149F6} "Microsoft InfoTech Protocols for IE 4.0" - "Microsoft Corporation" - C:\WINDOWS\system32\itss.dll
{9D148291-B9C8-11D0-A4CC-0000F80149F6} "Microsoft InfoTech Protocols for IE 4.0" - "Microsoft Corporation" - C:\WINDOWS\system32\itss.dll
{CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} "TV: Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\msvidctl.dll
{13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} "WiaProtocol Class" - "Microsoft Corporation" - C:\WINDOWS\system32\wiascr.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{32714800-2E5F-11d0-8B85-00AA0044F941} "&Nach Personen..." - "Microsoft Corporation" - C:\Programme\Outlook Express\wabfind.dll
{88C6C381-2E85-11D0-94DE-444553540000} "ActiveX-Cacheordner" - "Microsoft Corporation" - C:\WINDOWS\system32\occache.dll
{85BBD920-42A0-1069-A2E4-08002B30309D} "Aktenkoffer" - "Microsoft Corporation" - C:\WINDOWS\system32\syncui.dll
{875CB1A1-0F29-45de-A1AE-CFB4950D0B78} "Audio Media Properties Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\shmedia.dll
{5F327514-6C5E-4d60-8F16-D07FA08A78ED} "Auto Update Property Sheet Extension" - "Microsoft Corporation" - C:\WINDOWS\system32\wuaucpl.cpl
{87D62D94-71B3-4b9a-9489-5FE6850DC73E} "Avi Properties Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\shmedia.dll
{7A9D77BD-5403-11d2-8785-2E0420524153} "Benutzerkonten" - "Microsoft Corporation" - C:\WINDOWS\system32\netplwiz.dll
{add36aa8-751a-4579-a266-d66f5202ccbb} "Bestellung von Abzügen über das Internet" - "Microsoft Corporation" - C:\WINDOWS\system32\netplwiz.dll
{f39a0dc0-9cc8-11d0-a599-00c04fd64433} "Channel" - "Microsoft Corporation" - C:\WINDOWS\system32\cdfview.dll
{f3da0dc0-9cc8-11d0-a599-00c04fd64437} "Channel Menu Handler Object" - "Microsoft Corporation" - C:\WINDOWS\system32\cdfview.dll
{f3ea0dc0-9cc8-11d0-a599-00c04fd64438} "Channel Shortcut Property Pages" - "Microsoft Corporation" - C:\WINDOWS\system32\cdfview.dll
{f3ba0dc0-9cc8-11d0-a599-00c04fd64435} "Channelhandlerobjekt" - "Microsoft Corporation" - C:\WINDOWS\system32\cdfview.dll
{f3aa0dc0-9cc8-11d0-a599-00c04fd64434} "Channelverknüpfung" - "Microsoft Corporation" - C:\WINDOWS\system32\cdfview.dll
{7D559C10-9FE9-11d0-93F7-00AA0059CE02} "Code Download Agent" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll
{BD472F60-27FA-11cf-B8B4-444553540000} "Compressed (zipped) Folder Right Drag Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\zipfldr.dll
{888DCA60-FC0A-11CF-8F0F-00C04FD7D062} "Compressed (zipped) Folder SendTo Target" - "Microsoft Corporation" - C:\WINDOWS\system32\zipfldr.dll
{E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31} "CompressedFolder" - "Microsoft Corporation" - C:\WINDOWS\system32\zipfldr.dll
{E6CC6978-6B6E-11D0-BECA-00C04FD940BE} "ConnectionAgent" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll
{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? -   (File not found | COM-object registry key not found)
{42071713-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Bildschirme" - "Microsoft Corporation" - C:\WINDOWS\system32\deskmon.dll
{42071712-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Grafikkarten" - "Microsoft Corporation" - C:\WINDOWS\system32\deskadp.dll
{7444C717-39BF-11D1-8CD9-00C04FC29D45} "CryptPKO Class" - "Microsoft Corporation" - C:\WINDOWS\system32\cryptext.dll
{7444C719-39BF-11D1-8CD9-00C04FC29D45} "CryptSig Class" - "Microsoft Corporation" - C:\WINDOWS\system32\cryptext.dll
{CFCCC7A0-A282-11D1-9082-006008059382} "Darwin App Publisher" - "Microsoft Corporation" - C:\WINDOWS\system32\appwiz.cpl
{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6} "DfsShell Class" - "Microsoft Corporation" - C:\WINDOWS\system32\dfsshlex.dll
{62AE1F9A-126A-11D0-A14B-0800361B1103} "Directory Context Menu Verbs" - "Microsoft Corporation" - C:\WINDOWS\system32\dsuiext.dll
{163FDC20-2ABC-11d0-88F0-00A024AB2DBB} "Directory Object Find" - "Microsoft Corporation" - C:\WINDOWS\system32\dsquery.dll
{0D45D530-764B-11d0-A1CA-00AA00C16E65} "Directory Property UI" - "Microsoft Corporation" - C:\WINDOWS\system32\dsuiext.dll
{8A23E65E-31C2-11d0-891C-00A024AB2DBB} "Directory Query UI" - "Microsoft Corporation" - C:\WINDOWS\system32\dsquery.dll
{F020E586-5264-11d1-A532-0000F8757D7E} "Directory Start/Search Find" - "Microsoft Corporation" - C:\WINDOWS\system32\dsquery.dll
{f92e8c40-3d33-11d2-b1aa-080036a75b03} "Display TroubleShoot CPL Extension" - "Microsoft Corporation" - C:\WINDOWS\system32\deskperf.dll
{60fd46de-f830-4894-a628-6fa81bc0190d} "Drop-Zielobjekt für den Fotodruck-Assistent" - "Microsoft Corporation" - C:\WINDOWS\system32\photowiz.dll
{00022613-0000-0000-C000-000000000046} "Eigenschaften für Multimediadatei" - "Microsoft Corporation" - C:\WINDOWS\system32\mmsys.cpl
{596AB062-B4D2-4215-9F74-E9109B0A8153} "Eigenschaftenseite für vorherige Versionen" - "Microsoft Corporation" - C:\WINDOWS\system32\twext.dll
{09A47860-11B0-4DA5-AFA5-26D86198A780} "EPP" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\shellext.dll
