| |
| |||||||
Log-Analyse und Auswertung: System message - write fault errorWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
| |
03.07.2012, 10:16
| #1 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  System message - write fault error Lass wir den TDSS-Killer erstmal weg, du kannst ja nach combofix versuchen den nochmal zu starten Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
09.07.2012, 12:19
| #2 |
 | System message - write fault error Hallo Arne,
__________________entschuldige bitte die späte Antwort, ich kämpfe noch mit dem combofix...ist es normal, dass es mehrere Stunden dauert, bis überhaupt was angezeigt wird? Das heißt, das erste Mal is das Programm gestartet, leider musste ich dann weg und der Pc wurde dann wohl aus Versehen ausgeschaltet. Seitdem habe ich es jeden Tag versucht und dann kam beim nächsten Versuch immer die Fehlermeldung "internet explorer hat einen Fehler festgestellt und musste geschlossen werden" (Oder so ähnlich). Vorgestern hatte ich den Rechner rund um die Uhr an und es hat sich nach der Anfangssequenz nichts mehr getan. ich weiß jetzt nicht mehr weiter. Gestern habe ich das Programm nochmal gestartet, dann nach Stunden wieder beendet und musste dann 2 x den PC neu starten, dass ich überhaupt wieder mozilla starten konnte... Was kann ich denn da jetzt tun? Liebe Grüße Judith |
|
09.07.2012, 13:07
| #3 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | System message - write fault error Starte Windows neu, lösch die alte combofix.exe, lade CF neu runter und probier es bitte nochmal.
__________________
__________________ |
|
10.07.2012, 08:40
| #4 |
| | System message - write fault error Hallo Arne, super, es hat geklappt! Hier die Log-Datei: Code:
ATTFilter ComboFix 12-07-10.01 - Jus 10.07.2012 8:43.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.49.1031.18.1013.442 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Jus\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokumente und einstellungen\Jus\Anwendungsdaten\Help\coredb\storage
.
---- Vorheriger Suchlauf -------
.
c:\dokumente und einstellungen\All Users\Anwendungsdaten\TEMP\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\PostBuild.exe
c:\dokumente und einstellungen\Jus\Anwendungsdaten\Help\coredb\storage
c:\dokumente und einstellungen\Jus\Anwendungsdaten\Tuowo\ogyb.exe
c:\windows\EventSystem.log
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_usnjsvc
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-06-10 bis 2012-07-10 ))))))))))))))))))))))))))))))
.
.
2012-07-04 13:27 . 2012-07-06 11:05 -------- d-----w- c:\dokumente und einstellungen\Jus\Anwendungsdaten\Maty
2012-07-04 13:27 . 2012-07-04 13:27 -------- d-----w- c:\dokumente und einstellungen\Jus\Anwendungsdaten\Koheuq
2012-07-03 12:06 . 2012-07-03 12:06 -------- d-----w- c:\dokumente und einstellungen\Jus\Anwendungsdaten\TeamViewer
2012-06-30 19:07 . 2012-06-30 19:07 -------- d-----w- C:\_OTL
2012-06-20 09:44 . 2012-06-20 09:44 -------- d-----w- c:\programme\ESET
2012-06-16 17:39 . 2012-06-16 17:39 -------- d-----w- c:\dokumente und einstellungen\Jus\Anwendungsdaten\Malwarebytes
2012-06-16 17:39 . 2012-06-16 17:39 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes
2012-06-16 17:39 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-16 17:39 . 2012-06-16 17:39 -------- d-----w- c:\programme\Malwarebytes' Anti-Malware
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-02 13:19 . 2009-01-08 17:09 15896 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2008-08-07 10:35 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2008-08-07 09:27 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2008-08-07 09:27 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2008-08-07 09:27 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2008-08-07 10:35 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2008-08-07 10:35 15896 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2008-08-07 09:27 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2008-08-07 09:27 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 13:19 . 2008-04-14 12:00 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2008-08-07 10:35 23576 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2008-08-07 09:27 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2008-08-07 09:27 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 13:18 . 2009-03-05 17:43 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 13:18 . 2009-03-05 17:43 18160 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-06-02 13:18 . 2007-07-30 17:18 214256 ----a-w- c:\windows\system32\muweb.dll
2012-05-31 13:22 . 2008-04-14 12:00 604160 ----a-w- c:\windows\system32\crypt32.dll
2012-05-15 15:37 . 2008-04-14 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2012-05-15 13:56 . 2008-04-14 12:00 1863296 ----a-w- c:\windows\system32\win32k.sys
2012-05-08 12:04 . 2012-04-12 11:30 83392 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-05-08 12:04 . 2012-04-12 11:30 137928 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-05-05 03:14 . 2008-04-14 12:00 2150912 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-05 03:14 . 2008-04-14 07:30 2029056 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-02 13:46 . 2008-08-07 09:24 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-05-02 00:46 . 2012-05-02 00:46 4472832 ----a-w- c:\windows\system32\GPhotos.scr
2012-04-23 14:40 . 2008-04-14 12:00 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2012-04-23 14:40 . 2008-04-14 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2012-04-23 14:40 . 2008-04-14 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2012-04-21 01:18 . 2012-04-27 17:48 97208 ----a-w- c:\programme\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Validator"="c:\dokumente und einstellungen\Jus\Anwendungsdaten\Adobe\{4F6C64E6-611D-4940-A53B-4806AB6BA678}\Validator.exe" [2012-07-03 342528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-12-19 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-12-19 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-12-19 131072]
"RTHDCPL"="RTHDCPL.EXE" [2008-05-07 16862208]
"SynTPEnh"="c:\programme\Synaptics\SynTP\SynTPEnh.exe" [2008-01-11 1028096]
"MGSysCtrl"="c:\programme\System Control Manager\MGSysCtrl.exe" [2008-06-10 782336]
"LanguageShortcut"="c:\programme\HomeCinema\PowerDVD\Language\Language.exe" [2007-01-08 52256]
"QuickFinder Scheduler"="c:\programme\WordPerfect Office X3\Programs\QFSCHD130.EXE" [2007-01-02 83568]
"UCam_Menu"="c:\programme\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"Google Desktop Search"="c:\programme\Google\Google Desktop Search\GoogleDesktop.exe" [2009-01-14 220160]
"toolbar_eula_launcher"="c:\program files\GoogleEULA\EULALauncher.exe" [2007-02-09 16896]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2010-10-29 249064]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2012-05-08 348624]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\dokumente und einstellungen\Jus\Startmenü\Programme\Autostart\
OpenOffice.org 3.3.lnk - c:\programme\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
taskmgr.exe.lnk - c:\windows\system32\taskmgr.exe [2008-4-14 140800]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programme\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Programme\\ICQ7.6\\ICQ.exe"=
"c:\\Programme\\Skype\\Phone\\Skype.exe"=
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [12.04.2012 13:30 36000]
R2 AntiVirSchedulerService;Avira Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [12.04.2012 13:30 86224]
R3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RTS5121.sys [07.08.2008 12:01 156160]
R3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [07.08.2008 12:19 572416]
S2 ICQ Service;ICQ Service;c:\programme\ICQ6Toolbar\ICQ Service.exe --> c:\programme\ICQ6Toolbar\ICQ Service.exe [?]
S2 Micro Star SCM;Micro Star SCM;c:\programme\System Control Manager\MSIService.exe [07.08.2008 12:30 159744]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\programme\Mozilla Maintenance Service\maintenanceservice.exe [27.04.2012 19:48 129976]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.facebook.com/login.php
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.aldi.com
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Senden an &Bluetooth-Gerät... - c:\programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Senden an Bluetooth - c:\programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Öffnen mit WordPerfect - c:\programme\WordPerfect Office X3\Programs\WPLauncher.hta
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\programme\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 217.0.43.97 192.168.5.1
FF - ProfilePath - c:\dokumente und einstellungen\Jus\Anwendungsdaten\Mozilla\Firefox\Profiles\cqrxw7m7.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxps://mail.google.com
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
WebBrowser-{707DB484-2428-402D-AFB5-D85B387544C7} - (no file)
HKCU-Run-ICQ - c:\programme\ICQ7.2\ICQ.exe
HKCU-Run-Ygafi - c:\dokumente und einstellungen\Jus\Anwendungsdaten\Tuowo\ogyb.exe
AddRemove-ICQToolbar - c:\programme\ICQ6Toolbar\ICQUnToolbar.exe
AddRemove-_{ADDBE07D-95B8-4789-9C76-187FFF9624B4} - c:\programme\Corel\CorelDRAW Essential Edition 3\Programs\MSILauncher {ADDBE07D-95B8-4789-9C76-187FFF9624B4}
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-07-10 09:16
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-07-10 09:33:14
ComboFix-quarantined-files.txt 2012-07-10 07:32
.
Vor Suchlauf: 9 Verzeichnis(se), 118.740.152.320 Bytes frei
Nach Suchlauf: 10 Verzeichnis(se), 118.706.036.736 Bytes frei
.
