| |
| |||||||
Log-Analyse und Auswertung: Security Shield - komplett entfernt?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
| |
30.06.2012, 21:56
| #1 |
| |  Security Shield - komplett entfernt? Hallo zusammen! Habe mir heute den Virus Security Shield eingefangen und dann laut der Anleitung in diesem Forum entfernt. Da rkill nicht funktioniert hat und der Virus auch erst entfernt war nachdem ich Malwarebytes Antimalware mit OTH hab durchlaufen lassen, wüsste ich gerne ob der Virus jetzt komplett entfernt ist... 1.Scan von Malwarebytes Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Database version: v2012.06.30.06 Windows XP Service Pack 3 x86 NTFS Internet Explorer 6.0.2900.5512 *** :: HAMMER [limited] 30.06.2012 21:21:38 mbam-log-2012-06-30 (21-21-38).txt Scan type: Full scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 308539 Time elapsed: 45 minute(s), 2 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL|CheckedValue (PUM.Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Delete on reboot. HKCR\regfile\shell\open\command| (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Delete on reboot. Folders Detected: 0 (No malicious items detected) Files Detected: 5 C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\uvbijyvmn.exe (Trojan.Lameshield) -> Delete on reboot. C:\DATEN\Counter-Strike\platform\Admin\AdminServer.dll (Malware.Packer.Gen) -> Delete on reboot. C:\DATEN\Installationsdateien\SoftonicDownloader_fuer_windows-xp-mode.exe (PUP.OfferBundler.ST) -> Delete on reboot. C:\DATEN\Spiele\Counter-Strike\platform\Admin\AdminServer.dll (Malware.Packer.Gen) -> Delete on reboot. C:\Dokumente und Einstellungen\***\Eigene Dateien\Downloads\eXplorer.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully. (end) 2.Scan (mit OTH) Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Database version: v2012.06.30.06 Windows XP Service Pack 3 x86 NTFS Internet Explorer 6.0.2900.5512 *** :: HAMMER [limited] 30.06.2012 22:18:57 mbam-log-2012-06-30 (22-18-57).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 166749 Time elapsed: 3 minute(s), 35 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL|CheckedValue (PUM.Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Delete on reboot. HKCR\regfile\shell\open\command| (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Delete on reboot. Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) OTL log OTL logfile created on: 30.06.2012 22:41:21 - Run 1 OTL by OldTimer - Version 3.2.53.0 Folder = C:\Dokumente und Einstellungen\***\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,87 Gb Total Physical Memory | 1,32 Gb Available Physical Memory | 70,49% Memory free 3,73 Gb Paging File | 3,32 Gb Available in Paging File | 89,19% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 104,67 Gb Total Space | 5,85 Gb Free Space | 5,59% Space Free | Partition Type: NTFS Computer Name: HAMMER | User Name: *** | NOT logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.06.30 22:37:19 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***\Desktop\OTL.exe PRC - [2012.06.27 12:29:26 | 001,996,200 | ---- | M] (LogMeIn Inc.) -- C:\Programme\LogMeIn Hamachi\hamachi-2-ui.exe PRC - [2011.04.14 17:42:35 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe PRC - [2010.06.03 02:50:58 | 001,144,104 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe PRC - [2010.02.18 11:43:20 | 000,490,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jucheck.exe PRC - [2010.02.18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe PRC - [2008.09.30 17:51:58 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.bin PRC - [2008.09.30 17:49:34 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.exe PRC - [2008.07.21 17:54:34 | 000,169,312 | ---- | M] (Maxtor Corporation) -- C:\Programme\Maxtor\OneTouch Status\MaxMenuMgr.exe PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007.09.20 10:51:46 | 001,836,328 | ---- | M] (Nero AG) -- C:\Programme\Nero\Nero8\Nero BackItUp\NBKeyScan.exe PRC - [2006.06.12 10:23:24 | 000,372,736 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Programme\SAMSUNG\MagicKBD\MagicKBD.exe PRC - [2006.05.12 11:27:04 | 000,831,488 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe PRC - [2006.05.03 20:11:02 | 000,520,192 | ---- | M] (SAMSUNG) -- C:\Programme\SAMSUNG\DisplayManager\dmhkcore.exe ========== Modules (No Company Name) ========== MOD - [2011.06.23 21:40:32 | 006,271,136 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll MOD - [2011.05.26 13:42:00 | 000,067,872 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll MOD - [2011.04.14 17:42:36 | 001,016,280 | ---- | M] () -- C:\Programme\Mozilla Firefox\js3250.dll MOD - [2010.06.03 02:51:08 | 000,095,528 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll MOD - [2010.06.03 02:50:58 | 001,144,104 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe MOD - [2009.04.27 23:49:26 | 000,093,696 | ---- | M] () -- C:\Programme\FileZilla FTP Client\fzshellext.dll MOD - [2008.09.30 18:43:36 | 000,139,264 | ---- | M] () -- C:\Programme\OpenOffice.org 3\Basis\program\nsldap32v50.dll MOD - [2008.07.29 16:11:38 | 000,297,984 | ---- | M] () -- C:\Programme\OpenOffice.org 3\Basis\program\libxmlsec.dll MOD - [2008.07.29 15:59:22 | 000,165,376 | ---- | M] () -- C:\Programme\OpenOffice.org 3\Basis\program\libxslt.dll MOD - [2008.07.29 15:55:14 | 000,969,728 | ---- | M] () -- C:\Programme\OpenOffice.org 3\program\libxml2.dll MOD - [2006.05.12 11:27:04 | 000,831,488 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe MOD - [2005.07.12 17:34:22 | 000,045,056 | ---- | M] () -- C:\Programme\SAMSUNG\MagicKBD\EasyBoxDll.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Unknown (-1) | Unknown] -- -- (aszgadrf) SRV - File not found [On_Demand | Unknown] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - [2012.06.27 12:29:22 | 001,385,896 | ---- | M] (LogMeIn Inc.) [Auto | Unknown] -- C:\Programme\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2011.05.25 14:06:20 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Unknown] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2009.09.23 16:37:30 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Unknown] -- C:\Programme\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R) SRV - [2009.08.03 20:42:16 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Unknown] -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009.02.20 14:44:19 | 000,072,704 | ---- | M] (Adobe Systems) [On_Demand | Unknown] -- C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service) SRV - [2008.07.21 17:53:04 | 000,193,888 | ---- | M] (Seagate Technology LLC) [Auto | Unknown] -- C:\Programme\Maxtor\Sync\SyncServices.exe -- (Maxtor Sync Service) SRV - [2007.09.20 16:35:38 | 000,382,248 | ---- | M] (Nero AG) [On_Demand | Unknown] -- C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe -- (NMIndexingService) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Unknown] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Unknown] -- C:\WINDOWS\SYSTEM32\DRIVERS\TVICPORT.SYS -- (TVICPORT) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDCOMP) DRV - File not found [Kernel | System | Unknown] -- -- (PCIDump) DRV - File not found [Kernel | System | Unknown] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Unknown] -- -- (i2omgmt) DRV - File not found [Kernel | System | Unknown] -- -- (Changer) DRV - File not found [Unknown (-1) | Unknown (-1) | Unknown] -- -- (aszgadrf) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (anxwzi1h) DRV - [2012.06.30 20:08:58 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2010.05.13 10:02:32 | 000,532,224 | ---- | M] (Check Point Software Technologies LTD) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant) DRV - [2010.05.06 17:28:37 | 000,033,824 | ---- | M] () [Kernel | System | Unknown] -- C:\WINDOWS\system32\drivers\oreans32.sys -- (oreans32) DRV - [2009.09.23 10:41:58 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2009.04.20 23:06:32 | 000,721,904 | ---- | M] () [Kernel | Boot | Unknown] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2008.04.13 20:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE) DRV - [2007.12.05 07:26:40 | 002,782,208 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2007.09.24 10:05:58 | 000,132,904 | ---- | M] (Ahead Software AG) [Kernel | Boot | Unknown] -- C:\WINDOWS\system32\drivers\imagesrv.sys -- (imagesrv) DRV - [2007.09.24 10:05:58 | 000,011,304 | ---- | M] (Ahead Software AG) [Kernel | Boot | Unknown] -- C:\WINDOWS\system32\drivers\imagedrv.sys -- (imagedrv) DRV - [2007.05.03 14:37:08 | 000,022,152 | ---- | M] (Maxtor Corp.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\mxopswd.sys -- (MXOPSWD) DRV - [2006.11.21 12:24:56 | 000,369,152 | R--- | M] (DiBcom) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\mod7700.sys -- (mod7700) DRV - [2006.11.14 18:59:12 | 000,013,056 | R--- | M] (DiBcom S.A.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\modrc.sys -- (MODRC) DRV - [2006.06.27 13:50:36 | 010,148,480 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3) DRV - [2006.04.06 07:20:44 | 004,258,816 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2006.01.18 11:41:58 | 000,080,512 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2006.01.16 04:15:24 | 000,470,112 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\SSB2413.sys -- (SSB2413) DRV - [2005.11.16 21:28:32 | 000,028,928 | ---- | M] (REDC) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2005.11.01 19:08:00 | 000,308,992 | ---- | M] (REDC) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2005.11.01 18:54:50 | 000,051,584 | ---- | M] (REDC) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2005.02.01 16:55:40 | 000,021,442 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Unknown] -- C:\DATEN\Nameless-RO\npkcrypt.sys -- (npkcrypt) DRV - [2004.08.03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C) DRV - [2000.08.24 02:19:38 | 000,004,300 | ---- | M] () [Kernel | Auto | Unknown] -- C:\WINDOWS\system32\MEMIO.SYS -- (DOSMEMIO) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledItems: fbdislike@doweb.fr:1.2.2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - user.js - File not found Wie gesagt, bin etwas überfordert, sollte euch noch irgendwas an logs fehlen sagt bescheid..wär sehr dankbar über hilfe! |
|
01.07.2012, 11:58
| #2 |
| /// Malware-holic   | Security Shield - komplett entfernt? hi,
__________________ja es fehlt scchon mal mindestens das halbe otl log :-) poste es noch mal bitte
__________________ |
|
01.07.2012, 12:24
| #3 |
| | Security Shield - komplett entfernt? Ach gott wie hab ich das denn hingekriegt? Hier nochmal richtig:
__________________Code:
ATTFilter OTL logfile created on: 30.06.2012 22:41:21 - Run 1 OTL by OldTimer - Version 3.2.53.0 Folder = C:\Dokumente und Einstellungen\***\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,87 Gb Total Physical Memory | 1,32 Gb Available Physical Memory | 70,49% Memory free 3,73 Gb Paging File | 3,32 Gb Available in Paging File | 89,19% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 104,67 Gb Total Space | 5,85 Gb Free Space | 5,59% Space Free | Partition Type: NTFS Computer Name: HAMMER | User Name: *** | NOT logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.06.30 22:37:19 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***\Desktop\OTL.exe PRC - [2012.06.27 12:29:26 | 001,996,200 | ---- | M] (LogMeIn Inc.) -- C:\Programme\LogMeIn Hamachi\hamachi-2-ui.exe PRC - [2011.04.14 17:42:35 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe PRC - [2010.06.03 02:50:58 | 001,144,104 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe PRC - [2010.02.18 11:43:20 | 000,490,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jucheck.exe PRC - [2010.02.18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe PRC - [2008.09.30 17:51:58 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.bin PRC - [2008.09.30 17:49:34 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.exe PRC - [2008.07.21 17:54:34 | 000,169,312 | ---- | M] (Maxtor Corporation) -- C:\Programme\Maxtor\OneTouch Status\MaxMenuMgr.exe PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007.09.20 10:51:46 | 001,836,328 | ---- | M] (Nero AG) -- C:\Programme\Nero\Nero8\Nero BackItUp\NBKeyScan.exe PRC - [2006.06.12 10:23:24 | 000,372,736 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Programme\SAMSUNG\MagicKBD\MagicKBD.exe PRC - [2006.05.12 11:27:04 | 000,831,488 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe PRC - [2006.05.03 20:11:02 | 000,520,192 | ---- | M] (SAMSUNG) -- C:\Programme\SAMSUNG\DisplayManager\dmhkcore.exe ========== Modules (No Company Name) ========== MOD - [2011.06.23 21:40:32 | 006,271,136 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll MOD - [2011.05.26 13:42:00 | 000,067,872 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll MOD - [2011.04.14 17:42:36 | 001,016,280 | ---- | M] () -- C:\Programme\Mozilla Firefox\js3250.dll MOD - [2010.06.03 02:51:08 | 000,095,528 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll MOD - [2010.06.03 02:50:58 | 001,144,104 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe MOD - [2009.04.27 23:49:26 | 000,093,696 | ---- | M] () -- C:\Programme\FileZilla FTP Client\fzshellext.dll MOD - [2008.09.30 18:43:36 | 000,139,264 | ---- | M] () -- C:\Programme\OpenOffice.org 3\Basis\program\nsldap32v50.dll MOD - [2008.07.29 16:11:38 | 000,297,984 | ---- | M] () -- C:\Programme\OpenOffice.org 3\Basis\program\libxmlsec.dll MOD - [2008.07.29 15:59:22 | 000,165,376 | ---- | M] () -- C:\Programme\OpenOffice.org 3\Basis\program\libxslt.dll MOD - [2008.07.29 15:55:14 | 000,969,728 | ---- | M] () -- C:\Programme\OpenOffice.org 3\program\libxml2.dll MOD - [2006.05.12 11:27:04 | 000,831,488 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe MOD - [2005.07.12 17:34:22 | 000,045,056 | ---- | M] () -- C:\Programme\SAMSUNG\MagicKBD\EasyBoxDll.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Unknown (-1) | Unknown] -- -- (aszgadrf) SRV - File not found [On_Demand | Unknown] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - [2012.06.27 12:29:22 | 001,385,896 | ---- | M] (LogMeIn Inc.) [Auto | Unknown] -- C:\Programme\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2011.05.25 14:06:20 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Unknown] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2009.09.23 16:37:30 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Unknown] -- C:\Programme\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R) SRV - [2009.08.03 20:42:16 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Unknown] -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009.02.20 14:44:19 | 000,072,704 | ---- | M] (Adobe Systems) [On_Demand | Unknown] -- C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service) SRV - [2008.07.21 17:53:04 | 000,193,888 | ---- | M] (Seagate Technology LLC) [Auto | Unknown] -- C:\Programme\Maxtor\Sync\SyncServices.exe -- (Maxtor Sync Service) SRV - [2007.09.20 16:35:38 | 000,382,248 | ---- | M] (Nero AG) [On_Demand | Unknown] -- C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe -- (NMIndexingService) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Unknown] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Unknown] -- C:\WINDOWS\SYSTEM32\DRIVERS\TVICPORT.SYS -- (TVICPORT) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDCOMP) DRV - File not found [Kernel | System | Unknown] -- -- (PCIDump) DRV - File not found [Kernel | System | Unknown] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Unknown] -- -- (i2omgmt) DRV - File not found [Kernel | System | Unknown] -- -- (Changer) DRV - File not found [Unknown (-1) | Unknown (-1) | Unknown] -- -- (aszgadrf) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (anxwzi1h) DRV - [2012.06.30 20:08:58 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2010.05.13 10:02:32 | 000,532,224 | ---- | M] (Check Point Software Technologies LTD) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant) DRV - [2010.05.06 17:28:37 | 000,033,824 | ---- | M] () [Kernel | System | Unknown] -- C:\WINDOWS\system32\drivers\oreans32.sys -- (oreans32) DRV - [2009.09.23 10:41:58 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2009.04.20 23:06:32 | 000,721,904 | ---- | M] () [Kernel | Boot | Unknown] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2008.04.13 20:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE) DRV - [2007.12.05 07:26:40 | 002,782,208 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2007.09.24 10:05:58 | 000,132,904 | ---- | M] (Ahead Software AG) [Kernel | Boot | Unknown] -- C:\WINDOWS\system32\drivers\imagesrv.sys -- (imagesrv) DRV - [2007.09.24 10:05:58 | 000,011,304 | ---- | M] (Ahead Software AG) [Kernel | Boot | Unknown] -- C:\WINDOWS\system32\drivers\imagedrv.sys -- (imagedrv) DRV - [2007.05.03 14:37:08 | 000,022,152 | ---- | M] (Maxtor Corp.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\mxopswd.sys -- (MXOPSWD) DRV - [2006.11.21 12:24:56 | 000,369,152 | R--- | M] (DiBcom) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\mod7700.sys -- (mod7700) DRV - [2006.11.14 18:59:12 | 000,013,056 | R--- | M] (DiBcom S.A.