{1F2E5C40-9550-11CE-99D2-00AA006E086C} "Erweiterung der Sicherheitsshell" - "Microsoft Corporation" - C:\WINDOWS\system32\rshx32.dll
{4E40F770-369C-11d0-8922-00A024AB2DBB} "Erweiterung der Sicherheitsshell" - "Microsoft Corporation" - C:\WINDOWS\system32\dssec.dll
{F37C5810-4D3F-11d0-B4BF-00AA00BBB723} "Erweiterung der Sicherheitsshell" - "Microsoft Corporation" - C:\WINDOWS\system32\rshx32.dll
{59099400-57FF-11CE-BD94-0020AF85B590} "Erweiterung für Datenträgerkopien" - "Microsoft Corporation" - C:\WINDOWS\system32\diskcopy.dll
{692F0339-CBAA-47e6-B5B5-3B84DB604E87} "Extensions Manager Folder" - "Microsoft Corporation" - C:\WINDOWS\system32\extmgr.dll
{7A80E4A8-8005-11D2-BCF8-00C04F72C717} "ExtractIcon Class" - "Microsoft Corporation" - C:\WINDOWS\System32\mmcshext.dll
{D6277990-4C6A-11CF-8D87-00AA0060F5BF} "Geplante Tasks" - "Microsoft Corporation" - C:\WINDOWS\system32\mstask.dll
{88895560-9AA2-1069-930E-00AA0030EBC8} "HyperTerminal Icon Ext" - "Hilgraeve, Inc." - C:\WINDOWS\system32\hticons.dll
{DBCE2480-C732-101B-BE72-BA78E9AD5B27} "ICC-Profil" - "Microsoft Corporation" - C:\WINDOWS\system32\icmui.dll
{675F097E-4C4D-11D0-B6C1-0800091AA605} "ICM-Druckerverwaltung" - "Microsoft Corporation" - C:\WINDOWS\system32\icmui.dll
{5DB2625A-54DF-11D0-B6C4-0800091AA605} "ICM-Monitorverwaltung" - "Microsoft Corporation" - C:\WINDOWS\System32\icmui.dll
{176d6597-26d3-11d1-b350-080036a75b03} "ICM-Scannerverwaltung" - "Microsoft Corporation" - C:\WINDOWS\system32\icmui.dll
{0B124F8F-91F0-11D1-B8B5-006008059382} "Installed Apps Enumerator" - "Microsoft Corporation" - C:\WINDOWS\system32\appwiz.cpl
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Programme\iTunes\iTunesMiniPlayer.dll
{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} "Kompatibilitätsseite" - "Microsoft Corporation" - C:\WINDOWS\system32\SlayerXP.dll
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? -   (File not found | COM-object registry key not found)
{143A62C8-C33B-11D1-84FE-00C04FA34A14} "Microsoft Agent Character Property Sheet Handler" - "Microsoft Corporation" - C:\WINDOWS\msagent\agentpsh.dll
{7988B573-EC89-11cf-9C00-00AA00A14F56} "Microsoft Disk Quota UI" - "Microsoft Corporation" - C:\WINDOWS\system32\dskquoui.dll
{6A205B57-2567-4A2C-B881-F787FAB579A3} "Microsoft DocProp Inplace Calendar Control" - "Microsoft Corporation" - C:\WINDOWS\system32\docprop2.dll
{0EEA25CC-4362-4A12-850B-86EE61B0D3EB} "Microsoft DocProp Inplace Droplist Combo Control" - "Microsoft Corporation" - C:\WINDOWS\system32\docprop2.dll
{A9CF0EAE-901A-4739-A481-E35B73E47F6D} "Microsoft DocProp Inplace Edit Box Control" - "Microsoft Corporation" - C:\WINDOWS\system32\docprop2.dll
{8EE97210-FD1F-4B19-91DA-67914005F020} "Microsoft DocProp Inplace ML Edit Box Control" - "Microsoft Corporation" - C:\WINDOWS\system32\docprop2.dll
{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33} "Microsoft DocProp Inplace Time Control" - "Microsoft Corporation" - C:\WINDOWS\system32\docprop2.dll
{883373C3-BF89-11D1-BE35-080036B11A03} "Microsoft DocProp Shell Ext" - "Microsoft Corporation" - C:\WINDOWS\system32\docprop2.dll
{63da6ec0-2e98-11cf-8d82-444553540000} "Microsoft FTP Folder" - "Microsoft Corporation" - C:\WINDOWS\system32\msieftp.dll
{2206CDB2-19C1-11D1-89E0-00C04FD7A829} "Microsoft OLE DB Service Component Data Links" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\System\Ole DB\oledb32.dll
{A6FD9E45-6E44-43f9-8644-08598F5A74D9} "Midi Properties Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\shmedia.dll
{ECF03A33-103D-11d2-854D-006008059367} "MyDocs Copy Hook" - "Microsoft Corporation" - C:\WINDOWS\system32\mydocs.dll
{ECF03A32-103D-11d2-854D-006008059367} "MyDocs Drop Target" - "Microsoft Corporation" - C:\WINDOWS\system32\mydocs.dll
{4a7ded0a-ad25-11d0-98a8-0800361b1103} "MyDocs menu and properties" - "Microsoft Corporation" - C:\WINDOWS\system32\mydocs.dll
{7007ACC7-3202-11D1-AAD2-00805FC1270E} "Netzwerkverbindungen" - "Microsoft Corporation" - C:\WINDOWS\system32\NETSHELL.dll
{992CFFA0-F557-101A-88EC-00DD010CCC48} "Netzwerkverbindungen" - "Microsoft Corporation" - C:\WINDOWS\system32\NETSHELL.dll
{10CFC467-4392-11d2-8DB4-00C04FA31A66} "Offline Files Folder Options" - "Microsoft Corporation" - C:\WINDOWS\System32\cscui.dll
{750fdf0e-2a26-11d1-a3ea-080036587f03} "Offline Files Menu" - "Microsoft Corporation" - C:\WINDOWS\System32\cscui.dll
{3EA48300-8CF6-101B-84FB-666CCB9BCD32} "OLE-Eigenschaftenseite für Dokumente" - "Microsoft Corporation" - C:\WINDOWS\system32\docprop.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E} "Ordner 'Offlinedateien'" - "Microsoft Corporation" - C:\WINDOWS\System32\cscui.dll
{58f1f272-9240-4f51-b6d4-fd63d1618591} "Passport-Assistent" - "Microsoft Corporation" - C:\WINDOWS\system32\netplwiz.dll
{41E300E0-78B6-11ce-849B-444553540000} "PlusPack CPL-Erweiterung" - "Microsoft Corporation" - C:\WINDOWS\system32\themeui.dll
{D8BD2030-6FC9-11D0-864F-00AA006809D9} "PostAgent" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll
{F0152790-D56E-4445-850E-4F3117DB740C} "Remote Sessions CPL Extension" - "Microsoft Corporation" - C:\WINDOWS\system32\remotepg.dll
