| |
| |||||||
Log-Analyse und Auswertung: BKA-Trojaner "GEMA / SUISA / GVU 2.03", Windows XPWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
05.08.2012, 09:10
| #16 |
| /// Helfer-Team  |  BKA-Trojaner "GEMA / SUISA / GVU 2.03", Windows XP Sehr gut!  Deinstalliere: Emsisoft Anti-Malware ESET Online Scanner Vorbereitung
|
|
05.08.2012, 22:47
| #17 |
 | BKA-Trojaner "GEMA / SUISA / GVU 2.03", Windows XP Hi t'john
__________________den ESET-Online-Scanner habe ich laufen lassen, allerdings im Offline-Modus, weil mit deaktivierten Anti-Virus-Programmen will ich nicht Online sein - hoffe das ist trotzdem i.O. so. Gemäss Log-File ist das System offensichtlich noch nicht ganz sauber: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=84a09861f7fe8846a181e7ca760ccb87
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-07-24 07:36:38
# local_time=2012-07-24 09:36:38 (+0100, Westeuropäische Sommerzeit)
# country="Switzerland"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1792 16777191 100 0 23795619 23795619 0 0
# compatibility_mode=8192 67108863 100 0 199 199 0 0
# scanned=70655
# found=3
# cleaned=0
# scan_time=3908
C:\Dokumente und Einstellungen\*******1\Lokale Einstellungen\Temp\goempthnhvhggp.exe a variant of Win32/Kryptik.AIVJ trojan (unable to clean) 00000000000000000000000000000000 I
C:\Dokumente und Einstellungen\*******1\Lokale Einstellungen\Temp\kptufvtqtdyevqli.exe a variant of Win32/Kryptik.AIVJ trojan (unable to clean) 00000000000000000000000000000000 I
C:\Dokumente und Einstellungen\*******1\Lokale Einstellungen\Temp\npkglqqllbg.exe a variant of Win32/Kryptik.AIVJ trojan (unable to clean) 00000000000000000000000000000000 I
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=84a09861f7fe8846a181e7ca760ccb87
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-08-05 10:02:44
# local_time=2012-08-05 12:02:44 (+0100, Westeuropäische Sommerzeit)
# country="Switzerland"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1792 16777175 100 0 24801827 24801827 0 0
# compatibility_mode=8192 67108863 100 0 1006407 1006407 0 0
# scanned=328
# found=0
# cleaned=0
# scan_time=64
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=84a09861f7fe8846a181e7ca760ccb87
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-08-05 12:04:58
# local_time=2012-08-05 02:04:58 (+0100, Westeuropäische Sommerzeit)
# country="Switzerland"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1792 16777191 100 0 24801988 24801988 0 0
# compatibility_mode=8192 67108863 100 0 1006568 1006568 0 0
# scanned=142791
# found=1
# cleaned=1
# scan_time=7237
D:\Dateien von *******\Downloads\WinZip165.exe a variant of Win32/OpenInstall application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
|
|
06.08.2012, 02:31
| #18 |
| /// Helfer-Team | BKA-Trojaner "GEMA / SUISA / GVU 2.03", Windows XP TDSSKiller von Kaspersky
__________________- Lade den TDSSKiller und entpacke das Archiv auf Deinen Desktop.Hier findest Du eine ausführlichere TDSSKiller Anleitung.