- - End Of File - - A818735CB43C1135C4471964ABD2D27E
Juhu :-) Liebe Grüße Judith Toll, jetzt hat auch der TDSS-Killer gefunzt, hier das Log: Code:
ATTFilter 09:45:00.0906 1192 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
09:45:01.0218 1192 ============================================================
09:45:01.0218 1192 Current date / time: 2012/07/10 09:45:01.0218
09:45:01.0218 1192 SystemInfo:
09:45:01.0218 1192
09:45:01.0218 1192 OS Version: 5.1.2600 ServicePack: 3.0
09:45:01.0218 1192 Product type: Workstation
09:45:01.0218 1192 ComputerName: AKOYA
09:45:01.0218 1192 UserName: Jus
09:45:01.0218 1192 Windows directory: C:\WINDOWS
09:45:01.0218 1192 System windows directory: C:\WINDOWS
09:45:01.0218 1192 Processor architecture: Intel x86
09:45:01.0218 1192 Number of processors: 2
09:45:01.0218 1192 Page size: 0x1000
09:45:01.0218 1192 Boot type: Normal boot
09:45:01.0218 1192 ============================================================
09:45:01.0953 1192 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:45:01.0953 1192 ============================================================
09:45:01.0953 1192 \Device\Harddisk0\DR0:
09:45:01.0953 1192 MBR partitions:
09:45:01.0953 1192 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x10BD28CA
09:45:01.0953 1192 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x10BD2909, BlocksNum 0x1E461B8
09:45:01.0953 1192 ============================================================
09:45:02.0015 1192 C: <-> \Device\Harddisk0\DR0\Partition0
09:45:02.0046 1192 D: <-> \Device\Harddisk0\DR0\Partition1
09:45:02.0046 1192 ============================================================
09:45:02.0046 1192 Initialize success
09:45:02.0046 1192 ============================================================
09:45:10.0703 2432 ============================================================
09:45:10.0703 2432 Scan started
09:45:10.0703 2432 Mode: Manual; SigCheck; TDLFS;
09:45:10.0703 2432 ============================================================
09:45:13.0093 2432 Abiosdsk - ok
09:45:13.0109 2432 abp480n5 - ok
09:45:13.0203 2432 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:45:14.0500 2432 ACPI - ok
09:45:14.0562 2432 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
09:45:14.0750 2432 ACPIEC - ok
09:45:14.0765 2432 adpu160m - ok
09:45:14.0859 2432 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
09:45:15.0046 2432 aec - ok
09:45:15.0140 2432 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
09:45:15.0265 2432 AFD - ok
09:45:15.0281 2432 Aha154x - ok
09:45:15.0281 2432 aic78u2 - ok
09:45:15.0296 2432 aic78xx - ok
09:45:15.0343 2432 Alerter (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
09:45:15.0562 2432 Alerter - ok
09:45:15.0609 2432 ALG (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
09:45:15.0734 2432 ALG - ok
09:45:15.0750 2432 AliIde - ok
09:45:15.0750 2432 amsint - ok
09:45:15.0968 2432 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Programme\Avira\AntiVir Desktop\sched.exe
09:45:16.0015 2432 AntiVirSchedulerService - ok
09:45:16.0109 2432 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Programme\Avira\AntiVir Desktop\avguard.exe
09:45:16.0140 2432 AntiVirService - ok
09:45:16.0140 2432 AppMgmt - ok
09:45:16.0156 2432 asc - ok
09:45:16.0156 2432 asc3350p - ok
09:45:16.0171 2432 asc3550 - ok
09:45:16.0390 2432 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
09:45:16.0437 2432 aspnet_state - ok
09:45:16.0468 2432 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:45:16.0781 2432 AsyncMac - ok
09:45:16.0906 2432 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\drivers\atapi.sys
09:45:17.0109 2432 atapi - ok
09:45:17.0109 2432 Atdisk - ok
09:45:17.0140 2432 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:45:17.0343 2432 Atmarpc - ok
09:45:17.0375 2432 AudioSrv (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
09:45:17.0593 2432 AudioSrv - ok
09:45:17.0687 2432 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
09:45:17.0890 2432 audstub - ok
09:45:17.0968 2432 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
09:45:18.0171 2432 avgntflt - ok
09:45:18.0296 2432 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\WINDOWS\system32\DRIVERS\avipbb.sys
09:45:18.0343 2432 avipbb - ok
09:45:18.0390 2432 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys
09:45:18.0406 2432 avkmgr - ok
09:45:18.0500 2432 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
09:45:18.0703 2432 Beep - ok
09:45:18.0812 2432 BITS (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
09:45:19.0125 2432 BITS - ok
09:45:19.0187 2432 Browser (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
09:45:19.0406 2432 Browser - ok
09:45:19.0500 2432 btaudio (faba1418646a2b433c0bded6ff92d2fa) C:\WINDOWS\system32\drivers\btaudio.sys
09:45:19.0562 2432 btaudio - ok
09:45:19.0640 2432 BTDriver (2f9f111d31aa3fbbe5781d829a4524e6) C:\WINDOWS\system32\DRIVERS\btport.sys
09:45:19.0671 2432 BTDriver - ok
09:45:19.0812 2432 BTKRNL (aef038061bc1cafb4865d43a85beb1a1) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
09:45:19.0984 2432 BTKRNL - ok
09:45:20.0140 2432 btwdins (f20629ff9ed48efa98fdc5d99919e8c0) C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
09:45:20.0203 2432 btwdins - ok
09:45:20.0265 2432 BTWDNDIS (80f61de965c116051614ac2f04222ff7) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
09:45:20.0312 2432 BTWDNDIS - ok
09:45:20.0328 2432 btwhid (949eca9c56f657c06d3166d51f3226c7) C:\WINDOWS\system32\DRIVERS\btwhid.sys
09:45:20.0375 2432 btwhid - ok
09:45:20.0390 2432 BTWUSB (179a37c86fd2b9cc28eb93d093d394c7) C:\WINDOWS\system32\Drivers\btwusb.sys
09:45:20.0406 2432 BTWUSB - ok
09:45:20.0625 2432 catchme - ok
09:45:20.0656 2432 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
09:45:20.0890 2432 cbidf2k - ok
09:45:20.0953 2432 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
09:45:21.0265 2432 CCDECODE - ok
09:45:21.0281 2432 cd20xrnt - ok
09:45:21.0453 2432 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
09:45:21.0656 2432 Cdaudio - ok
09:45:21.0734 2432 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
09:45:21.0968 2432 Cdfs - ok
09:45:22.0015 2432 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:45:22.0218 2432 Cdrom - ok
09:45:22.0218 2432 Changer - ok
09:45:22.0250 2432 CiSvc (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
09:45:22.0468 2432 CiSvc - ok
09:45:22.0468 2432 ClipSrv (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
09:45:22.0687 2432 ClipSrv - ok
09:45:22.0828 2432 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:45:22.0859 2432 clr_optimization_v2.0.50727_32 - ok
09:45:22.0953 2432 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
09:45:23.0156 2432 CmBatt - ok
09:45:23.0171 2432 CmdIde - ok
09:45:23.0218 2432 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
09:45:23.0515 2432 Compbatt - ok
09:45:23.0531 2432 COMSysApp - ok
09:45:23.0546 2432 Cpqarray - ok
09:45:23.0609 2432 CryptSvc (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
09:45:23.0828 2432 CryptSvc - ok
09:45:23.0828 2432 dac2w2k - ok
09:45:23.0843 2432 dac960nt - ok
09:45:23.0953 2432 DcomLaunch (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
09:45:24.0015 2432 DcomLaunch - ok
09:45:24.0093 2432 Dhcp (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
09:45:24.0296 2432 Dhcp - ok
09:45:24.0375 2432 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
09:45:24.0625 2432 Disk - ok
09:45:24.0625 2432 dmadmin - ok
09:45:24.0781 2432 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
09:45:25.0031 2432 dmboot - ok
09:45:25.0062 2432 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
09:45:25.0296 2432 dmio - ok
09:45:25.0343 2432 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
09:45:25.0578 2432 dmload - ok
09:45:25.0609 2432 dmserver (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
09:45:25.0843 2432 dmserver - ok
09:45:25.0906 2432 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
09:45:26.0109 2432 DMusic - ok
09:45:26.0203 2432 Dnscache (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
09:45:26.0312 2432 Dnscache - ok
09:45:26.0406 2432 Dot3svc (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
09:45:26.0703 2432 Dot3svc - ok
09:45:26.0718 2432 dpti2o - ok
09:45:26.0796 2432 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
09:45:27.0015 2432 drmkaud - ok
09:45:27.0062 2432 EapHost (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
09:45:27.0312 2432 EapHost - ok
09:45:27.0359 2432 ERSvc (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
09:45:27.0578 2432 ERSvc - ok
09:45:27.0671 2432 Eventlog (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
09:45:27.0718 2432 Eventlog - ok
09:45:27.0812 2432 EventSystem (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
09:45:27.0890 2432 EventSystem - ok
09:45:27.0984 2432 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
09:45:28.0250 2432 Fastfat - ok
09:45:28.0375 2432 FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
09:45:28.0437 2432 FastUserSwitchingCompatibility - ok
09:45:28.0468 2432 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
09:45:28.0671 2432 Fdc - ok
09:45:28.0703 2432 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
09:45:28.0906 2432 Fips - ok
09:45:28.0906 2432 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
09:45:29.0125 2432 Flpydisk - ok
09:45:29.0203 2432 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
09:45:29.0421 2432 FltMgr - ok
09:45:29.0578 2432 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
09:45:29.0593 2432 FontCache3.0.0.0 - ok