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\modrc.sys -- (MODRC) DRV - [2006.06.27 13:50:36 | 010,148,480 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3) DRV - [2006.04.06 07:20:44 | 004,258,816 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2006.01.18 11:41:58 | 000,080,512 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2006.01.16 04:15:24 | 000,470,112 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\SSB2413.sys -- (SSB2413) DRV - [2005.11.16 21:28:32 | 000,028,928 | ---- | M] (REDC) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2005.11.01 19:08:00 | 000,308,992 | ---- | M] (REDC) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2005.11.01 18:54:50 | 000,051,584 | ---- | M] (REDC) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2005.02.01 16:55:40 | 000,021,442 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Unknown] -- C:\DATEN\Nameless-RO\npkcrypt.sys -- (npkcrypt) DRV - [2004.08.03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C) DRV - [2000.08.24 02:19:38 | 000,004,300 | ---- | M] () [Kernel | Auto | Unknown] -- C:\WINDOWS\system32\MEMIO.SYS -- (DOSMEMIO) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledItems: fbdislike@doweb.fr:1.2.2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.08.02 15:40:13 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.06.23 21:56:43 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Mozilla Firefox\components [2012.06.28 22:41:53 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Mozilla Firefox\plugins [2010.06.25 17:36:05 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions [2012.06.30 22:07:16 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\70i7htga.default\extensions [2012.06.30 22:07:16 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\70i7htga.default\extensions\fbdislike@doweb.fr [2012.06.29 12:34:30 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2010.05.06 17:24:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.05.06 17:23:45 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2010.05.06 17:23:45 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll [2007.02.12 21:30:16 | 000,164,352 | ---- | M] (Indiepath Ltd) -- C:\Programme\mozilla firefox\plugins\npigl.dll [2011.04.14 17:42:44 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.04.14 17:42:44 | 000,002,344 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2011.04.14 17:42:44 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2011.04.14 17:42:44 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2011.04.14 17:42:44 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2004.08.04 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (&TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Programme\TerraTec\TerraTec Home Cinema\THCDeskBand.dll (TerraTec Electronic GmbH) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {FC2B76FC-2132-4D80-A9A3-1F5C6E49066B} - No CLSID value found. O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [AtiPTA] C:\WINDOWS\System32\atiptaxx.exe (ATI Technologies, Inc.) O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [DMHotKey] C:\Programme\SAMSUNG\DisplayManager\DMLoader.exe (SAMSUNG) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Programme\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [MagicKeyboard] C:\Programme\SAMSUNG\MagicKBD\PreMKbd.exe () O4 - HKLM..\Run: [mxomssmenu] C:\Programme\Maxtor\OneTouch Status\maxmenumgr.exe (Maxtor Corporation) O4 - HKLM..\Run: [NBKeyScan] C:\Programme\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG) O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Nero\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe () O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [ZoneAlarm Client] "C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe" File not found O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\OpenOffice.org 3.0.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe File not found O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\PrxerNsp.dll ( ) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\PrxerDrv.dll (Initex Software) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\PrxerDrv.dll (Initex Software) O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/DE-DE/a-UNO1/GAME_UNO1.cab (UnoCtrl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab (Java Plug-in 1.5.0) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{158F239A-D6CE-4265-9302-B1CE26AEB0EE}: DhcpNameServer = 192.168.2.1 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{387F8EBB-58C5-4FF1-906F-5C75B5BD864B}: DhcpNameServer = 192.168.2.1 192.168.2.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008.12.27 18:21:05 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012.06.30 22:37:15 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***\Desktop\OTL.exe [2012.06.30 22:17:12 | 000,259,584 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***\Desktop\OTH.scr [2012.06.30 22:16:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Desktop\HostsXpert [2012.06.30 22:15:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\WinRAR [2012.06.30 21:21:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Malwarebytes [2012.06.30 20:08:13 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2012.06.30 20:08:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware [2012.06.30 20:08:04 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2012.06.30 20:08:04 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2012.06.30 20:08:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2012.06.28 22:41:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Mozilla Firefox [2012.06.28 07:17:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\LogMeIn Hamachi [2012.06.28 07:17:24 | 000,000,000 | ---D | C] -- C:\Programme\LogMeIn Hamachi [2012.06.28 07:16:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Eigene Dateien\Downloads [2012.06.27 23:08:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Apple Computer [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.06.30 22:40:35 | 000,016,393 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Neu OpenDocument Text (2).odt [2012.06.30 22:37:19 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***\Desktop\OTL.exe [2012.06.30 22:36:18 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\***\defogger_reenable [2012.06.30 22:35:06 | 000,050,477 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Defogger.exe [2012.06.30 22:24:25 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012.06.30 22:24:17 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012.06.30 22:17:14 | 000,259,584 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***\Desktop\OTH.scr [2012.06.30 22:15:46 | 000,357,766 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\HostsXpert.zip [2012.06.30 22:15:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012.06.30 20:08:58 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2012.06.30 20:08:06 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk [2012.06.30 19:40:18 | 000,314,880 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\uvbijyvmn.exe [2012.06.29 14:47:47 | 000,002,440 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Neu OpenDocument Text.odt [2012.06.28 22:41:54 | 000,001,195 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Mozilla Firefox.lnk [2012.06.27 23:08:16 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.06.30 22:39:58 | 000,016,393 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Neu OpenDocument Text (2).odt [2012.06.30 22:36:18 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\***\defogger_reenable [2012.06.30 22:35:05 | 000,050,477 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Defogger.exe [2012.06.30 22:15:41 | 000,357,766 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\HostsXpert.zip [2012.06.30 20:08:06 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk [2012.06.30 19:40:18 | 000,314,880 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\uvbijyvmn.exe [2012.06.29 14:47:47 | 000,002,440 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Neu OpenDocument Text.odt [2012.06.28 22:41:54 | 000,001,201 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Startmenü\Programme\Mozilla Firefox.lnk [2012.06.28 22:41:54 | 000,001,195 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Mozilla Firefox.lnk [2011.02.05 21:07:55 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010.12.29 13:20:32 | 000,000,664 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\d3d9caps.dat [2010.09.04 16:08:29 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll [2010.05.20 15:55:19 | 000,005,007 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\mtbjfghn.xbe [2009.08.25 17:58:25 | 007,724,075 | ---- | C] () -- C:\Programme\BlueJ.rar ========== LOP Check ========== [2009.08.13 02:55:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite [2009.04.21 13:34:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Pro [2010.05.06 17:32:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\JCreator [2008.12.27 23:21:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MailFrontier [2008.12.28 12:21:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Maxtor [2009.07.20 22:46:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Messenger Plus! [2009.06.01 13:59:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP [2008.12.30 23:18:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TerraTec [2010.10.16 11:21:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TrackMania [2011.06.23 22:05:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WindSolutions [2011.06.23 21:58:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2010.11.03 13:39:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\CheckPoint [2010.12.11 19:20:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\OpenOffice.org ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 30.06.2012 22:41:21 - Run 1
OTL by OldTimer - Version 3.2.53.0 Folder = C:\Dokumente und Einstellungen\***\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,87 Gb Total Physical Memory | 1,32 Gb Available Physical Memory | 70,49% Memory free
3,73 Gb Paging File | 3,32 Gb Available in Paging File | 89,19% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 104,67 Gb Total Space | 5,85 Gb Free Space | 5,59% Space Free | Partition Type: NTFS
Computer Name: HAMMER | User Name: *** | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4
"7531:TCP" = 7531:TCP:*:Enabled:lczyg
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Dokumente und Einstellungen\DoS\Lokale Einstellungen\Temp\{2D95B683-9DCA-434F-B56E-77BF3F9F0F79}\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}\CinergyDvrSetup.exe" = C:\Dokumente und Einstellungen\DoS\Lokale Einstellungen\Temp\{2D95B683-9DCA-434F-B56E-77BF3F9F0F79}\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}\CinergyDvrSetup.exe:*:Enabled:TerraTec Home Cinema (Setup)
"C:\Programme\TerraTec\TerraTec Home Cinema\CinergyDvrSetup.exe" = C:\Programme\TerraTec\TerraTec Home Cinema\CinergyDvrSetup.exe:*:Enabled:TerraTec Home Cinema (Setup) -- (TerraTec Electronic GmbH)
"C:\Programme\TerraTec\TerraTec Home Cinema\tvtvSetup\tvtv_Wizard.exe" = C:\Programme\TerraTec\TerraTec Home Cinema\tvtvSetup\tvtv_Wizard.exe:*:Enabled:TerraTec tvtv Setup -- (TerraTec Electronic GmbH)
"C:\Programme\TerraTec\TerraTec Home Cinema\CinergyDvr.exe" = C:\Programme\TerraTec\TerraTec Home Cinema\CinergyDvr.exe:*:Enabled:TerraTec Home Cinema -- (TerraTec Electronic GmbH)
"C:\Programme\VoipStunt.com\VoipStunt\VoipStunt.exe" = C:\Programme\VoipStunt.com\VoipStunt\VoipStunt.exe:*:Enabled:VoipStunt -- (VoipStunt)
"D:\fsetup.exe" = D:\fsetup.exe:*:Enabled:AVM FSetup Application
"C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)
"C:\Programme\Steam\SteamApps\common\unreal tournament 3\Binaries\UT3.exe" = C:\Programme\Steam\SteamApps\common\unreal tournament 3\Binaries\UT3.exe:*:Enabled:Unreal Tournament 3 -- ()
"C:\Programme\MessengerDiscovery\MessengerDiscovery Live.exe" = C:\Programme\MessengerDiscovery\MessengerDiscovery Live.exe:*:Disabled:MessengerDiscovery Live the Windows Live Messenger addon -- (MessengerDiscovery)
"C:\Programme\Java\jdk1.6.0_14\jre\bin\java.exe" = C:\Programme\Java\jdk1.6.0_14\jre\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\TeamViewer\Version4\TeamViewer.exe" = C:\Programme\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application -- (TeamViewer GmbH)
"C:\Programme\TeamViewer\Version5\TeamViewer.exe" = C:\Programme\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Programme\Steam\SteamApps\common\audiosurf\engine\QuestViewer.exe" = C:\Programme\Steam\SteamApps\common\audiosurf\engine\QuestViewer.exe:*:Enabled:Audiosurf -- ()
"C:\Programme\TmNationsForever\TmForever.exe" = C:\Programme\TmNationsForever\TmForever.exe:*:Enabled:TmForever -- ()
"C:\Dokumente und Einstellungen\DoS\Desktop\openarena-0.8.1\openarena.exe" = C:\Dokumente und Einstellungen\DoS\Desktop\openarena-0.8.1\openarena.exe:*:Disabled:openarena
"C:\DATEN\Spiele\IPCurve\ipcurve.exe" = C:\DATEN\Spiele\IPCurve\ipcurve.exe:*:Enabled:ipcurve -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00BA866C-F2A2-4BB9-A308-3DFA695B6F7C}" = Java DB 10.5.3.0
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
"{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04B45310-A5FE-4425-BFCA-1A6D8920DE74}" = OpenOffice.org 3.0
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0E592C31-09EF-3CA1-A7DE-05D13DFCF791}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - deu
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{17283B95-21A8-4996-97DA-547A48DB266F}" = DisplayManager
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{3248F0A8-6813-11D6-A77B-00B0D0150000}" = J2SE Runtime Environment 5.0
"{32A3A4F4-B792-11D6-A78A-00B0D0160140}" = Java(TM) SE Development Kit 6 Update 14
"{32A3A4F4-B792-11D6-A78A-00B0D0160200}" = Java(TM) SE Development Kit 6 Update 20
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D36E953-4456-4F8F-BC44-90BC4AA59889}" = Maxtor Manager
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{542068F1-9AAE-4E1B-8ACA-094FE03728BE}" = Carambis Driver Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5aa47dba-b584-4d47-a626-76e53fc2987d}" = JavaFX(TM) 1.2 SDK
"{5E6EC4DD-7B1F-4E10-82B9-EA1B90791031}" = Nero 8
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}" = TerraTec Home Cinema
"{65FBA21B-7F80-4E4E-B275-0958D2648F94}_is1" = Java-Editor 9.15b, 2010.09.06
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}" = Battlefield 1942
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{738B0934-6676-44F6-AB52-32F4E60DCA7F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools (Deutsch)
"{786C5747-1437-443D-B06E-79A00FE45110}" = Adobe Stock Photos 1.0
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7FB12670-0F93-4E1E-B2F5-4F339199A03A}" = Microsoft SQL Server Native Client
"{7FB413C8-3CAD-49F7-A67C-6EFEB4B04050}" = LogMeIn Hamachi
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{849A32C3-E75A-4791-9B11-E568BA3525A4}" = Microsoft SQL Server VSS Writer
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{8FFC924C-ED06-44CB-8867-3CA778ECE903}" = Adobe Help Center 2.0
"{909B62B0-8ACA-4061-A83B-09CAEF609619}" = MSXML 6.0 Parser
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}" = AGEIA PhysX v7.11.13
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{AE3D38A6-13B1-40B3-9423-D1FA9982FB6A}" = Adobe Bridge 1.0
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B18B7901-4025-4BFF-9DA2-BCC45F594DE2}" = Atheros WLAN Client
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B74D4E10-0000-0000-0000-EDED00000102}" = Adobe ExtendScript Toolkit 1.0
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BBAAAD82-6242-420F-86D4-BD72BB5E6C86}" = Tools für Microsoft SQL Server 2005 Express Edition
"{BCB313A5-1AD0-4829-9D6F-EB41C3CFCD4B}" = Phase 5 HTML-Editor
"{BD723E53-A42C-4702-AA04-1D74A0311590}" = Magic Keyboard
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C897FCB3-2F8B-4185-8035-79E2AF3A92A4}" = iTunes
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4004C65-0428-4C5A-8218-33E2336CA372}_is1" = 2.0
"{DCA0A35D-30F1-4ED0-971F-5FFD2F60BB08}" = bcTester 4.8 (de)
"{DD362256-A7A2-4524-9457-213DDC2AFC2A}" = Adobe After Effects 7.0
"{DF315348-721C-40B8-BAE2-58C6C7D935A2}" = Empire Earth II
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E51B4CD9-A0A6-4324-B26A-31B3F2DE26CE}" = Black and White
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = Slim310NB
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{F8D315CF-615E-3AAC-ABF6-C0FA91EDDDBA}" = Microsoft Visual C# 2008 Express Edition with SP1 - DEU
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FA440BE8-EC2F-4478-A01A-077DA0606501}" = Microsoft SQL Server Compact 3.5 SP1 (Deutsch)
"Adobe After Effects 7.0" = Adobe After Effects 7.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_acce07fd2c8fe7f9e3f26243e626578" = Adobe Dreamweaver CS4
"ATI Display Driver" = ATI Display Driver (Omega 3.8.442)
"Audacity_is1" = Audacity 1.2.6
"AVMFBox" = AVM FRITZ!Box Dokumentation
"AVMFBoxPrinter" = AVM FRITZ!Box Druckeranschluss
"BlueJ_is1" = BlueJ 3.0.2
"Cheat Engine 5.6.1_is1" = Cheat Engine 5.6.1
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Cycore FX 1.0.1 for After Effects" = Cycore FX 1.0.1 for After Effects
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DivX Setup.divx.com" = DivX-Setup
"FileZilla Client" = FileZilla Client 3.2.4.1
"Finale NotePad 2008" = Finale NotePad 2008
"Finale Reader" = Finale Reader 2009
"FL Studio 6" = FL Studio 6
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9
"Frets on Fire" = Frets On Fire
"Herrscher des Olymp - Zeus" = Herrscher des Olymp - Zeus
"igLoader" = igLoader
"ImgBurn" = ImgBurn
"InstallShield_{4D36E953-4456-4F8F-BC44-90BC4AA59889}" = Maxtor Manager
"JCreator LE_is1" = JCreator LE 5.00
"Keylight 1.1v1 for After Effects_is1" = Keylight 1.1v1 for After Effects 7.0
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.7.5 (Full)
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Messenger Plus! Live" = Messenger Plus! Live
"MessengerDiscovery_is1" = MessengerDiscovery 1.5.0800
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual C# 2008 Express Edition with SP1 - DEU" = Microsoft Visual C# 2008 Express Edition mit SP1 - DEU
"Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"OpenAL" = OpenAL
"Proxifier_is1" = Proxifier version 2.8
"Radeon Omega Drivers for Windows XP/2kv4.8.442" = Radeon Omega Drivers v4.8.442 Setup Files and Tools
"SopCast" = SopCast 3.0.3
"Startup Booster_is1" = Startup Booster v2.4
"Steam App 12910" = Audiosurf Demo
"Steam App 130" = Half-Life: Blue Shift
"Steam App 13210" = Unreal Tournament 3
"Steam App 20" = Team Fortress Classic
"Steam App 50" = Opposing Force
"Steam App 70" = Half-Life
"SUPER ©" = SUPER © Version 2009.bld.35 (Jan 5, 2009)
"SvenCoop" = Sven Co-op 4.0B
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Teachmaster 4.3" = Teachmaster 4.3 (nur Entfernen)
"TeamViewer 4" = TeamViewer 4
"TeamViewer 5" = TeamViewer 5
"TmNationsForever_is1" = TmNationsForever
"TmUnitedForever_is1" = TmUnitedForever
"TVAnts 1.0" = TVAnts 1.0
"Uninstall_is1" = Uninstall 1.0.0.1
"UseNeXT_is1" = UseNeXT
"Visual Basic 6.0 Professional Edition (deu)" = Microsoft Visual Basic 6.0 Professional Edition (Deutsch)
"VLC media player" = VLC media player 0.9.8a
"VoipStunt_is1" = VoipStunt
"WebClicker" = HeadStrong WebClicker v2.56
"WebPost" = Microsoft Web Publishing Wizard 1.53
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"ZoneAlarm" = ZoneAlarm
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
========== Last 10 Event Log Errors ==========
Error: Unable to start EventLog service!
< End of report >
|
|
01.07.2012, 13:01
| #4 | |
| /// Malware-holic | Security Shield - komplett entfernt? hi Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!Downloade dir bitte Combofix von einem dieser Downloadspiegel Link 1 Link 2 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
01.07.2012, 13:22
| #5 |
| | Security Shield - komplett entfernt? Mir wird angezeigt dass mein PC nicht über die 'Microsoft-Wiederherstellungskonsole' verfügt und dass Combofix ohne diese die Reparatur einiger schwerer Infizierungen nicht vornehmen wird, soll ich diese nun herunterladen und installieren? |
|
02.07.2012, 14:05
| #6 |
| /// Malware-holic | Security Shield - komplett entfernt? ja, einfach allen anweisungen von cf folgen bitte.