{3F953603-1008-4f6e-A73A-04AAC7A992F1} "Scanner und Kameras" - "Microsoft Corporation" - C:\WINDOWS\system32\wiashext.dll
{83bbcbf3-b28a-4919-a5aa-73027445d672} "Scanner und Kameras" - "Microsoft Corporation" - C:\WINDOWS\system32\wiashext.dll
{905667aa-acd6-11d2-8080-00805f6596d2} "Scanner und Kameras" - "Microsoft Corporation" - C:\WINDOWS\system32\wiashext.dll
{E211B736-43FD-11D1-9EFB-0000F8757FCD} "Scanner und Kameras" - "Microsoft Corporation" - C:\WINDOWS\system32\wiashext.dll
{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD} "Scanner und Kameras" - "Microsoft Corporation" - C:\WINDOWS\system32\wiashext.dll
{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF} "Scheduling UI icon handler" - "Microsoft Corporation" - C:\WINDOWS\system32\mstask.dll
{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF} "Scheduling UI property sheet handler" - "Microsoft Corporation" - C:\WINDOWS\system32\mstask.dll
{BD84B380-8CA2-1069-AB1D-08000948F534} "Schriftarten" - "Microsoft Corporation" - C:\WINDOWS\system32\fontext.dll
{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE} "Sendmail service" - "Microsoft Corporation" - C:\WINDOWS\system32\sendmail.dll
{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE} "Sendmail service" - "Microsoft Corporation" - C:\WINDOWS\system32\sendmail.dll
{352EC2B7-8B9A-11D1-B8AE-006008059382} "Shell Application Manager" - "Microsoft Corporation" - C:\WINDOWS\system32\appwiz.cpl
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - ? -   (File not found | COM-object registry key not found)
{9E51E0D0-6E0F-11d2-9601-00C04FA31A86} "Shell properties for a DS object" - "Microsoft Corporation" - C:\WINDOWS\system32\dsquery.dll
{56117100-C0CD-101B-81E2-00AA004AE837} "Shell-Datenauszughandler" - "Microsoft Corporation" - C:\WINDOWS\system32\shscrap.dll
{77597368-7b15-11d0-a0c2-080036af3f03} "Shellerweiterung für Webdrucker" - "Microsoft Corporation" - C:\WINDOWS\system32\printui.dll
{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? -   (File not found | COM-object registry key not found)
{40dd6e20-7c17-11ce-a804-00aa003ca9f6} "Shellerweiterungen für Freigaben" - "Microsoft Corporation" - C:\WINDOWS\system32\ntshrui.dll
{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} "Shellerweiterungen für Freigaben" - "Microsoft Corporation" - C:\WINDOWS\system32\ntshrui.dll
{59be4990-f85c-11ce-aff7-00aa003ca9f6} "Shellerweiterungen für Microsoft Windows-Netzwerkobjekte" - "Microsoft Corporation" - C:\WINDOWS\system32\ntlanui2.dll
{6b33163c-76a5-4b6c-bf21-45de9cd503a1} "Shellobjekt des Webpublishing-Assistenten" - "Microsoft Corporation" - C:\WINDOWS\system32\netplwiz.dll
{F5175861-2688-11d0-9C5E-00AA00A45957} "Subscription Folder" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll
{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE} "Subscription Mgr" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll
{2F603045-309F-11CF-9774-0020AFD0CFF6} "Synaptics Control Panel" - "Synaptics, Inc." - C:\Programme\Synaptics\SynTP\SynTPCpl.dll
{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7} "TrayAgent" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll
{40C3D757-D6E4-4b49-BB41-0E5BBEA28817} "Video Media Properties Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\shmedia.dll
{c5a40261-cd64-4ccf-84cb-c394da41d590} "Video Thumbnail Extractor" - "Microsoft Corporation" - C:\WINDOWS\system32\shmedia.dll
{9DB7A13C-F208-4981-8353-73CC61AE2783} "Vorherige Versionen" - "Microsoft Corporation" - C:\WINDOWS\system32\twext.dll
{E4B29F9D-D390-480b-92FD-7DDB47101D71} "Wav Properties Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\shmedia.dll
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Web Folders" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\MSONSEXT.DLL
{E6FB5E20-DE35-11CF-9C87-00AA005127ED} "WebCheck" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll
{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB} "WebCheck SyncMgr Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll
{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB} "WebCheckChannelAgent" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll
{08165EA0-E946-11CF-9C87-00AA005127ED} "WebCheckWebCrawler" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll
{CC6EEFFB-43F6-46c5-9619-51D571967F7D} "Webpublishing-Assistent" - "Microsoft Corporation" - C:\WINDOWS\system32\netplwiz.dll
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Programme\WinRAR\rarext.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad )-----
{35CEC8A3-2BE6-11D2-8773-92E220524153} "SysTray" - "Microsoft Corporation" - C:\WINDOWS\system32\stobject.dll
{E6FB5E20-DE35-11CF-9C87-00AA005127ED} "WebCheck" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "ITBarLayout" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
"Exec" - "Microsoft Corporation" - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
"Messenger" - "Microsoft Corporation" - C:\Programme\Messenger\msmsgs.exe
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