09:45:29.0625 2432 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:45:29.0953 2432 Fs_Rec - ok
09:45:29.0968 2432 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:45:30.0171 2432 Ftdisk - ok
09:45:30.0437 2432 GoogleDesktopManager (21ac4f7da127baeb08d67e3c08dd3bb8) C:\Programme\Google\Google Desktop Search\GoogleDesktopManager.exe
09:45:30.0468 2432 GoogleDesktopManager ( UnsignedFile.Multi.Generic ) - warning
09:45:30.0468 2432 GoogleDesktopManager - detected UnsignedFile.Multi.Generic (1)
09:45:30.0562 2432 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:45:30.0843 2432 Gpc - ok
09:45:30.0890 2432 gusvc (751c1d2ca2abf4a9f5a6b8d7d45b907c) C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
09:45:30.0921 2432 gusvc - ok
09:45:31.0000 2432 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
09:45:31.0203 2432 HDAudBus - ok
09:45:31.0421 2432 helpsvc (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
09:45:31.0718 2432 helpsvc - ok
09:45:31.0750 2432 HidServ (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll
09:45:32.0046 2432 HidServ - ok
09:45:32.0078 2432 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:45:32.0265 2432 HidUsb - ok
09:45:32.0312 2432 hkmsvc (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
09:45:32.0500 2432 hkmsvc - ok
09:45:32.0515 2432 hpn - ok
09:45:32.0593 2432 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
09:45:32.0640 2432 HTTP - ok
09:45:32.0718 2432 HTTPFilter (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
09:45:32.0937 2432 HTTPFilter - ok
09:45:32.0937 2432 i2omgmt - ok
09:45:32.0953 2432 i2omp - ok
09:45:32.0968 2432 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:45:33.0187 2432 i8042prt - ok
09:45:33.0546 2432 ialm (0f68e2ec713f132ffb19e45415b09679) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
09:45:34.0156 2432 ialm - ok
09:45:34.0593 2432 iaStor (e5a0034847537eaee3c00349d5c34c5f) C:\WINDOWS\system32\DRIVERS\iaStor.sys
09:45:34.0625 2432 iaStor - ok
09:45:34.0718 2432 ICQ Service - ok
09:45:35.0046 2432 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:45:35.0187 2432 idsvc - ok
09:45:35.0250 2432 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
09:45:35.0609 2432 Imapi - ok
09:45:35.0687 2432 ImapiService (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
09:45:35.0906 2432 ImapiService - ok
09:45:35.0921 2432 ini910u - ok
09:45:36.0296 2432 IntcAzAudAddService (12cd9f66b64b25cbe18f1bb2c6f54832) C:\WINDOWS\system32\drivers\RtkHDAud.sys
09:45:36.0921 2432 IntcAzAudAddService - ok
09:45:37.0078 2432 IntelIde - ok
09:45:37.0171 2432 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
09:45:37.0468 2432 intelppm - ok
09:45:37.0484 2432 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
09:45:37.0734 2432 Ip6Fw - ok
09:45:37.0796 2432 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:45:38.0031 2432 IpFilterDriver - ok
09:45:38.0046 2432 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:45:38.0234 2432 IpInIp - ok
09:45:38.0296 2432 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:45:38.0578 2432 IpNat - ok
09:45:38.0656 2432 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:45:38.0859 2432 IPSec - ok
09:45:38.0921 2432 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
09:45:39.0062 2432 IRENUM - ok
09:45:39.0156 2432 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:45:39.0390 2432 isapnp - ok
09:45:39.0593 2432 JavaQuickStarterService (5e06a9d23727daf96faa796f1135fdcd) C:\Programme\Java\jre6\bin\jqs.exe
09:45:39.0625 2432 JavaQuickStarterService - ok
09:45:39.0718 2432 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:45:39.0906 2432 Kbdclass - ok
09:45:40.0000 2432 kbdhid (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
09:45:40.0203 2432 kbdhid - ok
09:45:40.0359 2432 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
09:45:40.0546 2432 kmixer - ok
09:45:40.0640 2432 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
09:45:40.0718 2432 KSecDD - ok
09:45:40.0781 2432 LanmanServer (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
09:45:40.0843 2432 LanmanServer - ok
09:45:40.0937 2432 lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
09:45:41.0000 2432 lanmanworkstation - ok
09:45:41.0000 2432 lbrtfdc - ok
09:45:41.0109 2432 LmHosts (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
09:45:41.0359 2432 LmHosts - ok
09:45:41.0406 2432 Messenger (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
09:45:41.0593 2432 Messenger - ok
09:45:41.0671 2432 Micro Star SCM (fef6d2d708cceea9fe7a335a745f8f5c) C:\Programme\System Control Manager\MSIService.exe
09:45:41.0687 2432 Micro Star SCM ( UnsignedFile.Multi.Generic ) - warning
09:45:41.0687 2432 Micro Star SCM - detected UnsignedFile.Multi.Generic (1)
09:45:41.0781 2432 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
09:45:41.0984 2432 mnmdd - ok
09:45:42.0046 2432 mnmsrvc (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
09:45:42.0281 2432 mnmsrvc - ok
09:45:42.0343 2432 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
09:45:42.0578 2432 Modem - ok
09:45:42.0625 2432 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:45:42.0828 2432 Mouclass - ok
09:45:42.0859 2432 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
09:45:43.0046 2432 mouhid - ok
09:45:43.0093 2432 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
09:45:43.0406 2432 MountMgr - ok
09:45:43.0453 2432 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
09:45:43.0515 2432 MozillaMaintenance - ok
09:45:43.0531 2432 mraid35x - ok
09:45:43.0546 2432 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:45:43.0796 2432 MRxDAV - ok
09:45:43.0906 2432 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:45:44.0093 2432 MRxSmb - ok
09:45:44.0171 2432 MSDTC (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
09:45:44.0375 2432 MSDTC - ok
09:45:44.0453 2432 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
09:45:44.0765 2432 Msfs - ok
09:45:44.0765 2432 MSIServer - ok
09:45:44.0828 2432 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:45:45.0046 2432 MSKSSRV - ok
09:45:45.0093 2432 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:45:45.0281 2432 MSPCLOCK - ok
09:45:45.0312 2432 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
09:45:45.0546 2432 MSPQM - ok
09:45:45.0562 2432 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:45:45.0750 2432 mssmbios - ok
09:45:45.0796 2432 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
09:45:46.0000 2432 MSTEE - ok
09:45:46.0062 2432 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
09:45:46.0093 2432 Mup - ok
09:45:46.0140 2432 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
09:45:46.0343 2432 NABTSFEC - ok
09:45:46.0421 2432 napagent (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
09:45:46.0656 2432 napagent - ok
09:45:46.0687 2432 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
09:45:46.0875 2432 NDIS - ok
09:45:46.0921 2432 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
09:45:47.0125 2432 NdisIP - ok
09:45:47.0171 2432 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:45:47.0203 2432 NdisTapi - ok
09:45:47.0468 2432 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:45:47.0687 2432 Ndisuio - ok
09:45:47.0781 2432 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:45:48.0078 2432 NdisWan - ok
09:45:48.0156 2432 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
09:45:48.0250 2432 NDProxy - ok
09:45:48.0421 2432 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
09:45:48.0609 2432 NetBIOS - ok
09:45:48.0640 2432 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
09:45:48.0937 2432 NetBT - ok
09:45:49.0031 2432 NetDDE (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
09:45:49.0328 2432 NetDDE - ok
09:45:49.0328 2432 NetDDEdsdm (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
09:45:49.0546 2432 NetDDEdsdm - ok
09:45:49.0609 2432 Netlogon (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
09:45:49.0796 2432 Netlogon - ok
09:45:49.0828 2432 Netman (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
09:45:50.0031 2432 Netman - ok
09:45:50.0296 2432 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:45:50.0328 2432 NetTcpPortSharing - ok
09:45:50.0453 2432 Nla (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
09:45:50.0500 2432 Nla - ok
09:45:50.0515 2432 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
09:45:50.0718 2432 Npfs - ok
09:45:50.0828 2432 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
09:45:51.0062 2432 Ntfs - ok
09:45:51.0078 2432 NtLmSsp (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
09:45:51.0265 2432 NtLmSsp - ok
09:45:51.0593 2432 NtmsSvc (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
09:45:51.0984 2432 NtmsSvc - ok
09:45:52.0046 2432 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
09:45:52.0234 2432 Null - ok
09:45:52.0359 2432 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:45:52.0593 2432 NwlnkFlt - ok
09:45:52.0640 2432 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:45:52.0828 2432 NwlnkFwd - ok
09:45:52.0875 2432 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\drivers\Parport.sys
09:45:53.0140 2432 Parport - ok
09:45:53.0203 2432 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
09:45:53.0421 2432 PartMgr - ok
09:45:53.0453 2432 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
09:45:53.0671 2432 ParVdm - ok
09:45:53.0703 2432 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
09:45:53.0921 2432 PCI - ok
09:45:53.0937 2432 PCIDump - ok
09:45:53.0937 2432 PCIIde - ok
09:45:53.0968 2432 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
09:45:54.0156 2432 Pcmcia - ok
09:45:54.0171 2432 PDCOMP - ok