__________________ --> Security Shield - komplett entfernt? |
|
02.07.2012, 16:59
| #7 |
| | Security Shield - komplett entfernt? Alles klar, hier der CF-log Code:
ATTFilter ComboFix 12-07-02.01 - *** 02.07.2012 17:39:12.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.49.1031.18.1918.1238 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\***\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
FW: ZoneAlarm Firewall *Disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokumente und einstellungen\All Users\Anwendungsdaten\TEMP
c:\dokumente und einstellungen\***\WINDOWS
c:\dokumente und einstellungen\***\Lokale Einstellungen\Anwendungsdaten\uvbijyvmn.exe
c:\windows\IsUn0407.exe
c:\windows\system32\SETDF.tmp
c:\windows\system32\SETEB.tmp
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-06-02 bis 2012-07-02 ))))))))))))))))))))))))))))))
.
.
2012-07-01 08:49 . 2012-07-01 10:11 664 ----a-w- c:\dokumente und einstellungen\***\Lokale Einstellungen\Anwendungsdaten\d3d9caps.tmp
2012-06-30 21:35 . 2012-06-30 21:51 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-06-30 21:35 . 2009-02-13 09:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2012-06-30 21:35 . 2009-02-13 09:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2012-06-30 21:35 . 2012-06-30 21:35 -------- d-----w- c:\programme\Avira
2012-06-30 21:35 . 2012-06-30 21:35 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Avira
2012-06-30 19:21 . 2012-06-30 19:21 -------- d-----w- c:\dokumente und einstellungen\***\Anwendungsdaten\Malwarebytes
2012-06-30 18:08 . 2012-06-30 18:08 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-06-30 18:08 . 2012-06-30 18:08 -------- d-----w- c:\dokumente und einstellungen\***\Anwendungsdaten\Malwarebytes
2012-06-30 18:08 . 2012-06-30 18:08 -------- d-----w- c:\programme\Malwarebytes' Anti-Malware
2012-06-30 18:08 . 2012-06-30 18:08 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes
2012-06-30 18:08 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-28 20:41 . 2012-06-28 20:41 -------- d-----w- c:\dokumente und einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Mozilla Firefox
2012-06-28 05:17 . 2012-06-28 05:17 -------- d-----w- c:\programme\LogMeIn Hamachi
2012-06-27 21:08 . 2012-06-27 21:08 -------- d-----w- c:\dokumente und einstellungen\***\Anwendungsdaten\Apple Computer
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-30 21:51 . 2009-03-19 11:17 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2006-05-03 10:06 163328 --sh--r- c:\windows\system32\flvDX.dll
2007-02-21 11:47 31232 --sh--r- c:\windows\system32\msfDX.dll
2008-03-16 13:30 216064 --sh--r- c:\windows\system32\nbDX.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programme\Gemeinsame Dateien\Nero\Lib\NMBgMonitor.exe" [2007-09-20 202024]
"Steam"="c:\programme\steam\steam.exe" [2011-08-10 1242448]
"DAEMON Tools Lite"="c:\programme\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AtiPTA"="atiptaxx.exe" [2006-02-22 344064]
"mxomssmenu"="c:\programme\Maxtor\OneTouch Status\maxmenumgr.exe" [2008-07-21 169312]
"SynTPEnh"="c:\programme\Synaptics\SynTP\SynTPEnh.exe" [2005-12-07 761947]
"MagicKeyboard"="c:\programme\SAMSUNG\MagicKBD\PreMKBD.exe" [2006-05-17 151552]
"DMHotKey"="c:\programme\Samsung\DisplayManager\DMLoader.exe" [2005-11-23 356352]
"RTHDCPL"="RTHDCPL.EXE" [2006-04-04 16120832]
"NeroFilterCheck"="c:\programme\Gemeinsame Dateien\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"NBKeyScan"="c:\programme\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 1836328]
"AdobeCS4ServiceManager"="c:\programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2010-02-18 248040]
"snpstd3"="c:\windows\vsnpstd3.exe" [2006-05-12 831488]
"DivXUpdate"="c:\programme\DivX\DivX Update\DivXUpdate.exe" [2010-06-03 1144104]
"QuickTime Task"="c:\programme\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\programme\iTunes\iTunesHelper.exe" [2011-06-07 421160]
"LogMeIn Hamachi Ui"="c:\programme\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-06-27 1996200]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\dokumente und einstellungen\***\Startmenü\Programme\Autostart\
OpenOffice.org 3.0.lnk - c:\programme\OpenOffice.org 3\program\quickstart.exe [2008-9-12 384000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programme\\TerraTec\\TerraTec Home Cinema\\CinergyDvrSetup.exe"=
"c:\\Programme\\TerraTec\\TerraTec Home Cinema\\tvtvSetup\\tvtv_Wizard.exe"=
"c:\\Programme\\TerraTec\\TerraTec Home Cinema\\CinergyDvr.exe"=
"c:\\Programme\\Messenger\\msmsgs.exe"=
"c:\\Programme\\VoipStunt.com\\VoipStunt\\VoipStunt.exe"=
"c:\\Programme\\Gemeinsame Dateien\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Programme\\Steam\\SteamApps\\common\\unreal tournament 3\\Binaries\\UT3.exe"=
"c:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programme\\MessengerDiscovery\\MessengerDiscovery Live.exe"=
"c:\\Programme\\Java\\jdk1.6.0_14\\jre\\bin\\java.exe"=
"c:\\Programme\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Programme\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Programme\\Steam\\SteamApps\\common\\audiosurf\\engine\\QuestViewer.exe"=
"c:\\Programme\\TmNationsForever\\TmForever.exe"=
"c:\\Dokumente und Einstellungen\\***\\Desktop\\openarena-0.8.1\\openarena.exe"=
"c:\\Programme\\Skype\\Phone\\Skype.exe"=
"c:\\Programme\\Bonjour\\mDNSResponder.exe"=
"c:\\Programme\\iTunes\\iTunes.exe"=
"c:\\DATEN\\Spiele\\IPCurve\\ipcurve.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"7531:TCP"= 7531:TCP:lczyg
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [20.04.2009 23:06 721904]
R1 oreans32;oreans32;c:\windows\system32\drivers\oreans32.sys [06.05.2010 17:28 33824]
R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [30.06.2012 23:35 108289]
R2 DOSMEMIO;MEMIO;c:\windows\system32\MEMIO.SYS [28.12.2008 01:13 4300]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\programme\LogMeIn Hamachi\hamachi-2.exe [27.06.2012 12:29 1385896]
R3 SSB2413;SSB2413 Wireless Network Adapter Service;c:\windows\system32\drivers\SSB2413.sys [28.12.2008 01:12 470112]
S2 aszgadrf;Universal Task;c:\windows\system32\svchost.exe -k netsvcs [04.08.2004 14:00 14336]
S2 gupdate1c98f6c349d8c30;Google Update Service (gupdate1c98f6c349d8c30);c:\programme\Google\Update\GoogleUpdate.exe [15.02.2009 14:52 133104]
S3 gupdatem;Google Update-Dienst (gupdatem);c:\programme\Google\Update\GoogleUpdate.exe [15.02.2009 14:52 133104]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [30.06.2012 20:08 40776]
S3 MODRC;Cinergy HT USB XE IR Service;c:\windows\system32\drivers\modrc.sys [30.12.2008 23:21 13056]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
aszgadrf
.
Inhalt des "geplante Tasks" Ordners
.
2012-07-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2009-02-15 12:51]
.
2012-07-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2009-02-15 12:51]
.
.
------- Zusätzlicher Suchlauf -------
.
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube to Mp3 Converter - c:\dokumente und einstellungen\***\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: Save YouTube Video
LSP: %SystemRoot%\system32\PrxerDrv.dll
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
FF - ProfilePath - c:\dokumente und einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\oz15l6zj.default\
FF - prefs.js: browser.startup.homepage - www.google.de
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\programme\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension for Firefox: {B13721C7-F507-4982-B2E5-502A71474FED} - c:\programme\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - c:\programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: FoxTab: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} - %profile%\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
FF - Ext: Aero Fox XL: {5c8bfb7c-9a54-11dc-8314-0800200c9a66} - %profile%\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: ReloadEvery: {888d99e7-e8b5-46a3-851e-1ec45da1e644} - %profile%\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
FF - Ext: Adobe DLM (powered by getPlus(R)): {E2883E8F-472F-4fb0-9522-AC9BF37916A7} - %profile%\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
FF - Ext: Tamper Data: {9c51bd27-6ed8-4000-a2bf-36cb95c0c947} - %profile%\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}
FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: vShare Plugin: vshare@toolbar - %profile%\extensions\vshare@toolbar
FF - Ext: Virtus Search Opt-in: extension@virtusdesigns.com - %profile%\extensions\extension@virtusdesigns.com
FF - Ext: Java Quick Starter: jqs@sun.com - c:\programme\Java\jre6\lib\deploy\jqs\ff
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-ZoneAlarm Client - c:\programme\Zone Labs\ZoneAlarm\zlclient.exe
AddRemove-DAEMON Tools Toolbar - c:\programme\DAEMON Tools Toolbar\uninst.exe
AddRemove-Finale Reader - c:\programme\Finale Reader\uninstallRD.exe
AddRemove-Herrscher des Olymp - Zeus - c:\windows\IsUn0407.exe
AddRemove-igLoader - c:\programme\igLoader\uninstall.exe
AddRemove-2kv4.8.442 - c:\windows\Radeon Omega Drivers v4.8.442
AddRemove-ZoneAlarm - c:\programme\Zone Labs\ZoneAlarm\zauninst.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\programme\DivX\DivXCodecUninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-07-02 17:46
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aszgadrf]
"ServiceDll"="c:\windows\system32\lieuvzr.dll"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-682003330-1343024091-2147069159-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B9FF1D09-F9FC-8811-A9FB-8E97799FFAAC}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"laoiendbhaliokklcoloommp"=hex:64,62,6c,64,62,6a,6a,70,64,62,6e,6b,70,65,62,64,
6a,6e,6a,65,69,67,66,64,6b,6c,61,6d,6c,61,6c,67,70,67,6f,70,69,70,70,68,00,\
"maeidnbehjcnomdfmjppcgiknb"=hex:64,61,6d,64,62,6a,70,6f,00,62
"laeidnbehjcnomdfojbanpnm"=hex:64,62,6c,64,62,6a,6a,70,64,62,6e,6b,70,65,62,64,
6a,6e,6a,65,69,67,66,64,6b,6c,61,6d,6c,61,6c,67,70,67,6f,70,69,70,70,68,00,\
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'winlogon.exe'(712)
c:\windows\system32\Ati2evxx.dll
.
Zeit der Fertigstellung: 2012-07-02 17:49:07
ComboFix-quarantined-files.txt 2012-07-02 15:49
.
Vor Suchlauf: 5.453.185.024 Bytes frei
Nach Suchlauf: 7.468.412.928 Bytes frei
.
WindowsXP-KB310994-SP2-Home-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 7F04611376C93F2FB1E58FA424212D1B
|
|
03.07.2012, 13:41
| #8 |
| /// Malware-holic | Security Shield - komplett entfernt? hi download tdss killer: http://www.trojaner-board.de/82358-t...entfernen.html Klicke auf Change parameters • Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system • Klick auf OK und anschließend auf Start scan - bei funden erst mal immer skip wählen, log posten
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
03.07.2012, 19:43
| #9 |
| | Security Shield - komplett entfernt? Hey, hier der Report von TDSS Killer: Code:
ATTFilter 20:37:34.0234 3140 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08
20:37:34.0671 3140 ============================================================
20:37:34.0671 3140 Current date / time: 2012/07/03 20:37:34.0671
20:37:34.0671 3140 SystemInfo:
20:37:34.0671 3140
20:37:34.0671 3140 OS Version: 5.1.2600 ServicePack: 3.0
20:37:34.0671 3140 Product type: Workstation
20:37:34.0671 3140 ComputerName: HAMMER
20:37:34.0671 3140 UserName: DoS
20:37:34.0671 3140 Windows directory: C:\WINDOWS
20:37:34.0671 3140 System windows directory: C:\WINDOWS
20:37:34.0671 3140 Processor architecture: Intel x86
20:37:34.0671 3140 Number of processors: 2
20:37:34.0671 3140 Page size: 0x1000
20:37:34.0671 3140 Boot type: Normal boot
20:37:34.0671 3140 ============================================================
20:37:37.0093 3140 Drive \Device\Harddisk0\DR0 - Size: 0x1A2BC6C000 (104.68 Gb), SectorSize: 0x200, Cylinders: 0x3561, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:37:37.0109 3140 ============================================================
20:37:37.0109 3140 \Device\Harddisk0\DR0:
20:37:37.0109 3140 MBR partitions:
20:37:37.0109 3140 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xD157D21
20:37:37.0109 3140 ============================================================
20:37:37.0125 3140 C: <-> \Device\Harddisk0\DR0\Partition0
20:37:37.0125 3140 ============================================================
20:37:37.0125 3140 Initialize success
20:37:37.0125 3140 ============================================================
20:37:42.0890 2008 ============================================================
20:37:42.0890 2008 Scan started
20:37:42.0890 2008 Mode: Manual; SigCheck; TDLFS;
20:37:42.0890 2008 ============================================================
20:37:43.0453 2008 Abiosdsk - ok
20:37:43.0468 2008 abp480n5 - ok
20:37:43.0531 2008 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:37:43.0703 2008 ACPI ( UnsignedFile.Multi.Generic ) - warning
20:37:43.0703 2008 ACPI - detected UnsignedFile.Multi.Generic (1)
20:37:43.0734 2008 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
20:37:43.0750 2008 ACPIEC ( UnsignedFile.Multi.Generic ) - warning
20:37:43.0750 2008 ACPIEC - detected UnsignedFile.Multi.Generic (1)
20:37:43.0812 2008 Adobe LM Service (303c174a7303a7702a68653152fc65a0) C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
20:37:43.0843 2008 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
20:37:43.0843 2008 Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
20:37:43.0843 2008 adpu160m - ok
20:37:43.0906 2008 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
20:37:43.0937 2008 aec ( UnsignedFile.Multi.Generic ) - warning
20:37:43.0937 2008 aec - detected UnsignedFile.Multi.Generic (1)
20:37:43.0968 2008 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
20:37:44.0000 2008 AFD ( UnsignedFile.Multi.Generic ) - warning
20:37:44.0000 2008 AFD - detected UnsignedFile.Multi.Generic (1)
20:37:44.0000 2008 Aha154x - ok
20:37:44.0015 2008 aic78u2 - ok
20:37:44.0031 2008 aic78xx - ok
20:37:44.0078 2008 Alerter (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
20:37:44.0109 2008 Alerter ( UnsignedFile.Multi.Generic ) - warning
20:37:44.0109 2008 Alerter - detected UnsignedFile.Multi.Generic (1)
20:37:44.0125 2008 ALG (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
20:37:44.0156 2008 ALG ( UnsignedFile.Multi.Generic ) - warning
20:37:44.0156 2008 ALG - detected UnsignedFile.Multi.Generic (1)
20:37:44.0156 2008 AliIde - ok
20:37:44.0171 2008 amsint - ok
20:37:44.0328 2008 AntiVirSchedulerService (9015bc03f62940527ec92d45ee89e46f) C:\Programme\Avira\AntiVir Desktop\sched.exe
20:37:44.0343 2008 AntiVirSchedulerService ( UnsignedFile.Multi.Generic ) - warning
20:37:44.0343 2008 AntiVirSchedulerService - detected UnsignedFile.Multi.Generic (1)
20:37:44.0390 2008 AntiVirService (b8720a787c1223492e6f319465e996ce) C:\Programme\Avira\AntiVir Desktop\avguard.exe
20:37:44.0406 2008 AntiVirService ( UnsignedFile.Multi.Generic ) - warning
20:37:44.0406 2008 AntiVirService - detected UnsignedFile.Multi.Generic (1)
20:37:44.0468 2008 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:37:44.0546 2008 Apple Mobile Device - ok
20:37:44.0546 2008 AppMgmt - ok
20:37:44.0562 2008 asc - ok
20:37:44.0578 2008 asc3350p - ok
20:37:44.0578 2008 asc3550 - ok
20:37:44.0671 2008 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:37:44.0703 2008 aspnet_state - ok
20:37:44.0718 2008 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:37:44.0765 2008 AsyncMac ( UnsignedFile.Multi.Generic ) - warning
20:37:44.0765 2008 AsyncMac - detected UnsignedFile.Multi.Generic (1)
20:37:44.0765 2008 Suspicious service (NoAccess): aszgadrf
20:37:44.0781 2008 aszgadrf ( LockedService.Multi.Generic ) - warning
20:37:44.0781 2008 aszgadrf - detected LockedService.Multi.Generic (1)
20:37:44.0812 2008 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:37:44.0828 2008 atapi ( UnsignedFile.Multi.Generic ) - warning
20:37:44.0828 2008 atapi - detected UnsignedFile.Multi.Generic (1)
20:37:44.0843 2008 Atdisk - ok
20:37:44.0906 2008 Ati HotKey Poller (e02abc15c3428809f7bcb82571633575) C:\WINDOWS\system32\Ati2evxx.exe
20:37:44.0953 2008 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - warning
20:37:44.0953 2008 Ati HotKey Poller - detected UnsignedFile.Multi.Generic (1)
20:37:45.0015 2008 ATI Smart (3ae69ea1af3d65c362869d6dec0cfa52) C:\WINDOWS\system32\ati2sgag.exe
20:37:45.0109 2008 ATI Smart ( UnsignedFile.Multi.Generic ) - warning
20:37:45.0109 2008 ATI Smart - detected UnsignedFile.Multi.Generic (1)
20:37:45.0328 2008 ati2mtag (ec2743bf722d4356375a0a01b69a81e0) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
20:37:45.0656 2008 ati2mtag ( UnsignedFile.Multi.Generic ) - warning
20:37:45.0656 2008 ati2mtag - detected UnsignedFile.Multi.Generic (1)
20:37:45.0843 2008 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:37:45.0875 2008 Atmarpc ( UnsignedFile.Multi.Generic ) - warning
20:37:45.0875 2008 Atmarpc - detected UnsignedFile.Multi.Generic (1)
20:37:45.0906 2008 AudioSrv (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
20:37:45.0921 2008 AudioSrv ( UnsignedFile.Multi.Generic ) - warning
20:37:45.0921 2008 AudioSrv - detected UnsignedFile.Multi.Generic (1)
20:37:45.0968 2008 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:37:45.0984 2008 audstub ( UnsignedFile.Multi.Generic ) - warning
20:37:45.0984 2008 audstub - detected UnsignedFile.Multi.Generic (1)
20:37:46.0125 2008 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Programme\Avira\AntiVir Desktop\avgio.sys
20:37:46.0156 2008 avgio - ok
20:37:46.0203 2008 avgntflt (14fe36d8f2c6a2435275338d061a0b66) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
20:37:46.0781 2008 avgntflt - ok
20:37:46.0828 2008 avipbb (6d52060b59e7d79cd2a044b6add1f1ef) C:\WINDOWS\system32\DRIVERS\avipbb.sys
20:37:46.0859 2008 avipbb - ok
20:37:46.0890 2008 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:37:46.0937 2008 Beep ( UnsignedFile.Multi.Generic ) - warning
20:37:46.0937 2008 Beep - detected UnsignedFile.Multi.Generic (1)
20:37:47.0015 2008 BITS (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
20:37:47.0093 2008 BITS ( UnsignedFile.Multi.Generic ) - warning
20:37:47.0093 2008 BITS - detected UnsignedFile.Multi.Generic (1)
20:37:47.0171 2008 Bonjour Service (f2060a34c8a75bc24a9222eb4f8c07bd) C:\Programme\Bonjour\mDNSResponder.exe
20:37:47.0203 2008 Bonjour Service - ok
20:37:47.0250 2008 Browser (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
20:37:47.0265 2008 Browser ( UnsignedFile.Multi.Generic ) - warning
20:37:47.0265 2008 Browser - detected UnsignedFile.Multi.Generic (1)
20:37:47.0359 2008 catchme - ok
20:37:47.0390 2008 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:37:47.0437 2008 cbidf2k ( UnsignedFile.Multi.Generic ) - warning
20:37:47.0437 2008 cbidf2k - detected UnsignedFile.Multi.Generic (1)