[Known DLLs]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs )-----
"comdlg32" - "Microsoft Corporation" - C:\WINDOWS\system32\comdlg32.dll
"gdi32" - "Microsoft Corporation" - C:\WINDOWS\system32\gdi32.dll
"lz32" - "Microsoft Corporation" - C:\WINDOWS\system32\lz32.dll
"olecli32" - "Microsoft Corporation" - C:\WINDOWS\system32\olecli32.dll
"olecnv32" - "Microsoft Corporation" - C:\WINDOWS\system32\olecnv32.dll
"olesvr32" - "Microsoft Corporation" - C:\WINDOWS\system32\olesvr32.dll
"olethk32" - "Microsoft Corporation" - C:\WINDOWS\system32\olethk32.dll
"user32" - "Microsoft Corporation" - C:\WINDOWS\system32\user32.dll
"version" - "Microsoft Corporation" - C:\WINDOWS\system32\version.dll
"wldap32" - "Microsoft Corporation" - C:\WINDOWS\system32\wldap32.dll

[LSA Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )-----
"Authentication packages" - "Microsoft Corporation" - C:\WINDOWS\system32\msv1_0.dll
"Notification packages" - "Microsoft Corporation" - C:\WINDOWS\system32\scecli.dll
"Security Packages" - "Microsoft Corporation" - C:\WINDOWS\system32\msv1_0.dll
"Security Packages" - "Microsoft Corporation" - C:\WINDOWS\system32\wdigest.dll
-----( HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders )-----
"SecurityProviders" - "Microsoft Corporation" - C:\WINDOWS\system32\msapsspc.dll
"SecurityProviders" - "Microsoft Corporation" - C:\WINDOWS\system32\digest.dll
"SecurityProviders" - "Microsoft Corporation" - C:\WINDOWS\system32\msnsspc.dll