09:45:54.0187 2432 PDFRAME - ok
09:45:54.0187 2432 PDRELI - ok
09:45:54.0203 2432 PDRFRAME - ok
09:45:54.0203 2432 perc2 - ok
09:45:54.0218 2432 perc2hib - ok
09:45:54.0359 2432 PlugPlay (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
09:45:54.0390 2432 PlugPlay - ok
09:45:54.0390 2432 PolicyAgent (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
09:45:54.0593 2432 PolicyAgent - ok
09:45:54.0609 2432 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:45:54.0828 2432 PptpMiniport - ok
09:45:54.0828 2432 ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
09:45:55.0015 2432 ProtectedStorage - ok
09:45:55.0390 2432 ProtexisLicensing (64e413ba0c529aa40c3924bbcc4153db) C:\WINDOWS\system32\PSIService.exe
09:45:55.0453 2432 ProtexisLicensing ( UnsignedFile.Multi.Generic ) - warning
09:45:55.0453 2432 ProtexisLicensing - detected UnsignedFile.Multi.Generic (1)
09:45:55.0453 2432 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
09:45:55.0734 2432 PSched - ok
09:45:55.0765 2432 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:45:55.0953 2432 Ptilink - ok
09:45:56.0015 2432 PxHelp20 (1962166e0ceb740704f30fa55ad3d509) C:\WINDOWS\system32\Drivers\PxHelp20.sys
09:45:56.0031 2432 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
09:45:56.0031 2432 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
09:45:56.0031 2432 ql1080 - ok
09:45:56.0046 2432 Ql10wnt - ok
09:45:56.0046 2432 ql12160 - ok
09:45:56.0062 2432 ql1240 - ok
09:45:56.0078 2432 ql1280 - ok
09:45:56.0093 2432 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:45:56.0281 2432 RasAcd - ok
09:45:56.0359 2432 RasAuto (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
09:45:56.0562 2432 RasAuto - ok
09:45:56.0609 2432 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:45:56.0875 2432 Rasl2tp - ok
09:45:56.0890 2432 RasMan (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
09:45:57.0125 2432 RasMan - ok
09:45:57.0140 2432 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:45:57.0343 2432 RasPppoe - ok
09:45:57.0375 2432 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
09:45:57.0609 2432 Raspti - ok
09:45:57.0718 2432 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:45:57.0906 2432 Rdbss - ok
09:45:57.0921 2432 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:45:58.0125 2432 RDPCDD - ok
09:45:58.0234 2432 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
09:45:58.0343 2432 RDPWD - ok
09:45:58.0437 2432 RDSessMgr (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
09:45:58.0625 2432 RDSessMgr - ok
09:45:58.0656 2432 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
09:45:58.0843 2432 redbook - ok
09:45:58.0890 2432 RemoteAccess (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
09:45:59.0093 2432 RemoteAccess - ok
09:45:59.0265 2432 RichVideo (2af094b1ce4725e4551f38fda2348637) C:\Programme\Cyberlink\Shared files\RichVideo.exe
09:45:59.0281 2432 RichVideo ( UnsignedFile.Multi.Generic ) - warning
09:45:59.0281 2432 RichVideo - detected UnsignedFile.Multi.Generic (1)
09:45:59.0375 2432 RpcLocator (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
09:45:59.0593 2432 RpcLocator - ok
09:45:59.0687 2432 RpcSs (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\System32\rpcss.dll
09:45:59.0750 2432 RpcSs - ok
09:45:59.0843 2432 RSUSBSTOR (680a7aba84a7863c89b5440c9c1e0895) C:\WINDOWS\system32\Drivers\RTS5121.sys
09:45:59.0937 2432 RSUSBSTOR - ok
09:46:00.0000 2432 RSVP (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
09:46:00.0328 2432 RSVP - ok
09:46:00.0406 2432 RT80x86 (aebf31765a926746dd7946fa14c52297) C:\WINDOWS\system32\DRIVERS\RT2860.sys
09:46:00.0500 2432 RT80x86 - ok
09:46:00.0531 2432 RTLE8023xp (7174f20ad9b7b7878a51ecca03c499c2) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
09:46:00.0656 2432 RTLE8023xp - ok
09:46:00.0750 2432 SamSs (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
09:46:01.0015 2432 SamSs - ok
09:46:01.0109 2432 SCardSvr (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
09:46:01.0312 2432 SCardSvr - ok
09:46:01.0390 2432 Schedule (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
09:46:01.0593 2432 Schedule - ok
09:46:01.0640 2432 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:46:01.0750 2432 Secdrv - ok
09:46:01.0796 2432 seclogon (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
09:46:02.0031 2432 seclogon - ok
09:46:02.0031 2432 SENS (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
09:46:02.0250 2432 SENS - ok
09:46:02.0390 2432 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\drivers\Serial.sys
09:46:02.0578 2432 Serial - ok
09:46:02.0593 2432 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
09:46:02.0796 2432 Sfloppy - ok
09:46:02.0843 2432 SharedAccess (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
09:46:03.0078 2432 SharedAccess - ok
09:46:03.0140 2432 ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
09:46:03.0171 2432 ShellHWDetection - ok
09:46:03.0187 2432 Simbad - ok
09:46:03.0265 2432 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
09:46:03.0468 2432 SLIP - ok
09:46:03.0484 2432 Sparrow - ok
09:46:03.0531 2432 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
09:46:03.0765 2432 splitter - ok
09:46:03.0859 2432 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
09:46:03.0968 2432 Spooler - ok
09:46:04.0062 2432 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
09:46:04.0156 2432 sr - ok
09:46:04.0171 2432 srservice (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
09:46:04.0265 2432 srservice - ok
09:46:04.0390 2432 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
09:46:04.0453 2432 Srv - ok
09:46:04.0546 2432 SSDPSRV (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
09:46:04.0687 2432 SSDPSRV - ok
09:46:04.0781 2432 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
09:46:04.0812 2432 ssmdrv - ok
09:46:04.0859 2432 stisvc (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
09:46:05.0140 2432 stisvc - ok
09:46:05.0171 2432 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
09:46:05.0390 2432 streamip - ok
09:46:05.0468 2432 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
09:46:05.0656 2432 swenum - ok
09:46:05.0750 2432 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
09:46:05.0937 2432 swmidi - ok
09:46:05.0937 2432 SwPrv - ok
09:46:05.0953 2432 symc810 - ok
09:46:05.0953 2432 symc8xx - ok
09:46:05.0968 2432 sym_hi - ok
09:46:05.0968 2432 sym_u3 - ok
09:46:06.0078 2432 SynTP (a9ad7fad373975d4dbeabb0ead240bb1) C:\WINDOWS\system32\DRIVERS\SynTP.sys
09:46:06.0156 2432 SynTP - ok
09:46:06.0218 2432 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
09:46:06.0406 2432 sysaudio - ok
09:46:06.0484 2432 SysmonLog (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
09:46:06.0765 2432 SysmonLog - ok
09:46:06.0796 2432 TapiSrv (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
09:46:07.0015 2432 TapiSrv - ok
09:46:07.0046 2432 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:46:07.0093 2432 Tcpip - ok
09:46:07.0125 2432 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
09:46:07.0359 2432 TDPIPE - ok
09:46:07.0375 2432 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
09:46:07.0562 2432 TDTCP - ok
09:46:07.0625 2432 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
09:46:07.0812 2432 TermDD - ok
09:46:07.0843 2432 TermService (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
09:46:08.0046 2432 TermService - ok
09:46:08.0140 2432 Themes (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
09:46:08.0171 2432 Themes - ok
09:46:08.0187 2432 TosIde - ok
09:46:08.0296 2432 TrkWks (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
09:46:08.0500 2432 TrkWks - ok
09:46:08.0546 2432 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
09:46:08.0796 2432 Udfs - ok
09:46:08.0812 2432 ultra - ok
09:46:08.0875 2432 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
09:46:09.0078 2432 Update - ok
09:46:09.0125 2432 upnphost (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
09:46:09.0234 2432 upnphost - ok
09:46:09.0265 2432 UPS (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
09:46:09.0468 2432 UPS - ok
09:46:09.0500 2432 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:46:09.0687 2432 usbccgp - ok
09:46:09.0781 2432 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:46:10.0046 2432 usbehci - ok
09:46:10.0125 2432 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:46:10.0328 2432 usbhub - ok
09:46:10.0437 2432 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
09:46:10.0671 2432 usbscan - ok
09:46:10.0718 2432 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:46:10.0968 2432 usbstor - ok
09:46:11.0046 2432 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
09:46:11.0234 2432 usbuhci - ok
09:46:11.0328 2432 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
09:46:11.0546 2432 usbvideo - ok
09:46:11.0625 2432 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
09:46:11.0828 2432 VgaSave - ok
09:46:11.0843 2432 ViaIde - ok
09:46:11.0875 2432 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
09:46:12.0140 2432 VolSnap - ok
09:46:12.0234 2432 VSS (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
09:46:12.0421 2432 VSS - ok
09:46:12.0453 2432 W32Time (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
09:46:12.0640 2432 W32Time - ok
09:46:12.0671 2432 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:46:12.0906 2432 Wanarp - ok
09:46:12.0921 2432 WDICA - ok
09:46:13.0015 2432 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
09:46:13.0234 2432 wdmaud - ok
09:46:13.0281 2432 WebClient (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