__________________ |
|
06.08.2012, 19:48
| #19 |
| | BKA-Trojaner "GEMA / SUISA / GVU 2.03", Windows XP Hi t'john getan wie vorgegeben (Anwendungsdatei direkt auf Desktop). Allerdings: Tool hat keinen Neustart vorgeschlagen und hat sich auch nicht gelöscht! Hier das Log-File: Code:
ATTFilter 20:27:06.0375 3120 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
20:27:06.0390 3120 ============================================================
20:27:06.0390 3120 Current date / time: 2012/08/06 20:27:06.0390
20:27:06.0390 3120 SystemInfo:
20:27:06.0390 3120
20:27:06.0390 3120 OS Version: 5.1.2600 ServicePack: 3.0
20:27:06.0390 3120 Product type: Workstation
20:27:06.0390 3120 ComputerName: JXXXXXX
20:27:06.0390 3120 UserName: ******
20:27:06.0390 3120 Windows directory: C:\WINDOWS
20:27:06.0390 3120 System windows directory: C:\WINDOWS
20:27:06.0390 3120 Processor architecture: Intel x86
20:27:06.0390 3120 Number of processors: 2
20:27:06.0390 3120 Page size: 0x1000
20:27:06.0390 3120 Boot type: Normal boot
20:27:06.0390 3120 ============================================================
20:27:08.0250 3120 Drive \Device\Harddisk0\DR0 - Size: 0x3A38A25E00 (232.88 Gb), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
20:27:08.0265 3120 ============================================================
20:27:08.0265 3120 \Device\Harddisk0\DR0:
20:27:08.0265 3120 MBR partitions:
20:27:08.0265 3120 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61AD921
20:27:08.0265 3120 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x61AD960, BlocksNum 0x17004120
20:27:08.0265 3120 ============================================================
20:27:08.0328 3120 C: <-> \Device\Harddisk0\DR0\Partition0
20:27:08.0343 3120 D: <-> \Device\Harddisk0\DR0\Partition1
20:27:08.0375 3120 ============================================================
20:27:08.0375 3120 Initialize success
20:27:08.0375 3120 ============================================================
20:27:20.0687 3228 ============================================================
20:27:20.0687 3228 Scan started
20:27:20.0687 3228 Mode: Manual;
20:27:20.0687 3228 ============================================================
20:27:20.0921 3228 Abiosdsk - ok
20:27:20.0937 3228 abp480n5 - ok
20:27:20.0984 3228 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:27:21.0000 3228 ACPI - ok
20:27:21.0015 3228 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
20:27:21.0015 3228 ACPIEC - ok
20:27:21.0062 3228 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:27:21.0062 3228 AdobeFlashPlayerUpdateSvc - ok
20:27:21.0078 3228 adpu160m - ok
20:27:21.0109 3228 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
20:27:21.0109 3228 aec - ok
20:27:21.0140 3228 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
20:27:21.0156 3228 AFD - ok
20:27:21.0187 3228 AFS2K (c719341a1cf6afd4fa0808ae3d23d6a3) C:\WINDOWS\system32\drivers\AFS2K.sys
20:27:21.0187 3228 AFS2K - ok
20:27:21.0203 3228 Aha154x - ok
20:27:21.0218 3228 aic78u2 - ok
20:27:21.0218 3228 aic78xx - ok
20:27:21.0265 3228 Alerter (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
20:27:21.0265 3228 Alerter - ok
20:27:21.0281 3228 ALG (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
20:27:21.0281 3228 ALG - ok
20:27:21.0296 3228 AliIde - ok
20:27:21.0296 3228 amsint - ok
20:27:21.0390 3228 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Programme\Avira\AntiVir Desktop\sched.exe
20:27:21.0390 3228 AntiVirSchedulerService - ok
20:27:21.0421 3228 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Programme\Avira\AntiVir Desktop\avguard.exe
20:27:21.0437 3228 AntiVirService - ok
20:27:21.0500 3228 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:27:21.0500 3228 Apple Mobile Device - ok
20:27:21.0515 3228 AppMgmt - ok
20:27:21.0531 3228 asc - ok
20:27:21.0546 3228 asc3350p - ok
20:27:21.0562 3228 asc3550 - ok
20:27:21.0671 3228 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:27:21.0703 3228 aspnet_state - ok
20:27:21.0718 3228 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:27:21.0718 3228 AsyncMac - ok
20:27:21.0750 3228 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:27:21.0750 3228 atapi - ok
20:27:21.0765 3228 Atdisk - ok
20:27:21.0796 3228 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:27:21.0796 3228 Atmarpc - ok
20:27:21.0828 3228 AudioSrv (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
20:27:21.0828 3228 AudioSrv - ok
20:27:21.0859 3228 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:27:21.0859 3228 audstub - ok
20:27:21.0890 3228 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
20:27:21.0890 3228 avgntflt - ok
20:27:21.0937 3228 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\WINDOWS\system32\DRIVERS\avipbb.sys