[Logon]
-----( %AllUsersProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini
"McAfee Security Scan Plus.lnk" - "McAfee, Inc." - C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe  (Shortcut exists | File exists)
-----( %UserProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart\desktop.ini
"Dropbox.lnk" - "Dropbox, Inc." - C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Dropbox\bin\Dropbox.exe  (Shortcut exists | File exists)
"OpenOffice.org 3.2.lnk" - ? - C:\Programme\OpenOffice.org 3\program\quickstart.exe  (Shortcut exists | File found, but it contains no detailed information | File exists)
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon )-----
"Shell" - "Microsoft Corporation" - C:\WINDOWS\Explorer.exe
"Userinit" - "Microsoft Corporation" - C:\WINDOWS\system32\userinit.exe
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - "Microsoft Corporation" - C:\WINDOWS\system32\rdpclip.exe
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"APSDaemon" - "Apple Inc." - "C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe"
"CDAServer" - ? - C:\Programme\Gemeinsame Dateien\Common Desktop Agent\CDASrv.exe
"HotKeysCmds" - "Intel Corporation" - C:\WINDOWS\system32\hkcmd.exe
"IgfxTray" - "Intel Corporation" - C:\WINDOWS\system32\igfxtray.exe
"iTunesHelper" - "Apple Inc." - "C:\Programme\iTunes\iTunesHelper.exe"
"Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"MSC" - "Microsoft Corporation" - "C:\Programme\Microsoft Security Client\msseces.exe" -hide -runkey
"Persistence" - "Intel Corporation" - C:\WINDOWS\system32\igfxpers.exe
"QuickTime Task" - "Apple Inc." - "C:\Programme\QuickTime\QTTask.exe" -atboottime
"RTHDCPL" - "Realtek Semiconductor Corp." - RTHDCPL.EXE
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"
"SynTPEnh" - "Synaptics, Inc." - C:\Programme\Synaptics\SynTP\SynTPEnh.exe
"Threadpresent" - "Thread Technology Co.,Ltd." - C:\Programme\Thread\SYDpresent.exe