09:46:13.0515 2432 WebClient - ok
09:46:13.0687 2432 winmgmt (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
09:46:13.0921 2432 winmgmt - ok
09:46:14.0171 2432 WLSetupSvc (94a85e956a065e23e0010a6a7826243b) C:\Programme\Windows Live\installer\WLSetupSvc.exe
09:46:14.0328 2432 WLSetupSvc - ok
09:46:14.0375 2432 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
09:46:14.0500 2432 WmdmPmSN - ok
09:46:14.0578 2432 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
09:46:14.0843 2432 WmiAcpi - ok
09:46:14.0875 2432 WmiApSrv (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
09:46:15.0078 2432 WmiApSrv - ok
09:46:15.0484 2432 WMPNetworkSvc (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
09:46:15.0656 2432 WMPNetworkSvc - ok
09:46:15.0718 2432 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
09:46:15.0765 2432 WpdUsb - ok
09:46:15.0828 2432 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
09:46:16.0093 2432 WS2IFSL - ok
09:46:16.0187 2432 wscsvc (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
09:46:16.0390 2432 wscsvc - ok
09:46:16.0437 2432 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
09:46:16.0625 2432 WSTCODEC - ok
09:46:16.0703 2432 wuauserv (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
09:46:16.0921 2432 wuauserv - ok
09:46:17.0015 2432 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
09:46:17.0093 2432 WudfPf - ok
09:46:17.0109 2432 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
09:46:17.0171 2432 WudfRd - ok
09:46:17.0187 2432 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
09:46:17.0218 2432 WudfSvc - ok
09:46:17.0437 2432 WZCSVC (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
09:46:17.0781 2432 WZCSVC - ok
09:46:17.0828 2432 xmlprov (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
09:46:18.0031 2432 xmlprov - ok
09:46:18.0078 2432 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
09:46:18.0234 2432 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
09:46:18.0234 2432 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)
09:46:18.0343 2432 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
09:46:18.0343 2432 \Device\Harddisk0\DR0 - detected TDSS File System (1)
09:46:18.0359 2432 Boot (0x1200) (4ec9215e64a7b2cd9a4a2a89ec9c66bf) \Device\Harddisk0\DR0\Partition0
09:46:18.0359 2432 \Device\Harddisk0\DR0\Partition0 - ok
09:46:18.0390 2432 Boot (0x1200) (39171ec58682d3707cc23e2fbb18d511) \Device\Harddisk0\DR0\Partition1
09:46:18.0390 2432 \Device\Harddisk0\DR0\Partition1 - ok
09:46:18.0390 2432 ============================================================
09:46:18.0390 2432 Scan finished
09:46:18.0390 2432 ============================================================
09:46:18.0515 2756 Detected object count: 7
09:46:18.0515 2756 Actual detected object count: 7
09:46:34.0375 2756 GoogleDesktopManager ( UnsignedFile.Multi.Generic ) - skipped by user
09:46:34.0375 2756 GoogleDesktopManager ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:46:34.0375 2756 Micro Star SCM ( UnsignedFile.Multi.Generic ) - skipped by user
09:46:34.0375 2756 Micro Star SCM ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:46:34.0375 2756 ProtexisLicensing ( UnsignedFile.Multi.Generic ) - skipped by user
09:46:34.0375 2756 ProtexisLicensing ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:46:34.0390 2756 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
09:46:34.0390 2756 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:46:34.0390 2756 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
09:46:34.0390 2756 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:46:34.0390 2756 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - skipped by user
09:46:34.0390 2756 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Skip
09:46:34.0390 2756 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
09:46:34.0390 2756 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
|
|
10.07.2012, 13:04
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | System message - write fault errorCode:
ATTFilter 09:46:34.0390 2756 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Skip
09:46:34.0390 2756 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
Starte Windows danach neu und mach wieder ein komplett neues Log mit dem TDSS-Killer. Wie immer wieder in CODE-Tags posten.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.08.2012, 17:11
| #6 |
| | System message - write fault error Hallo Arne, ich war lange krank...Aber hier jetzt endlich nochmal die TDSS-Killer-Logs. Allerdings konnte ich nur beim Rootkit "cure" angeben und beim TDSS file System nur "delete"? Code:
ATTFilter 18:06:56.0515 1644 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
18:06:56.0781 1644 ============================================================
18:06:56.0781 1644 Current date / time: 2012/08/02 18:06:56.0781
18:06:56.0781 1644 SystemInfo:
18:06:56.0781 1644
18:06:56.0781 1644 OS Version: 5.1.2600 ServicePack: 3.0
18:06:56.0781 1644 Product type: Workstation
18:06:56.0781 1644 ComputerName: AKOYA
18:06:56.0781 1644 UserName: Jus
18:06:56.0781 1644 Windows directory: C:\WINDOWS
18:06:56.0781 1644 System windows directory: C:\WINDOWS
18:06:56.0781 1644 Processor architecture: Intel x86
18:06:56.0781 1644 Number of processors: 2
18:06:56.0781 1644 Page size: 0x1000
18:06:56.0781 1644 Boot type: Normal boot
18:06:56.0781 1644 ============================================================
18:06:58.0843 1644 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:06:58.0843 1644 ============================================================
18:06:58.0843 1644 \Device\Harddisk0\DR0:
18:06:58.0843 1644 MBR partitions:
18:06:58.0843 1644 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x10BD28CA
18:06:58.0843 1644 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x10BD2909, BlocksNum 0x1E461B8
18:06:58.0843 1644 ============================================================
18:06:58.0937 1644 C: <-> \Device\Harddisk0\DR0\Partition0
18:06:58.0984 1644 D: <-> \Device\Harddisk0\DR0\Partition1
18:06:59.0000 1644 ============================================================
18:06:59.0000 1644 Initialize success
18:06:59.0000 1644 ============================================================
18:07:09.0859 2548 ============================================================
18:07:09.0859 2548 Scan started
18:07:09.0859 2548 Mode: Manual; SigCheck; TDLFS;
18:07:09.0859 2548 ============================================================
18:07:10.0765 2548 Abiosdsk - ok
18:07:10.0781 2548 abp480n5 - ok
18:07:10.0859 2548 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:07:14.0203 2548 ACPI - ok
18:07:14.0265 2548 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
18:07:14.0515 2548 ACPIEC - ok
18:07:14.0531 2548 adpu160m - ok
18:07:14.0609 2548 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
18:07:14.0906 2548 aec - ok
18:07:15.0000 2548 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
18:07:15.0203 2548 AFD - ok
18:07:15.0203 2548 Aha154x - ok
18:07:15.0218 2548 aic78u2 - ok
18:07:15.0234 2548 aic78xx - ok
18:07:15.0281 2548 Alerter (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
18:07:15.0531 2548 Alerter - ok
18:07:15.0578 2548 ALG (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
18:07:15.0687 2548 ALG - ok
18:07:15.0687 2548 AliIde - ok
18:07:15.0703 2548 amsint - ok
18:07:16.0171 2548 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Programme\Avira\AntiVir Desktop\sched.exe
18:07:16.0234 2548 AntiVirSchedulerService - ok
18:07:16.0328 2548 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Programme\Avira\AntiVir Desktop\avguard.exe
18:07:16.0375 2548 AntiVirService - ok
18:07:16.0390 2548 AppMgmt - ok
18:07:16.0406 2548 asc - ok
18:07:16.0421 2548 asc3350p - ok
18:07:16.0437 2548 asc3550 - ok
18:07:16.0703 2548 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
18:07:16.0812 2548 aspnet_state - ok
18:07:16.0906 2548 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:07:17.0250 2548 AsyncMac - ok
18:07:17.0312 2548 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\drivers\atapi.sys
18:07:17.0562 2548 atapi - ok
18:07:17.0562 2548 Atdisk - ok
18:07:17.0593 2548 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:07:17.0812 2548 Atmarpc - ok
18:07:17.0843 2548 AudioSrv (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
18:07:18.0062 2548 AudioSrv - ok
18:07:18.0109 2548 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
18:07:18.0312 2548 audstub - ok
18:07:18.0406 2548 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
18:07:18.0984 2548 avgntflt - ok
18:07:19.0093 2548 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\WINDOWS\system32\DRIVERS\avipbb.sys
18:07:19.0187 2548 avipbb - ok
18:07:19.0218 2548 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys
18:07:19.0281 2548 avkmgr - ok
18:07:19.0375 2548 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
18:07:19.0671 2548 Beep - ok
18:07:19.0781 2548 BITS (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
18:07:20.0015 2548 BITS - ok
18:07:20.0093 2548 Browser (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
18:07:20.0312 2548 Browser - ok
18:07:20.0421 2548 btaudio (faba1418646a2b433c0bded6ff92d2fa) C:\WINDOWS\system32\drivers\btaudio.sys
18:07:20.0515 2548 btaudio - ok
18:07:20.0593 2548 BTDriver (2f9f111d31aa3fbbe5781d829a4524e6) C:\WINDOWS\system32\DRIVERS\btport.sys
18:07:20.0625 2548 BTDriver - ok
18:07:20.0765 2548 BTKRNL (aef038061bc1cafb4865d43a85beb1a1) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
18:07:21.0093 2548 BTKRNL - ok