20:27:21.0953 3228 avipbb - ok
20:27:21.0968 3228 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys
20:27:21.0984 3228 avkmgr - ok
20:27:22.0015 3228 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:27:22.0015 3228 Beep - ok
20:27:22.0062 3228 BITS (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
20:27:22.0078 3228 BITS - ok
20:27:22.0156 3228 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Programme\Bonjour\mDNSResponder.exe
20:27:22.0156 3228 Bonjour Service - ok
20:27:22.0187 3228 Browser (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
20:27:22.0203 3228 Browser - ok
20:27:22.0265 3228 catchme - ok
20:27:22.0296 3228 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:27:22.0296 3228 cbidf2k - ok
20:27:22.0296 3228 cd20xrnt - ok
20:27:22.0328 3228 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:27:22.0328 3228 Cdaudio - ok
20:27:22.0375 3228 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
20:27:22.0375 3228 Cdfs - ok
20:27:22.0390 3228 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:27:22.0390 3228 Cdrom - ok
20:27:22.0406 3228 Changer - ok
20:27:22.0437 3228 CiSvc (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
20:27:22.0437 3228 CiSvc - ok
20:27:22.0453 3228 ClipSrv (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
20:27:22.0453 3228 ClipSrv - ok
20:27:22.0515 3228 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:27:22.0625 3228 clr_optimization_v2.0.50727_32 - ok
20:27:22.0625 3228 CmdIde - ok
20:27:22.0656 3228 CnxTrLan (7071c6fcc5c452d8f1bce78d53015154) C:\WINDOWS\system32\DRIVERS\CnxTrLan.sys
20:27:22.0656 3228 CnxTrLan - ok
20:27:22.0687 3228 CnxTrUsb (60dc47fffae8b1987db88f7afd101ea3) C:\WINDOWS\system32\DRIVERS\CnxTrUsb.sys
20:27:22.0687 3228 CnxTrUsb - ok
20:27:22.0687 3228 COMSysApp - ok
20:27:22.0718 3228 Cpqarray - ok
20:27:22.0765 3228 CryptSvc (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
20:27:22.0765 3228 CryptSvc - ok
20:27:22.0781 3228 dac2w2k - ok
20:27:22.0796 3228 dac960nt - ok
20:27:22.0859 3228 DcomLaunch (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
20:27:22.0859 3228 DcomLaunch - ok
20:27:22.0906 3228 Dhcp (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
20:27:22.0906 3228 Dhcp - ok
20:27:22.0921 3228 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
20:27:22.0921 3228 Disk - ok
20:27:22.0921 3228 dmadmin - ok
20:27:23.0000 3228 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
20:27:23.0015 3228 dmboot - ok
20:27:23.0031 3228 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
20:27:23.0031 3228 dmio - ok
20:27:23.0046 3228 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:27:23.0046 3228 dmload - ok
20:27:23.0078 3228 dmserver (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
20:27:23.0078 3228 dmserver - ok
20:27:23.0093 3228 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
20:27:23.0093 3228 DMusic - ok
20:27:23.0125 3228 Dnscache (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
20:27:23.0125 3228 Dnscache - ok
20:27:23.0171 3228 Dot3svc (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
20:27:23.0171 3228 Dot3svc - ok
20:27:23.0187 3228 dpti2o - ok
20:27:23.0203 3228 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
20:27:23.0203 3228 drmkaud - ok
20:27:23.0234 3228 EapHost (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
20:27:23.0234 3228 EapHost - ok
20:27:23.0250 3228 ERSvc (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
20:27:23.0250 3228 ERSvc - ok
20:27:23.0296 3228 Eventlog (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
20:27:23.0296 3228 Eventlog - ok
20:27:23.0343 3228 EventSystem (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
20:27:23.0359 3228 EventSystem - ok
20:27:23.0390 3228 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
20:27:23.0390 3228 Fastfat - ok
20:27:23.0421 3228 FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:27:23.0421 3228 FastUserSwitchingCompatibility - ok
20:27:23.0468 3228 Fax (08b8b302af0d1b3b8543429bbac8f21f) C:\WINDOWS\system32\fxssvc.exe
20:27:23.0468 3228 Fax - ok
20:27:23.0484 3228 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
20:27:23.0484 3228 Fdc - ok
20:27:23.0500 3228 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
20:27:23.0515 3228 Fips - ok
20:27:23.0531 3228 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
20:27:23.0546 3228 Flpydisk - ok
20:27:23.0562 3228 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
20:27:23.0562 3228 FltMgr - ok
20:27:23.0656 3228 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:27:23.0656 3228 FontCache3.0.0.0 - ok
20:27:23.0671 3228 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:27:23.0671 3228 Fs_Rec - ok