[Network Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order )-----
"Microsoft Windows-Netzwerk" - "Microsoft Corporation" - C:\WINDOWS\System32\ntlanman.dll
"Microsoft-Terminaldienste" - "Microsoft Corporation" - C:\WINDOWS\System32\drprov.dll
"Web Client Network" - "Microsoft Corporation" - C:\WINDOWS\System32\davclnt.dll

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"BJ Language Monitor" - "Microsoft Corporation" - C:\WINDOWS\system32\cnbjmon.dll
"PJL Language Monitor" - "Microsoft Corporation" - C:\WINDOWS\system32\pjlmon.dll
"Standard TCP/IP Port" - "Microsoft Corporation" - C:\WINDOWS\system32\tcpmon.dll
"USB Monitor" - "Microsoft Corporation" - C:\WINDOWS\system32\usbmon.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"Ablagemappe" (ClipSrv) - "Microsoft Corporation" - C:\WINDOWS\system32\clipsrv.exe
"Anmeldedienst" (Netlogon) - "Microsoft Corporation" - C:\WINDOWS\system32\lsass.exe
"Anwendungsverwaltung" (AppMgmt) - "Microsoft Corporation" - C:\WINDOWS\System32\appmgmts.dll
"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
"Automatic Updates" (wuauserv) - "Microsoft Corporation" - C:\WINDOWS\system32\wuauserv.dll
"Automatische Konfiguration (verkabelt)" (Dot3svc) - "Microsoft Corporation" - C:\WINDOWS\System32\dot3svc.dll
"COM+-Systemanwendung" (COMSysApp) - "Microsoft Corporation" - C:\WINDOWS\system32\dllhost.exe
"Computerbrowser" (Browser) - "Microsoft Corporation" - C:\WINDOWS\System32\browser.dll
"CryptSvc" (CryptSvc) - "Microsoft Corporation" - C:\WINDOWS\System32\cryptsvc.dll
"DHCP-Client" (Dhcp) - "Microsoft Corporation" - C:\WINDOWS\System32\dhcpcsvc.dll
"Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Programme\Bonjour\mDNSResponder.exe
"Distributed Transaction Coordinator" (MSDTC) - "Microsoft Corporation" - C:\WINDOWS\system32\msdtc.exe
"Extensible Authentication-Protokolldienst" (EapHost) - "Microsoft Corporation" - C:\WINDOWS\System32\eapsvc.dll
"Fehlerberichterstattungsdienst" (ERSvc) - "Microsoft Corporation" - C:\WINDOWS\System32\ersvc.dll
"Gatewaydienst auf Anwendungsebene" (ALG) - "Microsoft Corporation" - C:\WINDOWS\System32\alg.exe
"Geschützter Speicher" (ProtectedStorage) - "Microsoft Corporation" - C:\WINDOWS\system32\lsass.exe
"Hilfe und Support" (helpsvc) - "Microsoft Corporation" - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
"HTTP-SSL" (HTTPFilter) - "Microsoft Corporation" - C:\WINDOWS\System32\w3ssl.dll
"IMAPI-CD-Brenn-COM-Dienste" (ImapiService) - "Microsoft Corporation" - C:\WINDOWS\system32\imapi.exe
"Indexdienst" (CiSvc) - "Microsoft Corporation" - C:\WINDOWS\system32\cisvc.exe
"Integritätsschlüssel- und Zertifikatverwaltungsdienst" (hkmsvc) - "Microsoft Corporation" - C:\WINDOWS\System32\kmsvc.dll
"Intelligenter Hintergrundübertragungsdienst" (BITS) - "Microsoft Corporation" - C:\WINDOWS\system32\qmgr.dll
"iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Programme\iPod\bin\iPodService.exe
"IPSEC-Dienste" (PolicyAgent) - "Microsoft Corporation" - C:\WINDOWS\system32\lsass.exe
"Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe
"Konfigurationsfreie drahtlose Verbindung" (WZCSVC) - "Microsoft Corporation" - C:\WINDOWS\System32\wzcsvc.dll
"Leistungsdatenprotokolle und Warnungen" (SysmonLog) - "Microsoft Corporation" - C:\WINDOWS\system32\smlogsvc.exe
"MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
"McAfee Security Scan Component Host Service" (McComponentHostService) - "McAfee, Inc." - C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe
"Microsoft Antimalware Service" (MsMpSvc) - "Microsoft Corporation" - C:\Programme\Microsoft Security Client\Antimalware\MsMpEng.exe
"MS Software Shadow Copy Provider" (SwPrv) - "Microsoft Corporation" - C:\WINDOWS\system32\dllhost.exe
"NAP-Agent (Network Access Protection)" (napagent) - "Microsoft Corporation" - C:\WINDOWS\System32\qagentrt.dll
"NetMeeting-Remotedesktop-Freigabe" (mnmsrvc) - "Microsoft Corporation" - C:\WINDOWS\system32\mnmsrvc.exe
"Netzwerkverbindungen" (Netman) - "Microsoft Corporation" - C:\WINDOWS\System32\netman.dll
"Netzwerkversorgungsdienst" (xmlprov) - "Microsoft Corporation" - C:\WINDOWS\System32\xmlprov.dll
"NT-LM-Sicherheitsdienst" (NtLmSsp) - "Microsoft Corporation" - C:\WINDOWS\system32\lsass.exe
"QoS-RSVP" (RSVP) - "Microsoft Corporation" - C:\WINDOWS\system32\rsvp.exe
"RAS-Verbindungsverwaltung" (RasMan) - "Microsoft Corporation" - C:\WINDOWS\System32\rasmans.dll
"Remote-Registrierung" (RemoteRegistry) - "Microsoft Corporation" - C:\WINDOWS\system32\regsvc.dll
"RPC-Locator" (RpcLocator) - "Microsoft Corporation" - C:\WINDOWS\system32\locator.exe
"Secondary Logon" (seclogon) - "Microsoft Corporation" - C:\WINDOWS\System32\seclogon.dll
"Server" (LanmanServer) - "Microsoft Corporation" - C:\WINDOWS\System32\srvsvc.dll
"Sicherheitscenter" (wscsvc) - "Microsoft Corporation" - C:\WINDOWS\system32\wscsvc.dll
"Sicherheitskontenverwaltung" (SamSs) - "Microsoft Corporation" - C:\WINDOWS\system32\lsass.exe
"Sitzungs-Manager für Remotedesktophilfe" (RDSessMgr) - "Microsoft Corporation" - C:\WINDOWS\system32\sessmgr.exe
"Smartcard" (SCardSvr) - "Microsoft Corporation" - C:\WINDOWS\System32\SCardSvr.exe
"SSDP-Suchdienst" (SSDPSRV) - "Microsoft Corporation" - C:\WINDOWS\System32\ssdpsrv.dll
"Systemereignisbenachrichtigung" (SENS) - "Microsoft Corporation" - C:\WINDOWS\system32\sens.dll
"Systemwiederherstellungsdienst" (srservice) - "Microsoft Corporation" - C:\WINDOWS\system32\srsvc.dll
"Taskplaner" (Schedule) - "Microsoft Corporation" - C:\WINDOWS\system32\schedsvc.dll
"TCP/IP-NetBIOS-Hilfsprogramm" (LmHosts) - "Microsoft Corporation" - C:\WINDOWS\System32\lmhsvc.dll
"Telefonie" (TapiSrv) - "Microsoft Corporation" - C:\WINDOWS\System32\tapisrv.dll
"Telnet" (TlntSvr) - "Microsoft Corporation" - C:\WINDOWS\system32\tlntsvr.exe
"Terminaldienste" (TermService) - "Microsoft Corporation" - C:\WINDOWS\System32\termsrv.dll
"Universeller Plug & Play-Gerätehost" (upnphost) - "Microsoft Corporation" - C:\WINDOWS\System32\upnphost.dll
"Unterbrechungsfreie Stromversorgung" (UPS) - "Microsoft Corporation" - C:\WINDOWS\System32\ups.exe
"Verwaltung für automatische RAS-Verbindung" (RasAuto) - "Microsoft Corporation" - C:\WINDOWS\System32\rasauto.dll
"Verwaltung logischer Datenträger" (dmserver) - "Microsoft Corp." - C:\WINDOWS\System32\dmserver.dll
"Verwaltungsdienst für die Verwaltung logischer Datenträger" (dmadmin) - "Microsoft Corp., Veritas Software" - C:\WINDOWS\System32\dmadmin.exe
"Volumeschattenkopie" (VSS) - "Microsoft Corporation" - C:\WINDOWS\System32\vssvc.exe
"Webclient" (WebClient) - "Microsoft Corporation" - C:\WINDOWS\System32\webclnt.dll
"Wechselmedien" (NtmsSvc) - "Microsoft Corporation" - C:\WINDOWS\system32\ntmssvc.dll
"Windows Audio" (AudioSrv) - "Microsoft Corporation" - C:\WINDOWS\System32\audiosrv.dll
"Windows Installer" (MSIServer) - "Microsoft Corporation" - C:\WINDOWS\system32\msiexec.exe
"Windows-Bilderfassung (WIA)" (stisvc) - "Microsoft Corporation" - C:\WINDOWS\system32\wiaservc.dll
"Windows-Firewall/Gemeinsame Nutzung der Internetverbindung" (SharedAccess) - "Microsoft Corporation" - C:\WINDOWS\System32\ipnathlp.dll
"Windows-Verwaltungsinstrumentation" (winmgmt) - "Microsoft Corporation" - C:\WINDOWS\system32\wbem\WMIsvc.dll
"Windows-Zeitgeber" (W32Time) - "Microsoft Corporation" - C:\WINDOWS\system32\w32time.dll
"WMI-Leistungsadapter" (WmiApSrv) - "Microsoft Corporation" - C:\WINDOWS\system32\wbem\wmiapsrv.exe
"Überwachung verteilter Verknüpfungen (Client)" (TrkWks) - "Microsoft Corporation" - C:\WINDOWS\system32\trkwks.dll