18:07:21.0296 2548 btwdins (f20629ff9ed48efa98fdc5d99919e8c0) C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
18:07:21.0390 2548 btwdins - ok
18:07:21.0437 2548 BTWDNDIS (80f61de965c116051614ac2f04222ff7) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
18:07:21.0531 2548 BTWDNDIS - ok
18:07:21.0546 2548 btwhid (949eca9c56f657c06d3166d51f3226c7) C:\WINDOWS\system32\DRIVERS\btwhid.sys
18:07:21.0593 2548 btwhid - ok
18:07:21.0609 2548 BTWUSB (179a37c86fd2b9cc28eb93d093d394c7) C:\WINDOWS\system32\Drivers\btwusb.sys
18:07:21.0640 2548 BTWUSB - ok
18:07:21.0921 2548 catchme - ok
18:07:21.0968 2548 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
18:07:22.0281 2548 cbidf2k - ok
18:07:22.0343 2548 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
18:07:22.0687 2548 CCDECODE - ok
18:07:22.0703 2548 cd20xrnt - ok
18:07:22.0781 2548 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
18:07:23.0015 2548 Cdaudio - ok
18:07:23.0062 2548 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
18:07:23.0296 2548 Cdfs - ok
18:07:23.0390 2548 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:07:23.0640 2548 Cdrom - ok
18:07:23.0640 2548 Changer - ok
18:07:23.0687 2548 CiSvc (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
18:07:23.0937 2548 CiSvc - ok
18:07:23.0968 2548 ClipSrv (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
18:07:24.0265 2548 ClipSrv - ok
18:07:24.0437 2548 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:07:24.0546 2548 clr_optimization_v2.0.50727_32 - ok
18:07:24.0593 2548 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
18:07:24.0843 2548 CmBatt - ok
18:07:24.0859 2548 CmdIde - ok
18:07:24.0937 2548 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
18:07:25.0250 2548 Compbatt - ok
18:07:25.0250 2548 COMSysApp - ok
18:07:25.0281 2548 Cpqarray - ok
18:07:25.0375 2548 CryptSvc (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
18:07:25.0609 2548 CryptSvc - ok
18:07:25.0609 2548 dac2w2k - ok
18:07:25.0625 2548 dac960nt - ok
18:07:25.0734 2548 DcomLaunch (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
18:07:25.0953 2548 DcomLaunch - ok
18:07:26.0062 2548 Dhcp (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
18:07:26.0296 2548 Dhcp - ok
18:07:26.0375 2548 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
18:07:26.0609 2548 Disk - ok
18:07:26.0625 2548 dmadmin - ok
18:07:26.0703 2548 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
18:07:27.0000 2548 dmboot - ok
18:07:27.0031 2548 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
18:07:27.0281 2548 dmio - ok
18:07:27.0328 2548 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
18:07:27.0546 2548 dmload - ok
18:07:27.0562 2548 dmserver (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
18:07:27.0796 2548 dmserver - ok
18:07:27.0921 2548 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
18:07:28.0156 2548 DMusic - ok
18:07:28.0234 2548 Dnscache (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
18:07:28.0406 2548 Dnscache - ok
18:07:28.0468 2548 Dot3svc (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
18:07:28.0812 2548 Dot3svc - ok
18:07:28.0812 2548 dpti2o - ok
18:07:28.0937 2548 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
18:07:29.0156 2548 drmkaud - ok
18:07:29.0203 2548 EapHost (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
18:07:29.0484 2548 EapHost - ok
18:07:29.0500 2548 ERSvc (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
18:07:29.0718 2548 ERSvc - ok
18:07:29.0812 2548 Eventlog (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
18:07:29.0843 2548 Eventlog - ok
18:07:29.0968 2548 EventSystem (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
18:07:30.0062 2548 EventSystem - ok
18:07:30.0156 2548 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
18:07:30.0390 2548 Fastfat - ok
18:07:30.0484 2548 FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
18:07:30.0562 2548 FastUserSwitchingCompatibility - ok
18:07:30.0640 2548 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
18:07:30.0859 2548 Fdc - ok
18:07:30.0921 2548 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
18:07:31.0218 2548 Fips - ok
18:07:31.0234 2548 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
18:07:31.0453 2548 Flpydisk - ok
18:07:31.0546 2548 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
18:07:31.0828 2548 FltMgr - ok
18:07:32.0046 2548 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:07:32.0109 2548 FontCache3.0.0.0 - ok
18:07:32.0125 2548 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:07:32.0468 2548 Fs_Rec - ok
18:07:32.0500 2548 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:07:32.0734 2548 Ftdisk - ok
18:07:33.0031 2548 GoogleDesktopManager (21ac4f7da127baeb08d67e3c08dd3bb8) C:\Programme\Google\Google Desktop Search\GoogleDesktopManager.exe
18:07:33.0093 2548 GoogleDesktopManager ( UnsignedFile.Multi.Generic ) - warning
18:07:33.0093 2548 GoogleDesktopManager - detected UnsignedFile.Multi.Generic (1)
18:07:33.0187 2548 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:07:33.0437 2548 Gpc - ok
18:07:33.0468 2548 gusvc (751c1d2ca2abf4a9f5a6b8d7d45b907c) C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
18:07:33.0531 2548 gusvc - ok
18:07:33.0625 2548 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:07:33.0828 2548 HDAudBus - ok
18:07:34.0062 2548 helpsvc (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:07:34.0281 2548 helpsvc - ok
18:07:34.0328 2548 HidServ (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll
18:07:34.0578 2548 HidServ - ok
18:07:34.0671 2548 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:07:34.0906 2548 HidUsb - ok
18:07:34.0937 2548 hkmsvc (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
18:07:35.0156 2548 hkmsvc - ok
18:07:35.0156 2548 hpn - ok
18:07:35.0234 2548 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
18:07:35.0343 2548 HTTP - ok
18:07:35.0421 2548 HTTPFilter (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
18:07:35.0640 2548 HTTPFilter - ok
18:07:35.0640 2548 i2omgmt - ok
18:07:35.0656 2548 i2omp - ok
18:07:35.0671 2548 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:07:35.0968 2548 i8042prt - ok
18:07:36.0421 2548 ialm (0f68e2ec713f132ffb19e45415b09679) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
18:07:37.0250 2548 ialm - ok
18:07:37.0531 2548 iaStor (e5a0034847537eaee3c00349d5c34c5f) C:\WINDOWS\system32\DRIVERS\iaStor.sys
18:07:37.0562 2548 iaStor - ok
18:07:37.0656 2548 ICQ Service - ok
18:07:37.0968 2548 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:07:38.0312 2548 idsvc - ok
18:07:38.0375 2548 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
18:07:38.0718 2548 Imapi - ok
18:07:38.0796 2548 ImapiService (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
18:07:39.0062 2548 ImapiService - ok
18:07:39.0062 2548 ini910u - ok
18:07:39.0406 2548 IntcAzAudAddService (12cd9f66b64b25cbe18f1bb2c6f54832) C:\WINDOWS\system32\drivers\RtkHDAud.sys
18:07:39.0890 2548 IntcAzAudAddService - ok
18:07:40.0156 2548 IntelIde - ok
18:07:40.0218 2548 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:07:40.0515 2548 intelppm - ok
18:07:40.0562 2548 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
18:07:40.0781 2548 Ip6Fw - ok
18:07:40.0828 2548 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:07:41.0046 2548 IpFilterDriver - ok
18:07:41.0046 2548 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:07:41.0281 2548 IpInIp - ok
18:07:41.0359 2548 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:07:41.0593 2548 IpNat - ok
18:07:41.0656 2548 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:07:41.0921 2548 IPSec - ok
18:07:41.0968 2548 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
18:07:42.0109 2548 IRENUM - ok
18:07:42.0203 2548 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:07:42.0437 2548 isapnp - ok
18:07:42.0593 2548 JavaQuickStarterService (de5d05fd449798ef88cc34ad4b1e7f85) C:\Programme\Java\jre6\bin\jqs.exe
18:07:42.0625 2548 JavaQuickStarterService - ok
18:07:42.0687 2548 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:07:42.0921 2548 Kbdclass - ok
18:07:43.0046 2548 kbdhid (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:07:43.0328 2548 kbdhid - ok
18:07:43.0421 2548 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
18:07:43.0671 2548 kmixer - ok
18:07:43.0765 2548 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
18:07:43.0953 2548 KSecDD - ok
18:07:44.0031 2548 LanmanServer (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
18:07:44.0156 2548 LanmanServer - ok
18:07:44.0250 2548 lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
18:07:44.0343 2548 lanmanworkstation - ok
18:07:44.0343 2548 lbrtfdc - ok
18:07:44.0437 2548 LmHosts (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
18:07:44.0718 2548 LmHosts - ok
18:07:44.0734 2548 Messenger (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
18:07:45.0000 2548 Messenger - ok
18:07:45.0093 2548 Micro Star SCM (fef6d2d708cceea9fe7a335a745f8f5c) C:\Programme\System Control Manager\MSIService.exe
18:07:45.0125 2548 Micro Star SCM ( UnsignedFile.Multi.Generic ) - warning
18:07:45.0125 2548 Micro Star SCM - detected UnsignedFile.Multi.Generic (1)
18:07:45.0203 2548 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
18:07:45.0421 2548 mnmdd - ok
18:07:45.0484 2548 mnmsrvc (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
18:07:45.0734 2548 mnmsrvc - ok
18:07:45.0750 2548 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
18:07:46.0000 2548 Modem - ok
18:07:46.0046 2548 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:07:46.0265 2548 Mouclass - ok