20:27:23.0718 3228 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:27:23.0718 3228 Ftdisk - ok
20:27:23.0765 3228 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
20:27:23.0765 3228 GEARAspiWDM - ok
20:27:23.0781 3228 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:27:23.0781 3228 Gpc - ok
20:27:23.0859 3228 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
20:27:23.0859 3228 gupdate - ok
20:27:23.0875 3228 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
20:27:23.0875 3228 gupdatem - ok
20:27:23.0906 3228 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:27:23.0906 3228 HDAudBus - ok
20:27:23.0953 3228 helpsvc (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:27:23.0953 3228 helpsvc - ok
20:27:24.0000 3228 HidServ (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll
20:27:24.0000 3228 HidServ - ok
20:27:24.0000 3228 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:27:24.0000 3228 hidusb - ok
20:27:24.0046 3228 hkmsvc (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
20:27:24.0046 3228 hkmsvc - ok
20:27:24.0046 3228 hpn - ok
20:27:24.0093 3228 HPZid412 (287a63bd8509bd78e7978823b38afa81) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
20:27:24.0093 3228 HPZid412 - ok
20:27:24.0109 3228 HPZipr12 (0b4fda2657c3e0315eaa57f9c6d4fd1f) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
20:27:24.0109 3228 HPZipr12 - ok
20:27:24.0125 3228 HPZius12 (29559db25258b60510a60c4e470fce32) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
20:27:24.0125 3228 HPZius12 - ok
20:27:24.0156 3228 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
20:27:24.0171 3228 HTTP - ok
20:27:24.0187 3228 HTTPFilter (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
20:27:24.0187 3228 HTTPFilter - ok
20:27:24.0203 3228 i2omgmt - ok
20:27:24.0218 3228 i2omp - ok
20:27:24.0250 3228 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:27:24.0250 3228 i8042prt - ok
20:27:24.0359 3228 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:27:24.0375 3228 idsvc - ok
20:27:24.0390 3228 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:27:24.0390 3228 Imapi - ok
20:27:24.0421 3228 ImapiService (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
20:27:24.0437 3228 ImapiService - ok
20:27:24.0453 3228 ini910u - ok
20:27:24.0718 3228 IntcAzAudAddService (284bcb80391783d328a8d8163e97fd58) C:\WINDOWS\system32\drivers\RtkHDAud.sys
20:27:24.0812 3228 IntcAzAudAddService - ok
20:27:24.0906 3228 IntelIde - ok
20:27:24.0937 3228 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:27:24.0937 3228 intelppm - ok
20:27:24.0953 3228 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
20:27:24.0953 3228 Ip6Fw - ok
20:27:24.0984 3228 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:27:24.0984 3228 IpFilterDriver - ok
20:27:25.0015 3228 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:27:25.0015 3228 IpInIp - ok
20:27:25.0031 3228 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:27:25.0046 3228 IpNat - ok
20:27:25.0140 3228 iPod Service (e6be7a41a28d8f2db174957454d32448) C:\Programme\iPod\bin\iPodService.exe
20:27:25.0156 3228 iPod Service - ok
20:27:25.0187 3228 Iprip (9843f75e31fb74c5fe757d28150c2b9f) C:\WINDOWS\System32\iprip.dll
20:27:25.0187 3228 Iprip - ok
20:27:25.0234 3228 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:27:25.0234 3228 IPSec - ok
20:27:25.0250 3228 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:27:25.0265 3228 IRENUM - ok
20:27:25.0281 3228 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:27:25.0281 3228 isapnp - ok
20:27:25.0312 3228 JGOGO (c995c0e8b4503fac38793bb0236ad246) C:\WINDOWS\system32\DRIVERS\JGOGO.sys
20:27:25.0312 3228 JGOGO - ok
20:27:25.0328 3228 JRAID (bd29e1a6fcdf66f5e3875da88728feb1) C:\WINDOWS\system32\DRIVERS\jraid.sys
20:27:25.0328 3228 JRAID - ok
20:27:25.0359 3228 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:27:25.0359 3228 Kbdclass - ok
20:27:25.0375 3228 kbdhid (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:27:25.0375 3228 kbdhid - ok
20:27:25.0406 3228 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
20:27:25.0406 3228 kmixer - ok
20:27:25.0421 3228 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
20:27:25.0421 3228 KSecDD - ok
20:27:25.0468 3228 lanmanserver (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
20:27:25.0468 3228 lanmanserver - ok
20:27:25.0484 3228 lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
20:27:25.0500 3228 lanmanworkstation - ok
20:27:25.0500 3228 lbrtfdc - ok
20:27:25.0593 3228 LightScribeService (6e68e520e6f2f5dce97a9ff947038769) C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
20:27:25.0593 3228 LightScribeService - ok