20:37:47.0484 2008 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
20:37:47.0500 2008 CCDECODE ( UnsignedFile.Multi.Generic ) - warning
20:37:47.0500 2008 CCDECODE - detected UnsignedFile.Multi.Generic (1)
20:37:47.0515 2008 cd20xrnt - ok
20:37:47.0546 2008 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:37:47.0578 2008 Cdaudio ( UnsignedFile.Multi.Generic ) - warning
20:37:47.0578 2008 Cdaudio - detected UnsignedFile.Multi.Generic (1)
20:37:47.0609 2008 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
20:37:47.0640 2008 Cdfs ( UnsignedFile.Multi.Generic ) - warning
20:37:47.0640 2008 Cdfs - detected UnsignedFile.Multi.Generic (1)
20:37:47.0671 2008 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:37:47.0703 2008 Cdrom ( UnsignedFile.Multi.Generic ) - warning
20:37:47.0703 2008 Cdrom - detected UnsignedFile.Multi.Generic (1)
20:37:47.0703 2008 Changer - ok
20:37:47.0734 2008 CiSvc (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
20:37:47.0765 2008 CiSvc ( UnsignedFile.Multi.Generic ) - warning
20:37:47.0765 2008 CiSvc - detected UnsignedFile.Multi.Generic (1)
20:37:47.0781 2008 ClipSrv (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
20:37:47.0812 2008 ClipSrv ( UnsignedFile.Multi.Generic ) - warning
20:37:47.0812 2008 ClipSrv - detected UnsignedFile.Multi.Generic (1)
20:37:47.0906 2008 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:37:47.0937 2008 clr_optimization_v2.0.50727_32 - ok
20:37:47.0968 2008 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
20:37:48.0015 2008 CmBatt ( UnsignedFile.Multi.Generic ) - warning
20:37:48.0015 2008 CmBatt - detected UnsignedFile.Multi.Generic (1)
20:37:48.0031 2008 CmdIde - ok
20:37:48.0046 2008 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
20:37:48.0062 2008 Compbatt ( UnsignedFile.Multi.Generic ) - warning
20:37:48.0062 2008 Compbatt - detected UnsignedFile.Multi.Generic (1)
20:37:48.0078 2008 COMSysApp - ok
20:37:48.0093 2008 Cpqarray - ok
20:37:48.0125 2008 CryptSvc (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
20:37:48.0140 2008 CryptSvc ( UnsignedFile.Multi.Generic ) - warning
20:37:48.0140 2008 CryptSvc - detected UnsignedFile.Multi.Generic (1)
20:37:48.0156 2008 dac2w2k - ok
20:37:48.0171 2008 dac960nt - ok
20:37:48.0218 2008 DcomLaunch (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
20:37:48.0265 2008 DcomLaunch ( UnsignedFile.Multi.Generic ) - warning
20:37:48.0265 2008 DcomLaunch - detected UnsignedFile.Multi.Generic (1)
20:37:48.0312 2008 Dhcp (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
20:37:48.0328 2008 Dhcp ( UnsignedFile.Multi.Generic ) - warning
20:37:48.0328 2008 Dhcp - detected UnsignedFile.Multi.Generic (1)
20:37:48.0343 2008 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
20:37:48.0375 2008 Disk ( UnsignedFile.Multi.Generic ) - warning
20:37:48.0375 2008 Disk - detected UnsignedFile.Multi.Generic (1)
20:37:48.0390 2008 dmadmin - ok
20:37:48.0468 2008 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
20:37:48.0546 2008 dmboot ( UnsignedFile.Multi.Generic ) - warning
20:37:48.0546 2008 dmboot - detected UnsignedFile.Multi.Generic (1)
20:37:48.0593 2008 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
20:37:48.0656 2008 dmio ( UnsignedFile.Multi.Generic ) - warning
20:37:48.0656 2008 dmio - detected UnsignedFile.Multi.Generic (1)
20:37:48.0703 2008 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:37:48.0718 2008 dmload ( UnsignedFile.Multi.Generic ) - warning
20:37:48.0718 2008 dmload - detected UnsignedFile.Multi.Generic (1)
20:37:48.0750 2008 dmserver (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
20:37:48.0781 2008 dmserver ( UnsignedFile.Multi.Generic ) - warning
20:37:48.0781 2008 dmserver - detected UnsignedFile.Multi.Generic (1)
20:37:48.0968 2008 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
20:37:49.0078 2008 DMusic ( UnsignedFile.Multi.Generic ) - warning
20:37:49.0078 2008 DMusic - detected UnsignedFile.Multi.Generic (1)
20:37:49.0125 2008 Dnscache (8c9ed3b2834aae63081ab2da831c6fe9) C:\WINDOWS\System32\dnsrslvr.dll
20:37:49.0140 2008 Dnscache ( UnsignedFile.Multi.Generic ) - warning
20:37:49.0140 2008 Dnscache - detected UnsignedFile.Multi.Generic (1)
20:37:49.0187 2008 DOSMEMIO (8a4cb9438571814b128b6dc30d698064) C:\WINDOWS\system32\MEMIO.SYS
20:37:49.0203 2008 DOSMEMIO ( UnsignedFile.Multi.Generic ) - warning
20:37:49.0203 2008 DOSMEMIO - detected UnsignedFile.Multi.Generic (1)
20:37:49.0250 2008 Dot3svc (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
20:37:49.0281 2008 Dot3svc ( UnsignedFile.Multi.Generic ) - warning
20:37:49.0281 2008 Dot3svc - detected UnsignedFile.Multi.Generic (1)
20:37:49.0296 2008 dpti2o - ok
20:37:49.0312 2008 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
20:37:49.0359 2008 drmkaud ( UnsignedFile.Multi.Generic ) - warning
20:37:49.0359 2008 drmkaud - detected UnsignedFile.Multi.Generic (1)
20:37:49.0406 2008 EapHost (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
20:37:49.0437 2008 EapHost ( UnsignedFile.Multi.Generic ) - warning
20:37:49.0437 2008 EapHost - detected UnsignedFile.Multi.Generic (1)
20:37:49.0468 2008 ERSvc (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
20:37:49.0484 2008 ERSvc ( UnsignedFile.Multi.Generic ) - warning
20:37:49.0484 2008 ERSvc - detected UnsignedFile.Multi.Generic (1)
20:37:49.0531 2008 Eventlog (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
20:37:49.0546 2008 Eventlog ( UnsignedFile.Multi.Generic ) - warning
20:37:49.0546 2008 Eventlog - detected UnsignedFile.Multi.Generic (1)
20:37:49.0625 2008 EventSystem (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
20:37:49.0640 2008 EventSystem ( UnsignedFile.Multi.Generic ) - warning
20:37:49.0640 2008 EventSystem - detected UnsignedFile.Multi.Generic (1)
20:37:49.0687 2008 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
20:37:49.0734 2008 Fastfat ( UnsignedFile.Multi.Generic ) - warning
20:37:49.0734 2008 Fastfat - detected UnsignedFile.Multi.Generic (1)
20:37:49.0765 2008 FastUserSwitchingCompatibility (40602ebfbe06aa075c8e4560743f6883) C:\WINDOWS\System32\shsvcs.dll
20:37:49.0828 2008 FastUserSwitchingCompatibility ( UnsignedFile.Multi.Generic ) - warning
20:37:49.0828 2008 FastUserSwitchingCompatibility - detected UnsignedFile.Multi.Generic (1)
20:37:49.0859 2008 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
20:37:49.0875 2008 Fdc ( UnsignedFile.Multi.Generic ) - warning
20:37:49.0875 2008 Fdc - detected UnsignedFile.Multi.Generic (1)
20:37:49.0906 2008 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
20:37:49.0937 2008 Fips ( UnsignedFile.Multi.Generic ) - warning
20:37:49.0937 2008 Fips - detected UnsignedFile.Multi.Generic (1)
20:37:50.0046 2008 FLEXnet Licensing Service (1f63900e2eb00101b9aca2b7a870704e) C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
20:37:50.0140 2008 FLEXnet Licensing Service - ok
20:37:50.0156 2008 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
20:37:50.0187 2008 Flpydisk ( UnsignedFile.Multi.Generic ) - warning
20:37:50.0187 2008 Flpydisk - detected UnsignedFile.Multi.Generic (1)
20:37:50.0250 2008 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
20:37:50.0296 2008 FltMgr ( UnsignedFile.Multi.Generic ) - warning
20:37:50.0296 2008 FltMgr - detected UnsignedFile.Multi.Generic (1)
20:37:50.0437 2008 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:37:50.0468 2008 FontCache3.0.0.0 - ok
20:37:50.0500 2008 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:37:50.0531 2008 Fs_Rec ( UnsignedFile.Multi.Generic ) - warning
20:37:50.0531 2008 Fs_Rec - detected UnsignedFile.Multi.Generic (1)
20:37:50.0546 2008 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:37:50.0578 2008 Ftdisk ( UnsignedFile.Multi.Generic ) - warning
20:37:50.0578 2008 Ftdisk - detected UnsignedFile.Multi.Generic (1)
20:37:50.0640 2008 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
20:37:50.0656 2008 GEARAspiWDM - ok
20:37:50.0734 2008 getPlusHelper (fd7e9aba274df75e08320420b8e9a1d5) C:\Programme\NOS\bin\getPlus_Helper.dll
20:37:50.0781 2008 getPlusHelper - ok
20:37:50.0812 2008 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:37:50.0859 2008 Gpc ( UnsignedFile.Multi.Generic ) - warning
20:37:50.0859 2008 Gpc - detected UnsignedFile.Multi.Generic (1)
20:37:50.0937 2008 gupdate1c98f6c349d8c30 (626a24ed1228580b9518c01930936df9) C:\Programme\Google\Update\GoogleUpdate.exe
20:37:50.0953 2008 gupdate1c98f6c349d8c30 - ok
20:37:50.0968 2008 gupdatem (626a24ed1228580b9518c01930936df9) C:\Programme\Google\Update\GoogleUpdate.exe
20:37:50.0984 2008 gupdatem - ok
20:37:51.0015 2008 hamachi (833051c6c6c42117191935f734cfbd97) C:\WINDOWS\system32\DRIVERS\hamachi.sys
20:37:51.0031 2008 hamachi - ok
20:37:51.0187 2008 Hamachi2Svc (f31d7f8a7699575dbb3b3a3ab4aa6216) C:\Programme\LogMeIn Hamachi\hamachi-2.exe
20:37:51.0296 2008 Hamachi2Svc - ok
20:37:51.0437 2008 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:37:51.0484 2008 HDAudBus ( UnsignedFile.Multi.Generic ) - warning
20:37:51.0484 2008 HDAudBus - detected UnsignedFile.Multi.Generic (1)
20:37:51.0578 2008 helpsvc (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:37:51.0593 2008 helpsvc ( UnsignedFile.Multi.Generic ) - warning
20:37:51.0593 2008 helpsvc - detected UnsignedFile.Multi.Generic (1)
20:37:51.0640 2008 HidServ (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll
20:37:51.0656 2008 HidServ ( UnsignedFile.Multi.Generic ) - warning
20:37:51.0656 2008 HidServ - detected UnsignedFile.Multi.Generic (1)
20:37:51.0687 2008 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:37:51.0718 2008 hidusb ( UnsignedFile.Multi.Generic ) - warning
20:37:51.0718 2008 hidusb - detected UnsignedFile.Multi.Generic (1)
20:37:51.0765 2008 hkmsvc (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
20:37:51.0796 2008 hkmsvc ( UnsignedFile.Multi.Generic ) - warning
20:37:51.0796 2008 hkmsvc - detected UnsignedFile.Multi.Generic (1)
20:37:51.0796 2008 hpn - ok
20:37:51.0875 2008 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
20:37:51.0906 2008 HTTP ( UnsignedFile.Multi.Generic ) - warning
20:37:51.0906 2008 HTTP - detected UnsignedFile.Multi.Generic (1)
20:37:51.0937 2008 HTTPFilter (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
20:37:51.0968 2008 HTTPFilter ( UnsignedFile.Multi.Generic ) - warning
20:37:51.0968 2008 HTTPFilter - detected UnsignedFile.Multi.Generic (1)
20:37:51.0968 2008 i2omgmt - ok
20:37:51.0984 2008 i2omp - ok
20:37:52.0015 2008 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:37:52.0046 2008 i8042prt ( UnsignedFile.Multi.Generic ) - warning
20:37:52.0046 2008 i8042prt - detected UnsignedFile.Multi.Generic (1)
20:37:52.0265 2008 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:37:52.0390 2008 idsvc - ok
20:37:52.0421 2008 imagedrv (e07e97d53324408979cc9f8f9dcd1484) C:\WINDOWS\system32\Drivers\imagedrv.sys
20:37:52.0453 2008 imagedrv - ok
20:37:52.0468 2008 imagesrv (1a24cd53f32eb83da1a00cdccf8eeb2f) C:\WINDOWS\system32\DRIVERS\imagesrv.sys
20:37:52.0500 2008 imagesrv - ok
20:37:52.0546 2008 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:37:52.0593 2008 Imapi ( UnsignedFile.Multi.Generic ) - warning
20:37:52.0593 2008 Imapi - detected UnsignedFile.Multi.Generic (1)
20:37:52.0640 2008 ImapiService (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
20:37:52.0656 2008 ImapiService ( UnsignedFile.Multi.Generic ) - warning
20:37:52.0656 2008 ImapiService - detected UnsignedFile.Multi.Generic (1)
20:37:52.0671 2008 ini910u - ok
20:37:52.0968 2008 IntcAzAudAddService (2389f12f0ed506176b7c29c8144cea09) C:\WINDOWS\system32\drivers\RtkHDAud.sys
20:37:53.0265 2008 IntcAzAudAddService ( UnsignedFile.Multi.Generic ) - warning
20:37:53.0265 2008 IntcAzAudAddService - detected UnsignedFile.Multi.Generic (1)
20:37:53.0390 2008 IntelIde - ok
20:37:53.0437 2008 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:37:53.0437 2008 intelppm ( UnsignedFile.Multi.Generic ) - warning
20:37:53.0437 2008 intelppm - detected UnsignedFile.Multi.Generic (1)
20:37:53.0468 2008 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
20:37:53.0484 2008 Ip6Fw ( UnsignedFile.Multi.Generic ) - warning
20:37:53.0484 2008 Ip6Fw - detected UnsignedFile.Multi.Generic (1)
20:37:53.0531 2008 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:37:53.0546 2008 IpFilterDriver ( UnsignedFile.Multi.Generic ) - warning
20:37:53.0546 2008 IpFilterDriver - detected UnsignedFile.Multi.Generic (1)
20:37:53.0593 2008 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:37:53.0656 2008 IpInIp ( UnsignedFile.Multi.Generic ) - warning
20:37:53.0656 2008 IpInIp - detected UnsignedFile.Multi.Generic (1)
20:37:53.0703 2008 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:37:53.0734 2008 IpNat ( UnsignedFile.Multi.Generic ) - warning
20:37:53.0734 2008 IpNat - detected UnsignedFile.Multi.Generic (1)
20:37:53.0859 2008 iPod Service (b84a28b3984185eda8867541af14cddb) C:\Programme\iPod\bin\iPodService.exe
20:37:53.0906 2008 iPod Service - ok
20:37:53.0937 2008 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:37:53.0968 2008 IPSec ( UnsignedFile.Multi.Generic ) - warning
20:37:53.0968 2008 IPSec - detected UnsignedFile.Multi.Generic (1)
20:37:54.0000 2008 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:37:54.0031 2008 IRENUM ( UnsignedFile.Multi.Generic ) - warning
20:37:54.0031 2008 IRENUM - detected UnsignedFile.Multi.Generic (1)
20:37:54.0046 2008 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:37:54.0078 2008 isapnp ( UnsignedFile.Multi.Generic ) - warning
20:37:54.0078 2008 isapnp - detected UnsignedFile.Multi.Generic (1)
20:37:54.0203 2008 JavaQuickStarterService (1834c96fb1f9280bcf6ddfa6de8338bf) C:\Programme\Java\jre6\bin\jqs.exe
20:37:54.0234 2008 JavaQuickStarterService - ok
20:37:54.0250 2008 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:37:54.0296 2008 Kbdclass ( UnsignedFile.Multi.Generic ) - warning
20:37:54.0296 2008 Kbdclass - detected UnsignedFile.Multi.Generic (1)
20:37:54.0343 2008 kbdhid (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:37:54.0359 2008 kbdhid ( UnsignedFile.Multi.Generic ) - warning
20:37:54.0359 2008 kbdhid - detected UnsignedFile.Multi.Generic (1)
20:37:54.0406 2008 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
20:37:54.0437 2008 kmixer ( UnsignedFile.Multi.Generic ) - warning
20:37:54.0437 2008 kmixer - detected UnsignedFile.Multi.Generic (1)
20:37:54.0484 2008 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys
20:37:54.0515 2008 KSecDD ( UnsignedFile.Multi.Generic ) - warning
20:37:54.0515 2008 KSecDD - detected UnsignedFile.Multi.Generic (1)
20:37:54.0531 2008 lanmanserver (d6eb4916b203cbe525f8eff5fd5ab16c) C:\WINDOWS\System32\srvsvc.dll
20:37:54.0562 2008 lanmanserver ( UnsignedFile.Multi.Generic ) - warning
20:37:54.0562 2008 lanmanserver - detected UnsignedFile.Multi.Generic (1)
20:37:54.0609 2008 lanmanworkstation (c0db1e9367681ecd7ecca9615c1d0f9b) C:\WINDOWS\System32\wkssvc.dll
20:37:54.0640 2008 lanmanworkstation ( UnsignedFile.Multi.Generic ) - warning
20:37:54.0640 2008 lanmanworkstation - detected UnsignedFile.Multi.Generic (1)
20:37:54.0640 2008 lbrtfdc - ok
20:37:54.0687 2008 LmHosts (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
20:37:54.0703 2008 LmHosts ( UnsignedFile.Multi.Generic ) - warning
20:37:54.0703 2008 LmHosts - detected UnsignedFile.Multi.Generic (1)
20:37:54.0750 2008 Maxtor Sync Service (1bdb34a492109198cab0575f2743be70) C:\Programme\Maxtor\Sync\SyncServices.exe
20:37:54.0765 2008 Maxtor Sync Service - ok
20:37:54.0796 2008 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
20:37:54.0828 2008 MBAMSwissArmy - ok
20:37:54.0843 2008 Messenger (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
20:37:54.0906 2008 Messenger ( UnsignedFile.Multi.Generic ) - warning
20:37:54.0906 2008 Messenger - detected UnsignedFile.Multi.Generic (1)
20:37:54.0953 2008 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:37:54.0968 2008 mnmdd ( UnsignedFile.Multi.Generic ) - warning
20:37:54.0968 2008 mnmdd - detected UnsignedFile.Multi.Generic (1)
20:37:55.0015 2008 mnmsrvc (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
20:37:55.0046 2008 mnmsrvc ( UnsignedFile.Multi.Generic ) - warning
20:37:55.0046 2008 mnmsrvc - detected UnsignedFile.Multi.Generic (1)
20:37:55.0109 2008 mod7700 (60dda9ca0836f7081616226998a6fdec) C:\WINDOWS\system32\DRIVERS\mod7700.sys
20:37:55.0171 2008 mod7700 ( UnsignedFile.Multi.Generic ) - warning
20:37:55.0171 2008 mod7700 - detected UnsignedFile.Multi.Generic (1)
20:37:55.0187 2008 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
20:37:55.0218 2008 Modem ( UnsignedFile.Multi.Generic ) - warning
20:37:55.0218 2008 Modem - detected UnsignedFile.Multi.Generic (1)
20:37:55.0250 2008 MODRC (3cc2b807c5534f0a70a447e1870773ef) C:\WINDOWS\system32\DRIVERS\modrc.sys
20:37:55.0265 2008 MODRC ( UnsignedFile.Multi.Generic ) - warning
20:37:55.0265 2008 MODRC - detected UnsignedFile.Multi.Generic (1)
20:37:55.0296 2008 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:37:55.0328 2008 Mouclass ( UnsignedFile.Multi.Generic ) - warning
20:37:55.0328 2008 Mouclass - detected UnsignedFile.Multi.Generic (1)
20:37:55.0359 2008 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:37:55.0406 2008 mouhid ( UnsignedFile.Multi.Generic ) - warning
20:37:55.0406 2008 mouhid - detected UnsignedFile.Multi.Generic (1)
20:37:55.0453 2008 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
20:37:55.0484 2008 MountMgr ( UnsignedFile.Multi.Generic ) - warning
20:37:55.0484 2008 MountMgr - detected UnsignedFile.Multi.Generic (1)
20:37:55.0515 2008 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
20:37:55.0562 2008 MPE ( UnsignedFile.Multi.Generic ) - warning
20:37:55.0562 2008 MPE - detected UnsignedFile.Multi.Generic (1)
20:37:55.0562 2008 mraid35x - ok
20:37:55.0578 2008 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:37:55.0625 2008 MRxDAV ( UnsignedFile.Multi.Generic ) - warning
20:37:55.0625 2008 MRxDAV - detected UnsignedFile.Multi.Generic (1)
20:37:55.0687 2008 MRxSmb (60ae98742484e7ab80c3c1450e708148) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:37:55.0765 2008 MRxSmb ( UnsignedFile.Multi.Generic ) - warning
20:37:55.0765 2008 MRxSmb - detected UnsignedFile.Multi.Generic (1)
20:37:55.0812 2008 MSDTC (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
20:37:55.0828 2008 MSDTC ( UnsignedFile.Multi.Generic ) - warning
20:37:55.0828 2008 MSDTC - detected UnsignedFile.Multi.Generic (1)
20:37:55.0843 2008 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
20:37:55.0875 2008 Msfs ( UnsignedFile.Multi.Generic ) - warning
20:37:55.0875 2008 Msfs - detected UnsignedFile.Multi.Generic (1)
20:37:55.0875 2008 MSIServer - ok
20:37:55.0937 2008 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:37:55.0953 2008 MSKSSRV ( UnsignedFile.Multi.Generic ) - warning