18:07:46.0312 2548 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:07:46.0531 2548 mouhid - ok
18:07:46.0593 2548 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
18:07:46.0828 2548 MountMgr - ok
18:07:46.0921 2548 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
18:07:46.0984 2548 MozillaMaintenance - ok
18:07:47.0000 2548 mraid35x - ok
18:07:47.0031 2548 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:07:47.0250 2548 MRxDAV - ok
18:07:47.0328 2548 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:07:47.0640 2548 MRxSmb - ok
18:07:47.0718 2548 MSDTC (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
18:07:48.0031 2548 MSDTC - ok
18:07:48.0156 2548 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
18:07:48.0359 2548 Msfs - ok
18:07:48.0375 2548 MSIServer - ok
18:07:48.0406 2548 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:07:48.0656 2548 MSKSSRV - ok
18:07:48.0703 2548 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:07:48.0906 2548 MSPCLOCK - ok
18:07:48.0953 2548 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
18:07:49.0203 2548 MSPQM - ok
18:07:49.0265 2548 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:07:49.0468 2548 mssmbios - ok
18:07:49.0531 2548 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
18:07:49.0750 2548 MSTEE - ok
18:07:49.0781 2548 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
18:07:49.0875 2548 Mup - ok
18:07:49.0921 2548 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
18:07:50.0156 2548 NABTSFEC - ok
18:07:50.0265 2548 napagent (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
18:07:50.0593 2548 napagent - ok
18:07:50.0625 2548 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
18:07:50.0890 2548 NDIS - ok
18:07:50.0906 2548 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
18:07:51.0125 2548 NdisIP - ok
18:07:51.0171 2548 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:07:51.0296 2548 NdisTapi - ok
18:07:51.0390 2548 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:07:51.0609 2548 Ndisuio - ok
18:07:51.0640 2548 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:07:51.0906 2548 NdisWan - ok
18:07:51.0968 2548 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
18:07:52.0187 2548 NDProxy - ok
18:07:52.0265 2548 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
18:07:52.0515 2548 NetBIOS - ok
18:07:52.0531 2548 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
18:07:52.0765 2548 NetBT - ok
18:07:52.0859 2548 NetDDE (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
18:07:53.0078 2548 NetDDE - ok
18:07:53.0093 2548 NetDDEdsdm (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
18:07:53.0296 2548 NetDDEdsdm - ok
18:07:53.0531 2548 Netlogon (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
18:07:53.0750 2548 Netlogon - ok
18:07:53.0843 2548 Netman (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
18:07:54.0203 2548 Netman - ok
18:07:54.0453 2548 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:07:54.0515 2548 NetTcpPortSharing - ok
18:07:54.0609 2548 Nla (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
18:07:54.0656 2548 Nla - ok
18:07:54.0656 2548 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
18:07:54.0953 2548 Npfs - ok
18:07:55.0062 2548 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
18:07:55.0640 2548 Ntfs - ok
18:07:55.0656 2548 NtLmSsp (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
18:07:55.0968 2548 NtLmSsp - ok
18:07:56.0015 2548 NtmsSvc (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
18:07:56.0359 2548 NtmsSvc - ok
18:07:56.0453 2548 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
18:07:56.0703 2548 Null - ok
18:07:56.0734 2548 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:07:56.0953 2548 NwlnkFlt - ok
18:07:56.0968 2548 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:07:57.0203 2548 NwlnkFwd - ok
18:07:57.0234 2548 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\drivers\Parport.sys
18:07:57.0484 2548 Parport - ok
18:07:57.0500 2548 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
18:07:57.0718 2548 PartMgr - ok
18:07:57.0750 2548 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
18:07:57.0968 2548 ParVdm - ok
18:07:58.0000 2548 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
18:07:58.0234 2548 PCI - ok
18:07:58.0265 2548 PCIDump - ok
18:07:58.0281 2548 PCIIde - ok
18:07:58.0296 2548 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
18:07:58.0546 2548 Pcmcia - ok
18:07:58.0546 2548 PDCOMP - ok
18:07:58.0562 2548 PDFRAME - ok
18:07:58.0562 2548 PDRELI - ok
18:07:58.0578 2548 PDRFRAME - ok
18:07:58.0593 2548 perc2 - ok
18:07:58.0593 2548 perc2hib - ok
18:07:58.0703 2548 PlugPlay (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
18:07:58.0750 2548 PlugPlay - ok
18:07:58.0750 2548 PolicyAgent (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
18:07:58.0984 2548 PolicyAgent - ok
18:07:59.0046 2548 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:07:59.0281 2548 PptpMiniport - ok
18:07:59.0281 2548 ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
18:07:59.0500 2548 ProtectedStorage - ok
18:07:59.0906 2548 ProtexisLicensing (64e413ba0c529aa40c3924bbcc4153db) C:\WINDOWS\system32\PSIService.exe
18:07:59.0921 2548 ProtexisLicensing ( UnsignedFile.Multi.Generic ) - warning
18:07:59.0921 2548 ProtexisLicensing - detected UnsignedFile.Multi.Generic (1)
18:07:59.0937 2548 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
18:08:00.0218 2548 PSched - ok
18:08:00.0281 2548 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:08:00.0484 2548 Ptilink - ok
18:08:00.0546 2548 PxHelp20 (1962166e0ceb740704f30fa55ad3d509) C:\WINDOWS\system32\Drivers\PxHelp20.sys
18:08:00.0578 2548 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
18:08:00.0578 2548 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
18:08:00.0578 2548 ql1080 - ok
18:08:00.0593 2548 Ql10wnt - ok
18:08:00.0593 2548 ql12160 - ok
18:08:00.0609 2548 ql1240 - ok
18:08:00.0625 2548 ql1280 - ok
18:08:00.0640 2548 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:08:00.0859 2548 RasAcd - ok
18:08:00.0968 2548 RasAuto (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
18:08:01.0203 2548 RasAuto - ok
18:08:01.0281 2548 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:08:01.0500 2548 Rasl2tp - ok
18:08:01.0609 2548 RasMan (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
18:08:01.0828 2548 RasMan - ok
18:08:01.0843 2548 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:08:02.0062 2548 RasPppoe - ok
18:08:02.0093 2548 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
18:08:02.0328 2548 Raspti - ok
18:08:02.0421 2548 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:08:02.0671 2548 Rdbss - ok
18:08:02.0687 2548 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:08:02.0890 2548 RDPCDD - ok
18:08:02.0968 2548 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
18:08:03.0062 2548 RDPWD - ok
18:08:03.0156 2548 RDSessMgr (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
18:08:03.0390 2548 RDSessMgr - ok
18:08:03.0484 2548 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
18:08:03.0750 2548 redbook - ok
18:08:03.0828 2548 RemoteAccess (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
18:08:04.0078 2548 RemoteAccess - ok
18:08:04.0281 2548 RichVideo (2af094b1ce4725e4551f38fda2348637) C:\Programme\Cyberlink\Shared files\RichVideo.exe
18:08:04.0296 2548 RichVideo ( UnsignedFile.Multi.Generic ) - warning
18:08:04.0296 2548 RichVideo - detected UnsignedFile.Multi.Generic (1)
18:08:04.0390 2548 RpcLocator (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
18:08:04.0765 2548 RpcLocator - ok
18:08:04.0843 2548 RpcSs (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\System32\rpcss.dll
18:08:04.0968 2548 RpcSs - ok
18:08:05.0062 2548 RSUSBSTOR (680a7aba84a7863c89b5440c9c1e0895) C:\WINDOWS\system32\Drivers\RTS5121.sys
18:08:05.0140 2548 RSUSBSTOR - ok
18:08:05.0203 2548 RSVP (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
18:08:05.0515 2548 RSVP - ok
18:08:05.0562 2548 RT80x86 (aebf31765a926746dd7946fa14c52297) C:\WINDOWS\system32\DRIVERS\RT2860.sys
18:08:05.0687 2548 RT80x86 - ok
18:08:05.0703 2548 RTLE8023xp (7174f20ad9b7b7878a51ecca03c499c2) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
18:08:05.0890 2548 RTLE8023xp - ok
18:08:05.0953 2548 SamSs (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
18:08:06.0203 2548 SamSs - ok
18:08:06.0296 2548 SCardSvr (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
18:08:06.0625 2548 SCardSvr - ok
18:08:06.0703 2548 Schedule (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
18:08:07.0093 2548 Schedule - ok
18:08:07.0140 2548 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:08:07.0296 2548 Secdrv - ok
18:08:07.0343 2548 seclogon (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
18:08:07.0546 2548 seclogon - ok
18:08:07.0562 2548 SENS (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
18:08:07.0781 2548 SENS - ok
18:08:07.0843 2548 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\drivers\Serial.sys
18:08:08.0093 2548 Serial - ok
18:08:08.0156 2548 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
18:08:08.0375 2548 Sfloppy - ok
18:08:08.0484 2548 SharedAccess (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
18:08:08.0703 2548 SharedAccess - ok
18:08:08.0812 2548 ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
18:08:08.0843 2548 ShellHWDetection - ok
18:08:08.0843 2548 Simbad - ok
18:08:08.0906 2548 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
18:08:09.0171 2548 SLIP - ok
18:08:09.0187 2548 Sparrow - ok
18:08:09.0234 2548 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