[Winlogon]
-----( HKCU\Control Panel\Desktop )-----
"SCRNSAVE.EXE" - "Microsoft Corporation" - C:\WINDOWS\system32\logon.scr
-----( HKCU\Control Panel\IOProcs )-----
"MVB" - ? - mvfs32.dll  (File not found)
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon )-----
"UIHost" - "Microsoft Corporation" - C:\WINDOWS\system32\logonui.exe
"VmApplet" - "Microsoft Corporation" - C:\WINDOWS\system32\sysdm.cpl
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions )-----
{B587E2B1-4D59-4e7e-AED9-22B9DF11D053} "802.3 Group Policy" - "Microsoft Corporation" - C:\WINDOWS\system32\dot3gpclnt.dll
{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63} "Drahtlos" - "Microsoft Corporation" - C:\WINDOWS\system32\gptext.dll
{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A} "EFS recovery" - "Microsoft Corporation" - C:\WINDOWS\system32\scecli.dll
{25537BA6-77A8-11D2-9B6C-0000F8080861} "Folder Redirection" - "Microsoft Corporation" - C:\WINDOWS\system32\fdeploy.dll
{A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B} "Internet Explorer-Branding" - "Microsoft Corporation" - C:\WINDOWS\system32\iedkcs32.dll
{4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3} "Internet Explorer-Zonenzuordnung" - "Microsoft Corporation" - C:\WINDOWS\system32\iedkcs32.dll
{e437bc1c-aa7d-11d2-a382-00c04f991e27} "IP-Sicherheit" - "Microsoft Corporation" - C:\WINDOWS\system32\gptext.dll
{C631DF4C-088F-4156-B058-4375F0853CD8} "Microsoft Offline Files" - "Microsoft Corporation" - C:\WINDOWS\System32\cscui.dll
{3610eda5-77ef-11d2-8dc5-00c04fa31a66} "Microsoft-Datenträgerkontingent" - "Microsoft Corporation" - C:\WINDOWS\system32\dskquota.dll
{426031c0-0b47-4852-b0ca-ac3d37bfcb39} "QoS-Paketplaner" - "Microsoft Corporation" - C:\WINDOWS\system32\gptext.dll
{827D319E-6EAC-11D2-A4EA-00C04F79F83A} "Security" - "Microsoft Corporation" - C:\WINDOWS\system32\scecli.dll
{42B5FAAE-6536-11d2-AE5A-0000F87571E3} "Skripts" - "Microsoft Corporation" - C:\WINDOWS\system32\gptext.dll
{c6dc5466-785a-11d2-84d0-00c04fb169f7} "Softwareinstallation" - "Microsoft Corporation" - C:\WINDOWS\system32\appmgmts.dll
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----
"cryptnet" - "Microsoft Corporation" - C:\WINDOWS\system32\cryptnet.dll
"cscdll" - "Microsoft Corporation" - C:\WINDOWS\system32\cscdll.dll
"dimsntfy" - "Microsoft Corporation" - C:\WINDOWS\System32\dimsntfy.dll
"igfxcui" - "Intel Corporation" - C:\WINDOWS\system32\igfxdev.dll
"ScCertProp" - "Microsoft Corporation" - C:\WINDOWS\system32\wlnotify.dll
"Schedule" - "Microsoft Corporation" - C:\WINDOWS\system32\wlnotify.dll
"sclgntfy" - "Microsoft Corporation" - C:\WINDOWS\system32\sclgntfy.dll
"SensLogn" - "Microsoft Corporation" - C:\WINDOWS\system32\WlNotify.dll
"termsrv" - "Microsoft Corporation" - C:\WINDOWS\system32\wlnotify.dll
"WgaLogon" - "Microsoft Corporation" - C:\WINDOWS\system32\WgaLogon.dll
"wlballoon" - "Microsoft Corporation" - C:\WINDOWS\system32\wlnotify.dll