20:37:55.0953 2008 MSKSSRV - detected UnsignedFile.Multi.Generic (1)
20:37:55.0968 2008 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:37:56.0031 2008 MSPCLOCK ( UnsignedFile.Multi.Generic ) - warning
20:37:56.0031 2008 MSPCLOCK - detected UnsignedFile.Multi.Generic (1)
20:37:56.0031 2008 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
20:37:56.0062 2008 MSPQM ( UnsignedFile.Multi.Generic ) - warning
20:37:56.0062 2008 MSPQM - detected UnsignedFile.Multi.Generic (1)
20:37:56.0093 2008 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:37:56.0125 2008 mssmbios ( UnsignedFile.Multi.Generic ) - warning
20:37:56.0125 2008 mssmbios - detected UnsignedFile.Multi.Generic (1)
20:37:56.0218 2008 MSSQL$SQLEXPRESS - ok
20:37:56.0296 2008 MSSQLServerADHelper (c06ea83f6fc2959e897c117255b6b1d5) c:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe
20:37:56.0328 2008 MSSQLServerADHelper - ok
20:37:56.0359 2008 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
20:37:56.0406 2008 MSTEE ( UnsignedFile.Multi.Generic ) - warning
20:37:56.0406 2008 MSTEE - detected UnsignedFile.Multi.Generic (1)
20:37:56.0468 2008 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
20:37:56.0500 2008 Mup ( UnsignedFile.Multi.Generic ) - warning
20:37:56.0500 2008 Mup - detected UnsignedFile.Multi.Generic (1)
20:37:56.0546 2008 MXOPSWD (216ac775320f64de28cfeb7c179c4ff9) C:\WINDOWS\system32\DRIVERS\mxopswd.sys
20:37:56.0578 2008 MXOPSWD ( UnsignedFile.Multi.Generic ) - warning
20:37:56.0578 2008 MXOPSWD - detected UnsignedFile.Multi.Generic (1)
20:37:56.0609 2008 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
20:37:56.0656 2008 NABTSFEC ( UnsignedFile.Multi.Generic ) - warning
20:37:56.0656 2008 NABTSFEC - detected UnsignedFile.Multi.Generic (1)
20:37:56.0718 2008 napagent (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
20:37:56.0781 2008 napagent ( UnsignedFile.Multi.Generic ) - warning
20:37:56.0781 2008 napagent - detected UnsignedFile.Multi.Generic (1)
20:37:56.0812 2008 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
20:37:56.0859 2008 NDIS ( UnsignedFile.Multi.Generic ) - warning
20:37:56.0859 2008 NDIS - detected UnsignedFile.Multi.Generic (1)
20:37:56.0890 2008 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
20:37:56.0921 2008 NdisIP ( UnsignedFile.Multi.Generic ) - warning
20:37:56.0921 2008 NdisIP - detected UnsignedFile.Multi.Generic (1)
20:37:56.0937 2008 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:37:56.0984 2008 NdisTapi ( UnsignedFile.Multi.Generic ) - warning
20:37:56.0984 2008 NdisTapi - detected UnsignedFile.Multi.Generic (1)
20:37:57.0031 2008 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:37:57.0062 2008 Ndisuio ( UnsignedFile.Multi.Generic ) - warning
20:37:57.0062 2008 Ndisuio - detected UnsignedFile.Multi.Generic (1)
20:37:57.0078 2008 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:37:57.0125 2008 NdisWan ( UnsignedFile.Multi.Generic ) - warning
20:37:57.0125 2008 NdisWan - detected UnsignedFile.Multi.Generic (1)
20:37:57.0125 2008 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
20:37:57.0156 2008 NDProxy ( UnsignedFile.Multi.Generic ) - warning
20:37:57.0156 2008 NDProxy - detected UnsignedFile.Multi.Generic (1)
20:37:57.0281 2008 Nero BackItUp Scheduler 3 (6d4028d458eaaa1782099750790dc8c9) C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe
20:37:57.0343 2008 Nero BackItUp Scheduler 3 - ok
20:37:57.0375 2008 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
20:37:57.0406 2008 NetBIOS ( UnsignedFile.Multi.Generic ) - warning
20:37:57.0406 2008 NetBIOS - detected UnsignedFile.Multi.Generic (1)
20:37:57.0421 2008 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
20:37:57.0468 2008 NetBT ( UnsignedFile.Multi.Generic ) - warning
20:37:57.0468 2008 NetBT - detected UnsignedFile.Multi.Generic (1)
20:37:57.0500 2008 NetDDE (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
20:37:57.0562 2008 NetDDE ( UnsignedFile.Multi.Generic ) - warning
20:37:57.0562 2008 NetDDE - detected UnsignedFile.Multi.Generic (1)
20:37:57.0562 2008 NetDDEdsdm (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
20:37:57.0578 2008 NetDDEdsdm ( UnsignedFile.Multi.Generic ) - warning
20:37:57.0578 2008 NetDDEdsdm - detected UnsignedFile.Multi.Generic (1)
20:37:57.0640 2008 Netlogon (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:37:57.0640 2008 Netlogon ( UnsignedFile.Multi.Generic ) - warning
20:37:57.0640 2008 Netlogon - detected UnsignedFile.Multi.Generic (1)
20:37:57.0687 2008 Netman (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
20:37:57.0703 2008 Netman ( UnsignedFile.Multi.Generic ) - warning
20:37:57.0703 2008 Netman - detected UnsignedFile.Multi.Generic (1)
20:37:57.0843 2008 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:37:57.0875 2008 NetTcpPortSharing - ok
20:37:57.0937 2008 Nla (acd8bd448a74f344d46fcaf21bab92af) C:\WINDOWS\System32\mswsock.dll
20:37:57.0984 2008 Nla ( UnsignedFile.Multi.Generic ) - warning
20:37:57.0984 2008 Nla - detected UnsignedFile.Multi.Generic (1)
20:37:58.0109 2008 NMIndexingService (1bef5464c06f4af0c704378824c52adb) C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe
20:37:58.0156 2008 NMIndexingService - ok
20:37:58.0187 2008 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
20:37:58.0203 2008 Npfs ( UnsignedFile.Multi.Generic ) - warning
20:37:58.0203 2008 Npfs - detected UnsignedFile.Multi.Generic (1)
20:37:58.0312 2008 npkcrypt (aaf9b4df67938753cb21808ea3574242) C:\DATEN\Nameless-RO\npkcrypt.sys
20:37:58.0328 2008 npkcrypt ( UnsignedFile.Multi.Generic ) - warning
20:37:58.0328 2008 npkcrypt - detected UnsignedFile.Multi.Generic (1)
20:37:58.0406 2008 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
20:37:58.0500 2008 Ntfs ( UnsignedFile.Multi.Generic ) - warning
20:37:58.0500 2008 Ntfs - detected UnsignedFile.Multi.Generic (1)
20:37:58.0546 2008 NtLmSsp (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:37:58.0562 2008 NtLmSsp ( UnsignedFile.Multi.Generic ) - warning
20:37:58.0562 2008 NtLmSsp - detected UnsignedFile.Multi.Generic (1)
20:37:58.0609 2008 NtmsSvc (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
20:37:58.0656 2008 NtmsSvc ( UnsignedFile.Multi.Generic ) - warning
20:37:58.0656 2008 NtmsSvc - detected UnsignedFile.Multi.Generic (1)
20:37:58.0687 2008 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:37:58.0703 2008 Null ( UnsignedFile.Multi.Generic ) - warning
20:37:58.0703 2008 Null - detected UnsignedFile.Multi.Generic (1)
20:37:58.0750 2008 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:37:58.0765 2008 NwlnkFlt ( UnsignedFile.Multi.Generic ) - warning
20:37:58.0765 2008 NwlnkFlt - detected UnsignedFile.Multi.Generic (1)
20:37:58.0765 2008 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:37:58.0781 2008 NwlnkFwd ( UnsignedFile.Multi.Generic ) - warning
20:37:58.0781 2008 NwlnkFwd - detected UnsignedFile.Multi.Generic (1)
20:37:58.0828 2008 oreans32 (b99575d16f887883b821d372ff292c20) C:\WINDOWS\system32\drivers\oreans32.sys
20:37:58.0843 2008 oreans32 ( UnsignedFile.Multi.Generic ) - warning
20:37:58.0843 2008 oreans32 - detected UnsignedFile.Multi.Generic (1)
20:37:58.0859 2008 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\drivers\Parport.sys
20:37:58.0890 2008 Parport ( UnsignedFile.Multi.Generic ) - warning
20:37:58.0890 2008 Parport - detected UnsignedFile.Multi.Generic (1)
20:37:58.0921 2008 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
20:37:58.0953 2008 PartMgr ( UnsignedFile.Multi.Generic ) - warning
20:37:58.0953 2008 PartMgr - detected UnsignedFile.Multi.Generic (1)
20:37:58.0984 2008 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
20:37:59.0000 2008 ParVdm ( UnsignedFile.Multi.Generic ) - warning
20:37:59.0000 2008 ParVdm - detected UnsignedFile.Multi.Generic (1)
20:37:59.0015 2008 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
20:37:59.0031 2008 PCI ( UnsignedFile.Multi.Generic ) - warning
20:37:59.0031 2008 PCI - detected UnsignedFile.Multi.Generic (1)
20:37:59.0046 2008 PCIDump - ok
20:37:59.0046 2008 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
20:37:59.0062 2008 PCIIde ( UnsignedFile.Multi.Generic ) - warning
20:37:59.0062 2008 PCIIde - detected UnsignedFile.Multi.Generic (1)
20:37:59.0078 2008 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
20:37:59.0109 2008 Pcmcia ( UnsignedFile.Multi.Generic ) - warning
20:37:59.0109 2008 Pcmcia - detected UnsignedFile.Multi.Generic (1)
20:37:59.0109 2008 PDCOMP - ok
20:37:59.0125 2008 PDFRAME - ok
20:37:59.0140 2008 PDRELI - ok
20:37:59.0140 2008 PDRFRAME - ok
20:37:59.0156 2008 perc2 - ok
20:37:59.0171 2008 perc2hib - ok
20:37:59.0234 2008 PlugPlay (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
20:37:59.0250 2008 PlugPlay ( UnsignedFile.Multi.Generic ) - warning
20:37:59.0250 2008 PlugPlay - detected UnsignedFile.Multi.Generic (1)
20:37:59.0250 2008 PolicyAgent (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:37:59.0265 2008 PolicyAgent ( UnsignedFile.Multi.Generic ) - warning
20:37:59.0265 2008 PolicyAgent - detected UnsignedFile.Multi.Generic (1)
20:37:59.0281 2008 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:37:59.0296 2008 PptpMiniport ( UnsignedFile.Multi.Generic ) - warning
20:37:59.0296 2008 PptpMiniport - detected UnsignedFile.Multi.Generic (1)
20:37:59.0312 2008 ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:37:59.0328 2008 ProtectedStorage ( UnsignedFile.Multi.Generic ) - warning
20:37:59.0328 2008 ProtectedStorage - detected UnsignedFile.Multi.Generic (1)
20:37:59.0343 2008 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
20:37:59.0359 2008 PSched ( UnsignedFile.Multi.Generic ) - warning
20:37:59.0359 2008 PSched - detected UnsignedFile.Multi.Generic (1)
20:37:59.0406 2008 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:37:59.0421 2008 Ptilink ( UnsignedFile.Multi.Generic ) - warning
20:37:59.0421 2008 Ptilink - detected UnsignedFile.Multi.Generic (1)
20:37:59.0453 2008 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:37:59.0468 2008 PxHelp20 - ok
20:37:59.0484 2008 ql1080 - ok
20:37:59.0484 2008 Ql10wnt - ok
20:37:59.0500 2008 ql12160 - ok
20:37:59.0515 2008 ql1240 - ok
20:37:59.0515 2008 ql1280 - ok
20:37:59.0546 2008 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:37:59.0562 2008 RasAcd ( UnsignedFile.Multi.Generic ) - warning
20:37:59.0562 2008 RasAcd - detected UnsignedFile.Multi.Generic (1)
20:37:59.0593 2008 RasAuto (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
20:37:59.0640 2008 RasAuto ( UnsignedFile.Multi.Generic ) - warning
20:37:59.0640 2008 RasAuto - detected UnsignedFile.Multi.Generic (1)
20:37:59.0656 2008 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:37:59.0671 2008 Rasl2tp ( UnsignedFile.Multi.Generic ) - warning
20:37:59.0671 2008 Rasl2tp - detected UnsignedFile.Multi.Generic (1)
20:37:59.0734 2008 RasMan (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
20:37:59.0750 2008 RasMan ( UnsignedFile.Multi.Generic ) - warning
20:37:59.0750 2008 RasMan - detected UnsignedFile.Multi.Generic (1)
20:37:59.0750 2008 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:37:59.0765 2008 RasPppoe ( UnsignedFile.Multi.Generic ) - warning
20:37:59.0765 2008 RasPppoe - detected UnsignedFile.Multi.Generic (1)
20:37:59.0781 2008 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:37:59.0796 2008 Raspti ( UnsignedFile.Multi.Generic ) - warning
20:37:59.0796 2008 Raspti - detected UnsignedFile.Multi.Generic (1)
20:37:59.0828 2008 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:37:59.0859 2008 Rdbss ( UnsignedFile.Multi.Generic ) - warning
20:37:59.0859 2008 Rdbss - detected UnsignedFile.Multi.Generic (1)
20:37:59.0875 2008 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:37:59.0890 2008 RDPCDD ( UnsignedFile.Multi.Generic ) - warning
20:37:59.0890 2008 RDPCDD - detected UnsignedFile.Multi.Generic (1)
20:37:59.0921 2008 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
20:37:59.0937 2008 RDPWD ( UnsignedFile.Multi.Generic ) - warning
20:37:59.0937 2008 RDPWD - detected UnsignedFile.Multi.Generic (1)
20:37:59.0968 2008 RDSessMgr (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
20:38:00.0000 2008 RDSessMgr ( UnsignedFile.Multi.Generic ) - warning
20:38:00.0000 2008 RDSessMgr - detected UnsignedFile.Multi.Generic (1)
20:38:00.0031 2008 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:38:00.0062 2008 redbook ( UnsignedFile.Multi.Generic ) - warning
20:38:00.0062 2008 redbook - detected UnsignedFile.Multi.Generic (1)
20:38:00.0093 2008 RemoteAccess (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
20:38:00.0109 2008 RemoteAccess ( UnsignedFile.Multi.Generic ) - warning
20:38:00.0109 2008 RemoteAccess - detected UnsignedFile.Multi.Generic (1)
20:38:00.0140 2008 rimmptsk (7a6648b61661b1421ffab762e391e33f) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
20:38:00.0187 2008 rimmptsk ( UnsignedFile.Multi.Generic ) - warning
20:38:00.0187 2008 rimmptsk - detected UnsignedFile.Multi.Generic (1)
20:38:00.0203 2008 rimsptsk (8f7012d1b6a71ee9c23ce93dcdbf9f4b) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
20:38:00.0218 2008 rimsptsk ( UnsignedFile.Multi.Generic ) - warning
20:38:00.0218 2008 rimsptsk - detected UnsignedFile.Multi.Generic (1)
20:38:00.0265 2008 rismxdp (3ac17802740c3a4764dc9750e92e6233) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
20:38:00.0296 2008 rismxdp ( UnsignedFile.Multi.Generic ) - warning
20:38:00.0296 2008 rismxdp - detected UnsignedFile.Multi.Generic (1)
20:38:00.0328 2008 RpcLocator (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
20:38:00.0359 2008 RpcLocator ( UnsignedFile.Multi.Generic ) - warning
20:38:00.0359 2008 RpcLocator - detected UnsignedFile.Multi.Generic (1)
20:38:00.0406 2008 RpcSs (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\System32\rpcss.dll
20:38:00.0437 2008 RpcSs ( UnsignedFile.Multi.Generic ) - warning
20:38:00.0437 2008 RpcSs - detected UnsignedFile.Multi.Generic (1)
20:38:00.0468 2008 RSVP (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
20:38:00.0500 2008 RSVP ( UnsignedFile.Multi.Generic ) - warning
20:38:00.0500 2008 RSVP - detected UnsignedFile.Multi.Generic (1)
20:38:00.0546 2008 RTL8023xp (7988bfe882bcd94199225b5c3482f1bd) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
20:38:00.0578 2008 RTL8023xp ( UnsignedFile.Multi.Generic ) - warning
20:38:00.0578 2008 RTL8023xp - detected UnsignedFile.Multi.Generic (1)
20:38:00.0609 2008 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
20:38:00.0656 2008 rtl8139 ( UnsignedFile.Multi.Generic ) - warning
20:38:00.0656 2008 rtl8139 - detected UnsignedFile.Multi.Generic (1)
20:38:00.0703 2008 SamSs (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:38:00.0718 2008 SamSs ( UnsignedFile.Multi.Generic ) - warning
20:38:00.0718 2008 SamSs - detected UnsignedFile.Multi.Generic (1)
20:38:00.0765 2008 SCardSvr (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
20:38:00.0796 2008 SCardSvr ( UnsignedFile.Multi.Generic ) - warning
20:38:00.0796 2008 SCardSvr - detected UnsignedFile.Multi.Generic (1)
20:38:00.0859 2008 Schedule (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
20:38:00.0875 2008 Schedule ( UnsignedFile.Multi.Generic ) - warning
20:38:00.0875 2008 Schedule - detected UnsignedFile.Multi.Generic (1)
20:38:00.0921 2008 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
20:38:00.0953 2008 sdbus ( UnsignedFile.Multi.Generic ) - warning
20:38:00.0953 2008 sdbus - detected UnsignedFile.Multi.Generic (1)
20:38:00.0984 2008 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:38:01.0000 2008 Secdrv ( UnsignedFile.Multi.Generic ) - warning
20:38:01.0000 2008 Secdrv - detected UnsignedFile.Multi.Generic (1)
20:38:01.0031 2008 seclogon (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
20:38:01.0046 2008 seclogon ( UnsignedFile.Multi.Generic ) - warning
20:38:01.0046 2008 seclogon - detected UnsignedFile.Multi.Generic (1)
20:38:01.0078 2008 SENS (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
20:38:01.0109 2008 SENS ( UnsignedFile.Multi.Generic ) - warning
20:38:01.0109 2008 SENS - detected UnsignedFile.Multi.Generic (1)
20:38:01.0140 2008 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\drivers\Serial.sys
20:38:01.0171 2008 Serial ( UnsignedFile.Multi.Generic ) - warning
20:38:01.0171 2008 Serial - detected UnsignedFile.Multi.Generic (1)
20:38:01.0203 2008 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
20:38:01.0234 2008 sffdisk ( UnsignedFile.Multi.Generic ) - warning
20:38:01.0234 2008 sffdisk - detected UnsignedFile.Multi.Generic (1)
20:38:01.0250 2008 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
20:38:01.0265 2008 sffp_sd ( UnsignedFile.Multi.Generic ) - warning
20:38:01.0265 2008 sffp_sd - detected UnsignedFile.Multi.Generic (1)
20:38:01.0281 2008 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
20:38:01.0296 2008 Sfloppy ( UnsignedFile.Multi.Generic ) - warning
20:38:01.0296 2008 Sfloppy - detected UnsignedFile.Multi.Generic (1)
20:38:01.0359 2008 SharedAccess (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
20:38:01.0390 2008 SharedAccess ( UnsignedFile.Multi.Generic ) - warning
20:38:01.0390 2008 SharedAccess - detected UnsignedFile.Multi.Generic (1)
20:38:01.0437 2008 ShellHWDetection (40602ebfbe06aa075c8e4560743f6883) C:\WINDOWS\System32\shsvcs.dll
20:38:01.0453 2008 ShellHWDetection ( UnsignedFile.Multi.Generic ) - warning
20:38:01.0453 2008 ShellHWDetection - detected UnsignedFile.Multi.Generic (1)
20:38:01.0468 2008 Simbad - ok
20:38:01.0500 2008 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
20:38:01.0515 2008 SLIP ( UnsignedFile.Multi.Generic ) - warning
20:38:01.0515 2008 SLIP - detected UnsignedFile.Multi.Generic (1)
20:38:02.0625 2008 SNPSTD3 (7bad0c53b3268226188f52702277a289) C:\WINDOWS\system32\DRIVERS\snpstd3.sys
20:38:04.0562 2008 SNPSTD3 ( UnsignedFile.Multi.Generic ) - warning
20:38:04.0562 2008 SNPSTD3 - detected UnsignedFile.Multi.Generic (1)
20:38:04.0703 2008 Sparrow - ok
20:38:04.0750 2008 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
20:38:04.0765 2008 splitter ( UnsignedFile.Multi.Generic ) - warning
20:38:04.0765 2008 splitter - detected UnsignedFile.Multi.Generic (1)
20:38:04.0812 2008 Spooler (39356a9cdb6753a6d13a4072a9f5a4bb) C:\WINDOWS\system32\spoolsv.exe
20:38:04.0828 2008 Spooler ( UnsignedFile.Multi.Generic ) - warning
20:38:04.0828 2008 Spooler - detected UnsignedFile.Multi.Generic (1)
20:38:04.0890 2008 sptd (d15da1ba189770d93eea2d7e18f95af9) C:\WINDOWS\system32\Drivers\sptd.sys
20:38:04.0890 2008 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: d15da1ba189770d93eea2d7e18f95af9
20:38:04.0906 2008 sptd ( LockedFile.Multi.Generic ) - warning
20:38:04.0906 2008 sptd - detected LockedFile.Multi.Generic (1)
20:38:05.0078 2008 SQLBrowser (b2ec3e1deac5f0a764bd3486d213a0af) c:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe
20:38:05.0109 2008 SQLBrowser - ok
20:38:05.0140 2008 SQLWriter (d2f4f32b59440011174b4f8137af4e0c) c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
20:38:05.0156 2008 SQLWriter - ok
20:38:05.0187 2008 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
20:38:05.0234 2008 sr ( UnsignedFile.Multi.Generic ) - warning
20:38:05.0234 2008 sr - detected UnsignedFile.Multi.Generic (1)
20:38:05.0265 2008 srservice (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
20:38:05.0281 2008 srservice ( UnsignedFile.Multi.Generic ) - warning
20:38:05.0281 2008 srservice - detected UnsignedFile.Multi.Generic (1)
20:38:05.0359 2008 Srv (3bb03f2ba89d2be417206c373d2af17c) C:\WINDOWS\system32\DRIVERS\srv.sys
20:38:05.0406 2008 Srv ( UnsignedFile.Multi.Generic ) - warning
20:38:05.0406 2008 Srv - detected UnsignedFile.Multi.Generic (1)
20:38:05.0468 2008 SSB2413 (50f32945c148d5a866c1f55bd89097e5) C:\WINDOWS\system32\DRIVERS\SSB2413.sys
20:38:05.0515 2008 SSB2413 ( UnsignedFile.Multi.Generic ) - warning
20:38:05.0515 2008 SSB2413 - detected UnsignedFile.Multi.Generic (1)
20:38:05.0546 2008 SSDPSRV (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
20:38:05.0578 2008 SSDPSRV ( UnsignedFile.Multi.Generic ) - warning
20:38:05.0578 2008 SSDPSRV - detected UnsignedFile.Multi.Generic (1)
20:38:05.0609 2008 ssmdrv (5ec550b8952882ee856b862cf648522d) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
20:38:05.0640 2008 ssmdrv - ok
20:38:05.0687 2008 stisvc (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
20:38:05.0718 2008 stisvc ( UnsignedFile.Multi.Generic ) - warning
20:38:05.0718 2008 stisvc - detected UnsignedFile.Multi.Generic (1)
20:38:05.0781 2008 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
20:38:05.0828 2008 streamip ( UnsignedFile.Multi.Generic ) - warning
20:38:05.0828 2008 streamip - detected UnsignedFile.Multi.Generic (1)
20:38:05.0875 2008 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:38:05.0890 2008 swenum ( UnsignedFile.Multi.Generic ) - warning
20:38:05.0890 2008 swenum - detected UnsignedFile.Multi.Generic (1)
20:38:05.0921 2008 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
20:38:05.0953 2008 swmidi ( UnsignedFile.Multi.Generic ) - warning
20:38:05.0953 2008 swmidi - detected UnsignedFile.Multi.Generic (1)
20:38:05.0968 2008 SwPrv - ok
20:38:05.0984 2008 symc810 - ok
20:38:06.0000 2008 symc8xx - ok
20:38:06.0000 2008 sym_hi - ok
20:38:06.0015 2008 sym_u3 - ok
20:38:06.0078 2008 SynTP (91ce9afbbd011ff6b0ae15ee3a62edcc) C:\WINDOWS\system32\DRIVERS\SynTP.sys
20:38:06.0093 2008 SynTP ( UnsignedFile.Multi.Generic ) - warning
20:38:06.0093 2008 SynTP - detected UnsignedFile.Multi.Generic (1)
20:38:06.0109 2008 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
20:38:06.0140 2008 sysaudio ( UnsignedFile.Multi.Generic ) - warning
20:38:06.0140 2008 sysaudio - detected UnsignedFile.Multi.Generic (1)
20:38:06.0171 2008 SysmonLog (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
20:38:06.0203 2008 SysmonLog ( UnsignedFile.Multi.Generic ) - warning
20:38:06.0203 2008 SysmonLog - detected UnsignedFile.Multi.Generic (1)
20:38:06.0234 2008 TapiSrv (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
20:38:06.0265 2008 TapiSrv ( UnsignedFile.Multi.Generic ) - warning
20:38:06.0265 2008 TapiSrv - detected UnsignedFile.Multi.Generic (1)
20:38:06.0328 2008 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:38:06.0390 2008 Tcpip ( UnsignedFile.Multi.Generic ) - warning
20:38:06.0390 2008 Tcpip - detected UnsignedFile.Multi.Generic (1)
20:38:06.0437 2008 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:38:06.0453 2008 TDPIPE ( UnsignedFile.Multi.Generic ) - warning
20:38:06.0453 2008 TDPIPE - detected UnsignedFile.Multi.Generic (1)
20:38:06.0468 2008 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
20:38:06.0484 2008 TDTCP ( UnsignedFile.Multi.Generic ) - warning
20:38:06.0484 2008 TDTCP - detected UnsignedFile.Multi.Generic (1)
20:38:06.0500 2008 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:38:06.0531 2008 TermDD ( UnsignedFile.Multi.Generic ) - warning
20:38:06.0531 2008 TermDD - detected UnsignedFile.Multi.Generic (1)
20:38:06.0562 2008 TermService (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
20:38:06.0593 2008 TermService ( UnsignedFile.Multi.Generic ) - warning
20:38:06.0593 2008 TermService - detected UnsignedFile.Multi.Generic (1)
20:38:06.0625 2008 Themes (40602ebfbe06aa075c8e4560743f6883) C:\WINDOWS\System32\shsvcs.dll
20:38:06.0656 2008 Themes ( UnsignedFile.Multi.Generic ) - warning
20:38:06.0656 2008 Themes - detected UnsignedFile.Multi.Generic (1)
20:38:06.0656 2008 TosIde - ok
20:38:06.0703 2008 TrkWks (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
20:38:06.0718 2008 TrkWks ( UnsignedFile.Multi.Generic ) - warning
20:38:06.0718 2008 TrkWks - detected UnsignedFile.Multi.Generic (1)
20:38:06.0734 2008 TVICPORT - ok
20:38:06.0750 2008 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
20:38:06.0796 2008 Udfs ( UnsignedFile.Multi.Generic ) - warning
20:38:06.0796 2008 Udfs - detected UnsignedFile.Multi.Generic (1)
20:38:06.0812 2008 ultra - ok
20:38:06.0859 2008 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
20:38:06.0921 2008 Update ( UnsignedFile.Multi.Generic ) - warning
20:38:06.0921 2008 Update - detected UnsignedFile.Multi.Generic (1)
20:38:06.0953 2008 upnphost (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
20:38:07.0000 2008 upnphost ( UnsignedFile.Multi.Generic ) - warning
20:38:07.0000 2008 upnphost - detected UnsignedFile.Multi.Generic (1)
20:38:07.0031 2008 UPS (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
20:38:07.0062 2008 UPS ( UnsignedFile.Multi.Generic ) - warning
20:38:07.0062 2008 UPS - detected UnsignedFile.Multi.Generic (1)
20:38:07.0093 2008 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
20:38:07.0125 2008 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
20:38:07.0125 2008 USBAAPL - detected UnsignedFile.Multi.Generic (1)
20:38:07.0156 2008 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
20:38:07.0187 2008 usbaudio ( UnsignedFile.Multi.Generic ) - warning
20:38:07.0187 2008 usbaudio - detected UnsignedFile.Multi.Generic (1)
20:38:07.0203 2008 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:38:07.0234 2008 usbccgp ( UnsignedFile.Multi.Generic ) - warning
20:38:07.0234 2008 usbccgp - detected UnsignedFile.Multi.Generic (1)
20:38:07.0265 2008 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:38:07.0296 2008 usbehci ( UnsignedFile.Multi.Generic ) - warning
20:38:07.0296 2008 usbehci - detected UnsignedFile.Multi.Generic (1)
20:38:07.0343 2008 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:38:07.0375 2008 usbhub ( UnsignedFile.Multi.Generic ) - warning
20:38:07.0375 2008 usbhub - detected UnsignedFile.Multi.Generic (1)
20:38:07.0390 2008 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
20:38:07.0406 2008 usbohci ( UnsignedFile.Multi.Generic ) - warning
20:38:07.0406 2008 usbohci - detected UnsignedFile.Multi.Generic (1)
20:38:07.0437 2008 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:38:07.0453 2008 usbprint ( UnsignedFile.Multi.Generic ) - warning
20:38:07.0453 2008 usbprint - detected UnsignedFile.Multi.Generic (1)
20:38:07.0500 2008 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:38:07.0515 2008 usbscan ( UnsignedFile.Multi.Generic ) - warning
20:38:07.0515 2008 usbscan - detected UnsignedFile.Multi.Generic (1)
20:38:07.0531 2008 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:38:07.0546 2008 USBSTOR ( UnsignedFile.Multi.Generic ) - warning
20:38:07.0546 2008 USBSTOR - detected UnsignedFile.Multi.Generic (1)
20:38:07.0593 2008 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
20:38:07.0609 2008 VgaSave ( UnsignedFile.Multi.Generic ) - warning
20:38:07.0609 2008 VgaSave - detected UnsignedFile.Multi.Generic (1)
20:38:07.0609 2008 ViaIde - ok
20:38:07.0640 2008 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
20:38:07.0656 2008 VolSnap ( UnsignedFile.Multi.Generic ) - warning
20:38:07.0656 2008 VolSnap - detected UnsignedFile.Multi.Generic (1)
20:38:07.0734 2008 vsdatant (050c38ebb22512122e54b47dc278bccd) C:\WINDOWS\system32\vsdatant.sys
20:38:07.0781 2008 vsdatant - ok
20:38:07.0859 2008 VSS (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
20:38:07.0906 2008 VSS ( UnsignedFile.Multi.Generic ) - warning
20:38:07.0906 2008 VSS - detected UnsignedFile.Multi.Generic (1)
20:38:07.0937 2008 W32Time (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
20:38:07.0953 2008 W32Time ( UnsignedFile.Multi.Generic ) - warning
20:38:07.0953 2008 W32Time - detected UnsignedFile.Multi.Generic (1)
20:38:07.0984 2008 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:38:08.0000 2008 Wanarp ( UnsignedFile.Multi.Generic ) - warning
20:38:08.0000 2008 Wanarp - detected UnsignedFile.Multi.Generic (1)
20:38:08.0000 2008 WDICA - ok
20:38:08.0062 2008 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
20:38:08.0078 2008 wdmaud ( UnsignedFile.Multi.Generic ) - warning
20:38:08.0078 2008 wdmaud - detected UnsignedFile.Multi.Generic (1)
20:38:08.0093 2008 WebClient (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
20:38:08.0109 2008 WebClient ( UnsignedFile.Multi.Generic ) - warning
20:38:08.0109 2008 WebClient - detected UnsignedFile.Multi.Generic (1)
20:38:08.0187 2008 winmgmt (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
20:38:08.0203 2008 winmgmt ( UnsignedFile.Multi.Generic ) - warning
20:38:08.0203 2008 winmgmt - detected UnsignedFile.Multi.Generic (1)
20:38:08.0265 2008 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
20:38:08.0296 2008 WmdmPmSN ( UnsignedFile.Multi.Generic ) - warning
20:38:08.0296 2008 WmdmPmSN - detected UnsignedFile.Multi.Generic (1)
20:38:08.0359 2008 WmiApSrv (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:38:08.0359 2008 WmiApSrv ( UnsignedFile.Multi.Generic ) - warning
20:38:08.0359 2008 WmiApSrv - detected UnsignedFile.Multi.Generic (1)
20:38:08.0484 2008 WMPNetworkSvc (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
20:38:08.0578 2008 WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - warning
20:38:08.0578 2008 WMPNetworkSvc - detected UnsignedFile.Multi.Generic (1)
20:38:08.0640 2008 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:38:08.0656 2008 WS2IFSL ( UnsignedFile.Multi.Generic ) - warning
20:38:08.0656 2008 WS2IFSL - detected UnsignedFile.Multi.Generic (1)
20:38:08.0718 2008 wscsvc (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
20:38:08.0734 2008 wscsvc ( UnsignedFile.Multi.Generic ) - warning
20:38:08.0734 2008 wscsvc - detected UnsignedFile.Multi.Generic (1)
20:38:08.0781 2008 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
20:38:08.0796 2008 WSTCODEC ( UnsignedFile.Multi.Generic ) - warning
20:38:08.0796 2008 WSTCODEC - detected UnsignedFile.Multi.Generic (1)
20:38:08.0843 2008 wuauserv (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
20:38:08.0890 2008 wuauserv ( UnsignedFile.Multi.Generic ) - warning
20:38:08.0890 2008 wuauserv - detected UnsignedFile.Multi.Generic (1)
20:38:08.0921 2008 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:38:08.0953 2008 WudfPf ( UnsignedFile.Multi.Generic ) - warning
20:38:08.0953 2008 WudfPf - detected UnsignedFile.Multi.Generic (1)
20:38:09.0015 2008 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:38:09.0046 2008 WudfRd ( UnsignedFile.Multi.Generic ) - warning
20:38:09.0046 2008 WudfRd - detected UnsignedFile.Multi.Generic (1)
20:38:09.0078 2008 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
20:38:09.0109 2008 WudfSvc ( UnsignedFile.Multi.Generic ) - warning
20:38:09.0109 2008 WudfSvc - detected UnsignedFile.Multi.Generic (1)
20:38:09.0171 2008 WZCSVC (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
20:38:09.0203 2008 WZCSVC ( UnsignedFile.Multi.Generic ) - warning
20:38:09.0203 2008 WZCSVC - detected UnsignedFile.Multi.Generic (1)
20:38:09.0234 2008 xmlprov (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
20:38:09.0281 2008 xmlprov ( UnsignedFile.Multi.Generic ) - warning
20:38:09.0281 2008 xmlprov - detected UnsignedFile.Multi.Generic (1)
20:38:09.0328 2008 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
20:38:09.0843 2008 \Device\Harddisk0\DR0 - ok
20:38:09.0843 2008 Boot (0x1200) (ae2cec40777138d05f532b3f1555f1c5) \Device\Harddisk0\DR0\Partition0
20:38:09.0859 2008 \Device\Harddisk0\DR0\Partition0 - ok
20:38:09.0859 2008 ============================================================
20:38:09.0859 2008 Scan finished
20:38:09.0859 2008 ============================================================
20:38:09.0968 3244 Detected object count: 230
20:38:09.0968 3244 Actual detected object count: 230
20:38:42.0031 3244 ACPI ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0031 3244 ACPI ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0031 3244 ACPIEC ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0031 3244 ACPIEC ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0031 3244 Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0031 3244 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0046 3244 aec ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0046 3244 aec ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0046 3244 AFD ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0046 3244 AFD ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0046 3244 Alerter ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0046 3244 Alerter ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0062 3244 ALG ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0062 3244 ALG ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0062 3244 AntiVirSchedulerService ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0062 3244 AntiVirSchedulerService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0062 3244 AntiVirService ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0062 3244 AntiVirService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0062 3244 AsyncMac ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0062 3244 AsyncMac ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0078 3244 aszgadrf ( LockedService.Multi.Generic ) - skipped by user
20:38:42.0078 3244 aszgadrf ( LockedService.Multi.Generic ) - User select action: Skip
20:38:42.0078 3244 atapi ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0078 3244 atapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0078 3244 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0078 3244 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0078 3244 ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0093 3244 ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0093 3244 ati2mtag ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0093 3244 ati2mtag ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0093 3244 Atmarpc ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0093 3244 Atmarpc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0093 3244 AudioSrv ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0093 3244 AudioSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0109 3244 audstub ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0109 3244 audstub ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0109 3244 Beep ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0109 3244 Beep ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0109 3244 BITS ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0109 3244 BITS ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0109 3244 Browser ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0109 3244 Browser ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0125 3244 cbidf2k ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0125 3244 cbidf2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0125 3244 CCDECODE ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0125 3244 CCDECODE ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0125 3244 Cdaudio ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0125 3244 Cdaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0140 3244 Cdfs ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0140 3244 Cdfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0140 3244 Cdrom ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0140 3244 Cdrom ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0140 3244 CiSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0140 3244 CiSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0140 3244 ClipSrv ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0140 3244 ClipSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0156 3244 CmBatt ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0156 3244 CmBatt ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0156 3244 Compbatt ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0156 3244 Compbatt ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0156 3244 CryptSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0156 3244 CryptSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0156 3244 DcomLaunch ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0156 3244 DcomLaunch ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0171 3244 Dhcp ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0171 3244 Dhcp ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0171 3244 Disk ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0171 3244 Disk ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0171 3244 dmboot ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0171 3244 dmboot ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0171 3244 dmio ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0171 3244 dmio ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0187 3244 dmload ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0187 3244 dmload ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0187 3244 dmserver ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0187 3244 dmserver ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0187 3244 DMusic ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0187 3244 DMusic ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0187 3244 Dnscache ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0187 3244 Dnscache ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0203 3244 DOSMEMIO ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0203 3244 DOSMEMIO ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0203 3244 Dot3svc ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0203 3244 Dot3svc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0203 3244 drmkaud ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0203 3244 drmkaud ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0203 3244 EapHost ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0203 3244 EapHost ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0218 3244 ERSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0218 3244 ERSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0218 3244 Eventlog ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0218 3244 Eventlog ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0218 3244 EventSystem ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0218 3244 EventSystem ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0218 3244 Fastfat ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0218 3244 Fastfat ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0234 3244 FastUserSwitchingCompatibility ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0234 3244 FastUserSwitchingCompatibility ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0234 3244 Fdc ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0234 3244 Fdc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0234 3244 Fips ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0234 3244 Fips ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0234 3244 Flpydisk ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0234 3244 Flpydisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0250 3244 FltMgr ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0250 3244 FltMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0250 3244 Fs_Rec ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0250 3244 Fs_Rec ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0250 3244 Ftdisk ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0250 3244 Ftdisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0250 3244 Gpc ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0250 3244 Gpc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0265 3244 HDAudBus ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0265 3244 HDAudBus ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0265 3244 helpsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0265 3244 helpsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0265 3244 HidServ ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0265 3244 HidServ ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0265 3244 hidusb ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0265 3244 hidusb ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0281 3244 hkmsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0281 3244 hkmsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0281 3244 HTTP ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0281 3244 HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0281 3244 HTTPFilter ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0281 3244 HTTPFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0281 3244 i8042prt ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0281 3244 i8042prt ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0296 3244 Imapi ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0296 3244 Imapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0296 3244 ImapiService ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0296 3244 ImapiService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0296 3244 IntcAzAudAddService ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0296 3244 IntcAzAudAddService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0296 3244 intelppm ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0296 3244 intelppm ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0312 3244 Ip6Fw ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0312 3244 Ip6Fw ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0312 3244 IpFilterDriver ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0312 3244 IpFilterDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0312 3244 IpInIp ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0312 3244 IpInIp ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0312 3244 IpNat ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0312 3244 IpNat ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0328 3244 IPSec ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0328 3244 IPSec ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0328 3244 IRENUM ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0328 3244 IRENUM ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0328 3244 isapnp ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0328 3244 isapnp ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0328 3244 Kbdclass ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0328 3244 Kbdclass ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0343 3244 kbdhid ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0343 3244 kbdhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0343 3244 kmixer ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0343 3244 kmixer ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0343 3244 KSecDD ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0343 3244 KSecDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0343 3244 lanmanserver ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0343 3244 lanmanserver ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0359 3244 lanmanworkstation ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0359 3244 lanmanworkstation ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0359 3244 LmHosts ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0359 3244 LmHosts ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0359 3244 Messenger ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0359 3244 Messenger ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0359 3244 mnmdd ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0359 3244 mnmdd ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0375 3244 mnmsrvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0375 3244 mnmsrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0375 3244 mod7700 ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0375 3244 mod7700 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0375 3244 Modem ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0375 3244 Modem ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0375 3244 MODRC ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0375 3244 MODRC ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0390 3244 Mouclass ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0390 3244 Mouclass ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0390 3244 mouhid ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0390 3244 mouhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0390 3244 MountMgr ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0390 3244 MountMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0390 3244 MPE ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0390 3244 MPE ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0406 3244 MRxDAV ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0406 3244 MRxDAV ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0406 3244 MRxSmb ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0406 3244 MRxSmb ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0406 3244 MSDTC ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0406 3244 MSDTC ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0406 3244 Msfs ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0406 3244 Msfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0421 3244 MSKSSRV ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0421 3244 MSKSSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0421 3244 MSPCLOCK ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0421 3244 MSPCLOCK ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0421 3244 MSPQM ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0421 3244 MSPQM ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0421 3244 mssmbios ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0421 3244 mssmbios ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0437 3244 MSTEE ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0437 3244 MSTEE ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0437 3244 Mup ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0437 3244 Mup ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0437 3244 MXOPSWD ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0437 3244 MXOPSWD ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0437 3244 NABTSFEC ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0437 3244 NABTSFEC ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0453 3244 napagent ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0453 3244 napagent ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0453 3244 NDIS ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0453 3244 NDIS ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0453 3244 NdisIP ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0453 3244 NdisIP ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0453 3244 NdisTapi ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0453 3244 NdisTapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0468 3244 Ndisuio ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0468 3244 Ndisuio ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0468 3244 NdisWan ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0468 3244 NdisWan ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0468 3244 NDProxy ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0468 3244 NDProxy ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0468 3244 NetBIOS ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0468 3244 NetBIOS ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0484 3244 NetBT ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0484 3244 NetBT ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0484 3244 NetDDE ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0484 3244 NetDDE ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0484 3244 NetDDEdsdm ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0484 3244 NetDDEdsdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0484 3244 Netlogon ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0484 3244 Netlogon ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0484 3244 Netman ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0500 3244 Netman ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0500 3244 Nla ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0500 3244 Nla ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0500 3244 Npfs ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0500 3244 Npfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0500 3244 npkcrypt ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0500 3244 npkcrypt ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0500 3244 Ntfs ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0500 3244 Ntfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0515 3244 NtLmSsp ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0515 3244 NtLmSsp ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0515 3244 NtmsSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0515 3244 NtmsSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0515 3244 Null ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0515 3244 Null ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0531 3244 NwlnkFlt ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0531 3244 NwlnkFlt ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0531 3244 NwlnkFwd ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0531 3244 NwlnkFwd ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0531 3244 oreans32 ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0531 3244 oreans32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0531 3244 Parport ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0531 3244 Parport ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0546 3244 PartMgr ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0546 3244 PartMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0546 3244 ParVdm ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0546 3244 ParVdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0546 3244 PCI ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0546 3244 PCI ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0546 3244 PCIIde ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0546 3244 PCIIde ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0562 3244 Pcmcia ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0562 3244 Pcmcia ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0562 3244 PlugPlay ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0562 3244 PlugPlay ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0562 3244 PolicyAgent ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0562 3244 PolicyAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0562 3244 PptpMiniport ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0562 3244 PptpMiniport ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0578 3244 ProtectedStorage ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0578 3244 ProtectedStorage ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0578 3244 PSched ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0578 3244 PSched ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0578 3244 Ptilink ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0578 3244 Ptilink ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0578 3244 RasAcd ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0578 3244 RasAcd ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0593 3244 RasAuto ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0593 3244 RasAuto ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0593 3244 Rasl2tp ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0593 3244 Rasl2tp ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0593 3244 RasMan ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0593 3244 RasMan ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0593 3244 RasPppoe ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0593 3244 RasPppoe ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0609 3244 Raspti ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0609 3244 Raspti ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0609 3244 Rdbss ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0609 3244 Rdbss ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0609 3244 RDPCDD ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0609 3244 RDPCDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0609 3244 RDPWD ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0609 3244 RDPWD ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0625 3244 RDSessMgr ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0625 3244 RDSessMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0625 3244 redbook ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0625 3244 redbook ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0625 3244 RemoteAccess ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0625 3244 RemoteAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0625 3244 rimmptsk ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0625 3244 rimmptsk ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0640 3244 rimsptsk ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0640 3244 rimsptsk ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0640 3244 rismxdp ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0640 3244 rismxdp ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0640 3244 RpcLocator ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0640 3244 RpcLocator ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0640 3244 RpcSs ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0656 3244 RpcSs ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0656 3244 RSVP ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0656 3244 RSVP ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0656 3244 RTL8023xp ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0656 3244 RTL8023xp ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0656 3244 rtl8139 ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0656 3244 rtl8139 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0656 3244 SamSs ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0656 3244 SamSs ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0671 3244 SCardSvr ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0671 3244 SCardSvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0671 3244 Schedule ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0671 3244 Schedule ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0671 3244 sdbus ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0671 3244 sdbus ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0671 3244 Secdrv ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0671 3244 Secdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0687 3244 seclogon ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0687 3244 seclogon ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0687 3244 SENS ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0687 3244 SENS ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0687 3244 Serial ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0687 3244 Serial ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0687 3244 sffdisk ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0687 3244 sffdisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0703 3244 sffp_sd ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0703 3244 sffp_sd ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0703 3244 Sfloppy ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0703 3244 Sfloppy ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0703 3244 SharedAccess ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0703 3244 SharedAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0703 3244 ShellHWDetection ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0703 3244 ShellHWDetection ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0718 3244 SLIP ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0718 3244 SLIP ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0718 3244 SNPSTD3 ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0718 3244 SNPSTD3 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0718 3244 splitter ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0718 3244 splitter ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0718 3244 Spooler ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0718 3244 Spooler ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0734 3244 sptd ( LockedFile.Multi.Generic ) - skipped by user
20:38:42.0734 3244 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