18:08:09.0515 2548 splitter - ok
18:08:09.0609 2548 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
18:08:09.0656 2548 Spooler - ok
18:08:09.0750 2548 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
18:08:09.0953 2548 sr - ok
18:08:09.0968 2548 srservice (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
18:08:10.0109 2548 srservice - ok
18:08:10.0234 2548 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
18:08:10.0484 2548 Srv - ok
18:08:10.0562 2548 SSDPSRV (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
18:08:10.0687 2548 SSDPSRV - ok
18:08:10.0765 2548 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
18:08:10.0812 2548 ssmdrv - ok
18:08:10.0859 2548 stisvc (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
18:08:11.0156 2548 stisvc - ok
18:08:11.0187 2548 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
18:08:11.0437 2548 streamip - ok
18:08:11.0515 2548 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
18:08:11.0812 2548 swenum - ok
18:08:11.0875 2548 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
18:08:12.0109 2548 swmidi - ok
18:08:12.0125 2548 SwPrv - ok
18:08:12.0140 2548 symc810 - ok
18:08:12.0140 2548 symc8xx - ok
18:08:12.0156 2548 sym_hi - ok
18:08:12.0171 2548 sym_u3 - ok
18:08:12.0187 2548 SynTP (a9ad7fad373975d4dbeabb0ead240bb1) C:\WINDOWS\system32\DRIVERS\SynTP.sys
18:08:12.0281 2548 SynTP - ok
18:08:12.0359 2548 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
18:08:12.0578 2548 sysaudio - ok
18:08:12.0671 2548 SysmonLog (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
18:08:12.0968 2548 SysmonLog - ok
18:08:13.0031 2548 TapiSrv (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
18:08:13.0234 2548 TapiSrv - ok
18:08:13.0265 2548 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:08:13.0375 2548 Tcpip - ok
18:08:13.0421 2548 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
18:08:13.0671 2548 TDPIPE - ok
18:08:13.0718 2548 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
18:08:13.0968 2548 TDTCP - ok
18:08:14.0031 2548 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
18:08:14.0328 2548 TermDD - ok
18:08:14.0375 2548 TermService (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
18:08:14.0609 2548 TermService - ok
18:08:14.0718 2548 Themes (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
18:08:14.0796 2548 Themes - ok
18:08:14.0796 2548 TosIde - ok
18:08:14.0890 2548 TrkWks (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
18:08:15.0140 2548 TrkWks - ok
18:08:15.0203 2548 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
18:08:15.0515 2548 Udfs - ok
18:08:15.0531 2548 ultra - ok
18:08:15.0593 2548 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
18:08:15.0843 2548 Update - ok
18:08:15.0875 2548 upnphost (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
18:08:16.0015 2548 upnphost - ok
18:08:16.0062 2548 UPS (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
18:08:16.0281 2548 UPS - ok
18:08:16.0328 2548 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:08:16.0546 2548 usbccgp - ok
18:08:16.0609 2548 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:08:16.0843 2548 usbehci - ok
18:08:16.0859 2548 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:08:17.0109 2548 usbhub - ok
18:08:17.0234 2548 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:08:17.0484 2548 usbscan - ok
18:08:17.0500 2548 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:08:17.0781 2548 usbstor - ok
18:08:17.0875 2548 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:08:18.0078 2548 usbuhci - ok
18:08:18.0171 2548 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
18:08:18.0406 2548 usbvideo - ok
18:08:18.0500 2548 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
18:08:18.0718 2548 VgaSave - ok
18:08:18.0718 2548 ViaIde - ok
18:08:18.0875 2548 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
18:08:19.0093 2548 VolSnap - ok
18:08:19.0203 2548 VSS (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
18:08:19.0359 2548 VSS - ok
18:08:19.0390 2548 W32Time (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
18:08:19.0734 2548 W32Time - ok
18:08:19.0812 2548 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:08:20.0046 2548 Wanarp - ok
18:08:20.0046 2548 WDICA - ok
18:08:20.0140 2548 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
18:08:20.0359 2548 wdmaud - ok
18:08:20.0390 2548 WebClient (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
18:08:20.0593 2548 WebClient - ok
18:08:20.0765 2548 winmgmt (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
18:08:20.0984 2548 winmgmt - ok
18:08:21.0250 2548 WLSetupSvc (94a85e956a065e23e0010a6a7826243b) C:\Programme\Windows Live\installer\WLSetupSvc.exe
18:08:21.0421 2548 WLSetupSvc - ok
18:08:21.0468 2548 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
18:08:21.0656 2548 WmdmPmSN - ok
18:08:21.0718 2548 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
18:08:22.0031 2548 WmiAcpi - ok
18:08:22.0046 2548 WmiApSrv (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:08:22.0250 2548 WmiApSrv - ok
18:08:22.0468 2548 WMPNetworkSvc (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
18:08:22.0734 2548 WMPNetworkSvc - ok
18:08:22.0859 2548 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
18:08:22.0921 2548 WpdUsb - ok
18:08:22.0984 2548 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
18:08:23.0328 2548 WS2IFSL - ok
18:08:23.0390 2548 wscsvc (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
18:08:23.0609 2548 wscsvc - ok
18:08:23.0671 2548 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
18:08:23.0890 2548 WSTCODEC - ok
18:08:23.0968 2548 wuauserv (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
18:08:24.0171 2548 wuauserv - ok
18:08:24.0265 2548 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:08:24.0421 2548 WudfPf - ok
18:08:24.0453 2548 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:08:24.0531 2548 WudfRd - ok
18:08:24.0546 2548 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
18:08:24.0578 2548 WudfSvc - ok
18:08:24.0703 2548 WZCSVC (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
18:08:25.0046 2548 WZCSVC - ok
18:08:25.0093 2548 xmlprov (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
18:08:25.0328 2548 xmlprov - ok
18:08:25.0406 2548 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
18:08:26.0625 2548 \Device\Harddisk0\DR0 - ok
18:08:26.0625 2548 Boot (0x1200) (4ec9215e64a7b2cd9a4a2a89ec9c66bf) \Device\Harddisk0\DR0\Partition0
18:08:26.0625 2548 \Device\Harddisk0\DR0\Partition0 - ok
18:08:26.0640 2548 Boot (0x1200) (d1da4016a19a4881b11ffc8aaa5776fa) \Device\Harddisk0\DR0\Partition1
18:08:26.0640 2548 \Device\Harddisk0\DR0\Partition1 - ok
18:08:26.0640 2548 ============================================================
18:08:26.0640 2548 Scan finished
18:08:26.0640 2548 ============================================================
18:08:26.0796 2552 Detected object count: 5
18:08:26.0796 2552 Actual detected object count: 5
18:08:40.0218 2552 GoogleDesktopManager ( UnsignedFile.Multi.Generic ) - skipped by user
18:08:40.0218 2552 GoogleDesktopManager ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:08:40.0234 2552 Micro Star SCM ( UnsignedFile.Multi.Generic ) - skipped by user
18:08:40.0234 2552 Micro Star SCM ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:08:40.0234 2552 ProtexisLicensing ( UnsignedFile.Multi.Generic ) - skipped by user
18:08:40.0234 2552 ProtexisLicensing ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:08:40.0234 2552 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
18:08:40.0234 2552 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:08:40.0234 2552 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
18:08:40.0234 2552 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
Liebe Grüße Judith |
|
03.08.2012, 15:34
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | System message - write fault error Ich hoffe du hast dich gut erholt! Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.08.2012, 21:47
| #8 |
| | System message - write fault error Hallo Arne, ich komm mir schon wieder vor wie der letzte Noob...Also, GMER 3x probiert, nix passiert. Dann OSAM runtergeladen, kann ich aber nicht öffnen, da beide Programme, die du gepostet hast, sich nicht runterladen lassen und ich keinen Dekodierer aufm Netbook habe... Narf. Also gehts schon da nicht weiter. Würde es in diesem Stadium der Selbstzerstörung meines Netbooks Sinn machen, mir einen Boot-Stick von einem Bekannten anfertigen zu lassen? Mein Internet ist mittlerweile sehr verlangsamt und ich kann z.B. meinen Emailaccount teilweise garnicht öffnen  Ich hab drei Tagesanläufe gebraucht, bis ich deine Mail lesen konnte.Liebe Grüße Judith |
|
09.08.2012, 15:47
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | System message - write fault error Wenn keinen Sinn mehr macht, müssen wir dann an dieser Stelle abbrechen Wenn du da noch Daten auf dem netbook hast, brauchst du selbstverständlich einen bootfähigen Stick zB mit Xubuntu (siehe 2. Link in meiner Signatur), dann kannst du darüber noch alle Daten sichern und anschließend das netbook recovern
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu System message - write fault error |
| .dll, administrator, anti-malware, autostart, bildschirm, dateien, dateisystem, dll, error, explorer, format, heuristiks/extra, heuristiks/shuriken, home, iexplore.exe, logfile, malwarebytes, microsoft, pagefile.sys, registry, rundll, rundll32.exe, security, service pack 3, software, suchmaschine, system, trojaner, write fault error |
Hybrid-Darstellung