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"mdnsNSP" - "Apple Inc." - C:\Programme\Bonjour\mdnsNSP.dll
"NTDS" - "Microsoft Corporation" - C:\WINDOWS\System32\winrnr.dll
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries )-----
"RSVP TCP Service Provider" - "Microsoft Corporation" - C:\WINDOWS\system32\rsvpsp.dll
"RSVP UDP Service Provider" - "Microsoft Corporation" - C:\WINDOWS\system32\rsvpsp.dll

===[ Logfile end ]=========================================[ Logfile end ]===

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

und hier noch das andere Log, hier geht es irgendwann immer nicht mehr weiter, also successfully scanned hab ich kein einziges mal gelesen, habs oft versucht, aber irgendwann immer an dieser stelle bleibt die uhrzeit stehen und bewegt sich auch ne stunde danach nicht mehr vom fleck- hoffe der log ist trotzdem ausreichend:

Code:

ATTFilter

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-04-29 18:54:36
-----------------------------
18:54:36.062    OS Version: Windows 5.1.2600 Service Pack 3
18:54:36.062    Number of processors: 2 586 0x1C02
18:54:36.062    ComputerName: USER-017C622E09  UserName: Administrator
18:54:36.406    Initialize success
19:18:25.875    AVAST engine defs: 12042900
19:19:25.546    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-5
19:19:25.562    Disk 0 Vendor: WDC_WD1600BEVT-00ZCT0 11.01A11 Size: 152627MB BusType: 3
19:19:25.609    Disk 0 MBR read successfully
19:19:25.609    Disk 0 MBR scan
19:19:25.640    Disk 0 Windows XP default MBR code
19:19:25.640    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS        49999 MB offset 63
19:19:25.640    Disk 0 Partition - 00     0F Extended LBA            102618 MB offset 102398310
19:19:25.656    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       102618 MB offset 102398373
19:19:25.671    Disk 0 scanning sectors +312560640
19:19:25.765    Disk 0 scanning C:\WINDOWS\system32\drivers
19:19:34.781    Service scanning
19:19:50.453    Modules scanning
19:19:52.812    Module: C:\WINDOWS\System32\drivers\dxgthk.sys  **SUSPICIOUS**
19:19:56.500    Disk 0 trace - called modules:
19:19:56.515    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS 
19:19:56.515    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89ddcab8]
19:19:56.515    3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\0000006a[0x89d96510]
19:19:56.515    5 ACPI.sys[b9f7e620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-5[0x89dd6940]
19:19:57.046    AVAST engine scan C:\WINDOWS
19:20:15.125    AVAST engine scan C:\WINDOWS\system32
19:22:07.859    AVAST engine scan C:\WINDOWS\system32\drivers
19:22:19.921    AVAST engine scan C:\Dokumente und Einstellungen\Administrator
19:27:06.015    Disk 0 MBR has been saved successfully to "C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\MBR.dat"
19:27:06.046    The log file has been saved successfully to "C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\aswMBR.txt"
19:27:30.390    Disk 0 MBR has been saved successfully to "C:\Dokumente und Einstellungen\Administrator\Desktop\MBR.dat"
19:27:30.406    The log file has been saved successfully to "C:\Dokumente und Einstellungen\Administrator\Desktop\aswMBR.txt"

15.04.2012, 16:24	#25
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	BKA Virus, Netbook bootet jetzt nicht mehr Log ist unvollständig, der untere Teil mit der Zusammenfassung fehlt __________________ Logfiles bitte immer in CODE-Tags posten

BKA Virus, Netbook bootet jetzt nicht mehr

Plagegeister aller Art und deren Bekämpfung: BKA Virus, Netbook bootet jetzt nicht mehr