20:38:42.0734 3244 sr ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0734 3244 sr ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0734 3244 srservice ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0734 3244 srservice ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0734 3244 Srv ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0734 3244 Srv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0750 3244 SSB2413 ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0750 3244 SSB2413 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0750 3244 SSDPSRV ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0750 3244 SSDPSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0750 3244 stisvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0750 3244 stisvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0750 3244 streamip ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0750 3244 streamip ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0765 3244 swenum ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0765 3244 swenum ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0765 3244 swmidi ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0765 3244 swmidi ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0765 3244 SynTP ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0765 3244 SynTP ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0765 3244 sysaudio ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0765 3244 sysaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0781 3244 SysmonLog ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0781 3244 SysmonLog ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0781 3244 TapiSrv ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0781 3244 TapiSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0781 3244 Tcpip ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0781 3244 Tcpip ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0781 3244 TDPIPE ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0781 3244 TDPIPE ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0796 3244 TDTCP ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0796 3244 TDTCP ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0796 3244 TermDD ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0796 3244 TermDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0796 3244 TermService ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0796 3244 TermService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0796 3244 Themes ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0796 3244 Themes ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0812 3244 TrkWks ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0812 3244 TrkWks ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0812 3244 Udfs ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0812 3244 Udfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0812 3244 Update ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0812 3244 Update ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0812 3244 upnphost ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0812 3244 upnphost ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0828 3244 UPS ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0828 3244 UPS ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0828 3244 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0828 3244 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0828 3244 usbaudio ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0828 3244 usbaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0828 3244 usbccgp ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0828 3244 usbccgp ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0843 3244 usbehci ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0843 3244 usbehci ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0843 3244 usbhub ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0843 3244 usbhub ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0843 3244 usbohci ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0843 3244 usbohci ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0843 3244 usbprint ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0843 3244 usbprint ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0859 3244 usbscan ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0859 3244 usbscan ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0859 3244 USBSTOR ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0859 3244 USBSTOR ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0859 3244 VgaSave ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0859 3244 VgaSave ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0859 3244 VolSnap ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0859 3244 VolSnap ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0875 3244 VSS ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0875 3244 VSS ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0875 3244 W32Time ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0875 3244 W32Time ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0875 3244 Wanarp ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0875 3244 Wanarp ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0875 3244 wdmaud ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0875 3244 wdmaud ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0890 3244 WebClient ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0890 3244 WebClient ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0890 3244 winmgmt ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0890 3244 winmgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0890 3244 WmdmPmSN ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0890 3244 WmdmPmSN ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0890 3244 WmiApSrv ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0890 3244 WmiApSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0906 3244 WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0906 3244 WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0906 3244 WS2IFSL ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0906 3244 WS2IFSL ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0906 3244 wscsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0906 3244 wscsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0906 3244 WSTCODEC ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0906 3244 WSTCODEC ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0921 3244 wuauserv ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0921 3244 wuauserv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0921 3244 WudfPf ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0921 3244 WudfPf ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0921 3244 WudfRd ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0921 3244 WudfRd ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0921 3244 WudfSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0921 3244 WudfSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0937 3244 WZCSVC ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0937 3244 WZCSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:38:42.0937 3244 xmlprov ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:42.0937 3244 xmlprov ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
04.07.2012, 11:14
| #10 |
| /// Malware-holic | Security Shield - komplett entfernt? noch probleme festzustellen? - internet explorer 8, auch wenn du nen andern browser nutzt, muss er aktuell sein. Download: Windows Internet Explorer 8 für Windows XP - Microsoft Download Center - Download Details - automatische updates so konfigurieren, das sie automatisch geladen/instaliert werden: Konfigurieren und Verwenden des Features "Automatische Updates" in Windows
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
04.07.2012, 16:07
| #11 |
| | Security Shield - komplett entfernt? Nein, keine Probleme festzustellen. Heißt das mein Rechner ist sauber?  Vielen Dank für Deine Hilfe!! |
|
04.07.2012, 19:34
| #12 |
| /// Malware-holic | Security Shield - komplett entfernt? hast du den ie geupdatet? lade den CCleaner standard: CCleaner Download - CCleaner 3.20.1750 falls der CCleaner bereits instaliert, überspringen. instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
08.07.2012, 13:18
| #13 |
| | Security Shield - komplett entfernt? Aaalso..benutze Mozilla Firefox, habe auch jetzt öfter aktualisiert aber irgendwie sagt der Browser mir beim Öffnen jedes mal mein Browser wäre nicht aktuell, beim nächsten mal dann wieder er wäre aktuell ohne dass ich was gemacht habe, etc... Desweiteren hatte ichs jetzt schon 2x dass mein Laptop zugeklappt ein Piepgeräusch gemacht hat wie wenn ein Virus gefunden wurde, als ich dann aber aufgeklappt hab wurde nichts angezeigt und auch Avira hat sich nicht gemeldet... Hier die Liste (dazu muss ich aber sagen dass der LAptop bis vor kurzem noch von meinem Bruder genutzt wurde und viele Programme die ich als unbekannt einstufe wahrscheinlich irgendwie von ihm stammen. Außerdem finde ich es schwer einzuordnen was benötigt ist und was nicht weil ich teilweise nicht genau weiß was was ist...) Code:
ATTFilter 2.0 UndergroundRO 05.04.2009 unbekannt Adobe After Effects 7.0 Adobe Systems, Inc. 20.02.2009 7.0.0.244 benötigt Adobe AIR Adobe Systems Inc. 03.08.2009 1.1.0.5790 benötigt? Adobe Download Manager NOS Microsystems Ltd. 11.10.2009 1.6.2.48 benötigt? Adobe Dreamweaver CS4 Adobe Systems Incorporated 20.04.2009 10.0 benötigt? Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 27.12.2008 10.0.12.36 benötigt? Adobe Flash Player 10 Plugin Adobe Systems Incorporated 27.12.2008 10.3.183.20 benötigt Adobe Media Player Adobe Systems Incorporated 03.03.2009 1.1 benötigt Adobe Reader 9 - Deutsch Adobe Systems Incorporated 07.01.2009 234 MB 9.0.0 benötigt Adobe Shockwave Player 11.5 Adobe Systems, Inc. 26.04.2009 11.5.1.601 benötigt AGEIA PhysX v7.11.13 AGEIA Technologies, Inc. 19.09.2009 101,3 MB 7.11.13 unbekannt Apple Application Support Apple Inc. 23.06.2011 52,7 MB 1.5.2 unbenötigt (schätze ich) Apple Mobile Device Support Apple Inc. 23.06.2011 22,1 MB 3.4.1.2 unbenötigt Apple Software Update Apple Inc. 23.06.2011 2,25 MB 2.1.3.127 unbenötigt Atheros WLAN Client 27.12.2008 1.24.000 unbekannt ATI Display Driver (Omega 3.8.442) 05.07.2012 8.442-071204a1-055811C-ATI-OMEGA unbekannt Audacity 1.2.6 01.03.2009 unbekannt Audiosurf Demo BestGameEver 08.07.2012 unbekannt Avira AntiVir Personal - Free Antivirus Avira GmbH 30.06.2012 benötigt AVM FRITZ!Box Dokumentation AVM Berlin 05.07.2012 benötigt AVM FRITZ!Box Druckeranschluss AVM Berlin 22.07.2009 benötigt Battlefield 1942 18.10.2009 unbenötigt bcTester 4.8 (de) QS QualitySoft GmbH 11.10.2009 18,2 MB 1.0.0 unbekannt Black and White unbekannt BlueJ 3.0.2 La Trobe University 03.10.2010 unbekannt Bonjour Apple Inc. 23.06.2011 1,14 MB 2.0.5.0 unbenötigt? Carambis Driver Updater Media Fog Ltd. 20.05.2010 5,46 MB 1.2.0.2077 unbekannt CCleaner Piriform 23.05.2012 3.19 benötigt Cheat Engine 5.6.1 Dark Byte 04.09.2010 unbekannt Cycore FX 1.0.1 for After Effects 08.07.2012 unbekannt DisplayManager Samsung 28.12.2008 2.0.2.0 unbekannt DivX Converter DivX, Inc. 29.12.2008 6.6.1 benötigt DivX-Setup DivX, Inc. 07.08.2010 1.0.2.23 benötigt Empire Earth II Sierra 22.10.2009 1.20 unbenötigt FileZilla Client 3.2.4.1 03.08.2009 3.2.4.1 unbekannt Finale NotePad 2008 MakeMusic 08.07.2012 13.0.0.0 unbekannt FL Studio 6 Image-Line bvba 05.07.2012 unbenötigt Free Audio CD Burner version 1.4 DVDVideoSoft Limited. 30.10.2010 unbenötigt Free YouTube to MP3 Converter version 3.9 DVDVideoSoft Limited. 30.10.2010 unbenötigt Frets On Fire 05.07.2012 1.3.110-win32 unbekannt Half-Life Valve 08.07.2012 unbenötigt Half-Life: Blue Shift Gearbox 08.07.2012 unbenötigt HeadStrong WebClicker v2.56 Moritz Bartl (HeadStrong Software) 05.07.2012 2.56 unbekannt ImgBurn LIGHTNING UK! 13.08.2009 2.5.0.0 unbekannt iTunes Apple Inc. 23.06.2011 144,0 MB 10.3.1.55 unbenötigt J2SE Runtime Environment 5.0 Sun Microsystems, Inc. 27.12.2008 71,8 MB 1.5.0 benötigt Java(TM) 6 Update 20 Sun Microsystems, Inc. 06.05.2010 97,2 MB 6.0.200 benötigt Java(TM) 7 Update 5 Oracle 08.07.2012 99,3 MB 7.0.50 benötigt Java(TM) SE Development Kit 6 Update 14 Sun Microsystems, Inc. 19.08.2009 146,8 MB 1.6.0.140 benötigt Java(TM) SE Development Kit 6 Update 20 Sun Microsystems, Inc. 06.05.2010 150,9 MB 1.6.0.200 benötigt Java-Editor 9.15b, 2010.09.06 Gerhard Röhner 08.09.2010 benötigt JavaFX 2.1.1 Oracle Corporation 08.07.2012 20,9 MB 2.1.1 benötigt JavaFX(TM) 1.2 SDK Sun Microsystems, Inc. 19.08.2009 109,0 MB 1.2.0 benötigt JCreator LE 5.00 Xinox Software 06.05.2010 unbekannt K-Lite Codec Pack 4.7.5 (Full) 08.04.2009 4.7.5 unbekannt Keylight 1.1v1 for After Effects 7.0 The Foundry 08.07.2012 unbekannt LogMeIn Hamachi LogMeIn, Inc. 28.06.2012 2.1.0.210 unbenötigt Magic Keyboard 28.12.2008 6.7.22.23 unbekannt Malwarebytes Anti-Malware Version 1.61.0.1400 Malwarebytes Corporation 30.06.2012 1.61.0.1400 benötigt Maxtor Manager Seagate Technology 27.12.2008 4.02.0303 unbekannt McAfee Security Scan Plus McAfee, Inc. 08.07.2012 3.0.207.4 benötigt Messenger Plus! Live Patchou 11.02.2009 4.80 (build 356) unnötig MessengerDiscovery 1.5.0800 Matt Holwood 08.03.2009 2.0.0959 unbenötigt Microsoft .NET Framework 2.0 Service Pack 2 Microsoft Corporation 05.07.2012 1.124 MB 2.2.30729 benötigt Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU benötigt Microsoft Corporation 01.06.2009 6,30 MB 2.2.30729 benötigt Microsoft .NET Framework 3.0 Service Pack 2 Microsoft Corporation 05.07.2012 305 MB 3.2.30729 benötigt Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU benötigt Microsoft Corporation 01.06.2009 37,5 MB 3.2.30729 benötigt Microsoft .NET Framework 3.5 Language Pack SP1 - DEU Microsoft Corporation 05.07.2012 benötigt Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 05.07.2012 benötigt Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Corporation 27.12.2008 1 benötigt Microsoft SQL Server 2005 Microsoft Corporation 03.06.2009 benötigt Microsoft SQL Server 2008 Management Objects Microsoft Corporation 01.06.2009 11,5 MB 10.0.1600.22 benötigt Microsoft SQL Server Compact 3.5 SP1 (Deutsch) Microsoft Corporation 01.06.2009 2,87 MB 3.5.5692.0 benötigt Microsoft SQL Server Compact 3.5 SP1 Design Tools (Deutsch) Microsoft Corporation 01.06.2009 9,10 MB 3.5.5692.0 benötigt Microsoft SQL Server Native Client Microsoft Corporation 05.07.2012 4,24 MB 9.00.5000.00 benötigt Microsoft SQL Server VSS Writer Microsoft Corporation 05.07.2012 0,68 MB 9.00.5000.00 benötigt Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Corporation 27.12.2008 benötigt Microsoft Visual Basic 6.0 Professional Edition (Deutsch) unnötig 05.07.2012 Microsoft Visual C# 2008 Express Edition mit SP1 - DEU Microsoft Corporation 01.06.2009 unnötig Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 05.07.2012 5,28 MB 8.0.61001 unnötig Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 01.06.2009 10,3 MB 9.0.30729 unnötig Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 19.03.2009 16,9 MB 9.0.30729 unnötig Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 05.07.2012 10,2 MB 9.0.30729.6161 unnötig Microsoft Web Publishing Wizard 1.53 benötigt Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - deu Microsoft Corporation 01.06.2009 5,74 MB 3.5.30729 Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 Microsoft Corporation 01.06.2009 2,61 MB 6.1.5295.17011 Mozilla Firefox (3.6.15) Mozilla 27.12.2008 3.6.15 (de) Mozilla Firefox 13.0.1 (x86 de) Mozilla 28.06.2012 13.0.1 MSXML 4.0 SP2 (KB954430) Microsoft Corporation 29.12.2008 2,67 MB 4.20.9870.0 unbekannt aber steht ja Microsoft dran MSXML 4.0 SP2 (KB973688) Microsoft Corporation 05.07.2012 2,77 MB 4.20.9876.0 unbekannt, aber steht ja Microsoft dran MSXML 6.0 Parser Microsoft Corporation 03.06.2009 1,36 MB 6.10.1129.0 Nero 8 Nero AG 28.12.2008 524 MB 8.10.89 OpenAL 19.09.2009 unbekannt OpenOffice.org 3.0 OpenOffice.org 28.12.2008 334 MB 3.0.9358 benötigt Opposing Force Gearbox 08.07.2012 unbekannt Proxifier version 2.8 Initex Software 06.04.2009 2.8 unbekannt QuickTime Apple Inc. 23.06.2011 73,7 MB 7.69.80.9 benötigt? Realtek High Definition Audio Driver benötigt Skype™ 4.0 Skype Technologies S.A. 14.02.2009 32,0 MB 4.0.206 Slim310NB 5.16.1.300 benötigt SopCast 3.0.3 SopCast.com 13.06.2009 3.0.3 unbekannt SQL Server System CLR Types Microsoft Corporation 01.06.2009 0,81 MB 10.0.1600.22 Startup Booster v2.4 Smart PC Solutions 08.07.2012 2.4 unbekannt SUPER © Version 2009.bld.35 (Jan 5, 2009) eRightSoft 02.03.2009 Version 2009.bld.35 (Jan 5, 2009) unnötig Sven Co-op 4.0B 08.07.2012 unbekannt Synaptics Pointing Device Driver Synaptics 28.12.2008 8.2.5.1 unbekannt Teachmaster 4.3 (nur Entfernen) 05.07.2012 unbekannt Team Fortress Classic Valve 08.07.2012 unbekannt TeamViewer 4 TeamViewer GmbH 12.05.2009 unnötig TeamViewer 5 TeamViewer GmbH 12.09.2010 5.0 9104 unnötig TerraTec Home Cinema 30.12.2008 5.12 TmNationsForever Nadeo 18.10.2009 unnötig TmUnitedForever Nadeo 19.10.2009 unnötig TVAnts 1.0 08.07.2012 unbekannt Uninstall 1.0.0.1 30.10.2010 unbekannt Unreal Tournament 3 Epic Games 20.07.2009 unnötig Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) Microsoft Corporation 05.07.2012 32,1 MB 9.00.5000.00 UseNeXT Aviteo Ltd 19.06.2009 unbekannt VLC media player 0.9.8a VideoLAN Team 30.12.2008 0.9.8a unnötig VoipStunt Finarea S.A. Switzerland 23.02.2009 4.02 build 533 unnötig Windows Internet Explorer 8 Microsoft Corporation 05.07.2012 20090308.140743 unnötig Windows Live Anmelde-Assistent Microsoft Corporation 23.02.2009 1,93 MB 5.000.818.5 unnötig Windows Live Essentials Microsoft Corporation 06.12.2009 14.0.8089.0726 unnötig Windows Live-Uploadtool Microsoft Corporation 27.12.2008 0,22 MB 14.0.8014.1029 Windows Media Format 11 runtime 27.12.2008 Windows Media Player 11 27.12.2008 benötigt Windows XP Service Pack 3 Microsoft Corporation 27.12.2008 20080414.031514 WinRAR 20.02.2009 |
|
09.07.2012, 17:11
| #14 |
| /// Malware-holic | Security Shield - komplett entfernt? hmm, wenn das gerät noch immer probleme macht, sollten wir es einfach mal neu machen. der pc muss neu aufgesetzt und dann abgesichert werden 1. Datenrettung:
ich werde außerdem noch weitere punkte dazu posten. 4. alle Passwörter ändern! 5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen. 6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu Security Shield - komplett entfernt? |
| .com, adobe, detected, einstellungen, entfernt?, explorer, explorer.exe, file, firefox, format, ftp, home, logfile, malwarebytes, microsoft, mozilla, realtek, registry, security, security shield, software, system, system32, update, usb, virus |
Hybrid-Darstellung