20:27:25.0625 3228 LmHosts (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
20:27:25.0625 3228 LmHosts - ok
20:27:25.0671 3228 MBAMProtector (6dfe7f2e8e8a337263aa5c92a215f161) C:\WINDOWS\system32\drivers\mbam.sys
20:27:25.0671 3228 MBAMProtector - ok
20:27:25.0718 3228 MBAMService (43683e970f008c93c9429ef428147a54) C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
20:27:25.0734 3228 MBAMService - ok
20:27:25.0750 3228 Messenger (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
20:27:25.0750 3228 Messenger - ok
20:27:25.0781 3228 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:27:25.0781 3228 mnmdd - ok
20:27:25.0796 3228 mnmsrvc (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
20:27:25.0796 3228 mnmsrvc - ok
20:27:25.0812 3228 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
20:27:25.0812 3228 Modem - ok
20:27:25.0828 3228 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:27:25.0828 3228 Mouclass - ok
20:27:25.0843 3228 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:27:25.0859 3228 mouhid - ok
20:27:25.0875 3228 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
20:27:25.0875 3228 MountMgr - ok
20:27:25.0921 3228 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
20:27:25.0921 3228 MozillaMaintenance - ok
20:27:25.0937 3228 mraid35x - ok
20:27:25.0984 3228 MRENDIS5 (594b9d8194e3f4ecbf0325bd10bbeb05) C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS
20:27:25.0984 3228 MRENDIS5 - ok
20:27:26.0000 3228 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:27:26.0000 3228 MRxDAV - ok
20:27:26.0046 3228 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:27:26.0046 3228 MRxSmb - ok
20:27:26.0093 3228 MSDTC (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
20:27:26.0093 3228 MSDTC - ok
20:27:26.0125 3228 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
20:27:26.0140 3228 Msfs - ok
20:27:26.0140 3228 MSIServer - ok
20:27:26.0171 3228 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:27:26.0171 3228 MSKSSRV - ok
20:27:26.0187 3228 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:27:26.0187 3228 MSPCLOCK - ok
20:27:26.0203 3228 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
20:27:26.0203 3228 MSPQM - ok
20:27:26.0234 3228 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:27:26.0234 3228 mssmbios - ok
20:27:26.0265 3228 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
20:27:26.0265 3228 MTsensor - ok
20:27:26.0296 3228 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
20:27:26.0296 3228 Mup - ok
20:27:26.0343 3228 napagent (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
20:27:26.0343 3228 napagent - ok
20:27:26.0375 3228 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
20:27:26.0375 3228 NDIS - ok
20:27:26.0390 3228 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:27:26.0390 3228 NdisTapi - ok
20:27:26.0421 3228 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:27:26.0421 3228 Ndisuio - ok
20:27:26.0437 3228 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:27:26.0437 3228 NdisWan - ok
20:27:26.0468 3228 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
20:27:26.0468 3228 NDProxy - ok
20:27:26.0484 3228 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
20:27:26.0484 3228 NetBIOS - ok
20:27:26.0515 3228 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
20:27:26.0515 3228 NetBT - ok
20:27:26.0546 3228 NetDDE (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
20:27:26.0546 3228 NetDDE - ok
20:27:26.0562 3228 NetDDEdsdm (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
20:27:26.0562 3228 NetDDEdsdm - ok
20:27:26.0593 3228 Netlogon (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:27:26.0593 3228 Netlogon - ok
20:27:26.0609 3228 Netman (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
20:27:26.0625 3228 Netman - ok
20:27:26.0750 3228 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:27:26.0750 3228 NetTcpPortSharing - ok
20:27:26.0781 3228 Nla (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
20:27:26.0796 3228 Nla - ok
20:27:26.0828 3228 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
20:27:26.0828 3228 Npfs - ok
20:27:26.0859 3228 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
20:27:26.0875 3228 Ntfs - ok
20:27:26.0890 3228 NtLmSsp (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:27:26.0890 3228 NtLmSsp - ok
20:27:26.0937 3228 NtmsSvc (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
20:27:26.0953 3228 NtmsSvc - ok
20:27:26.0984 3228 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
20:27:26.0984 3228 NuidFltr - ok
20:27:27.0015 3228 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:27:27.0015 3228 Null - ok
20:27:27.0250 3228 nv (ba1b732c1a70cfea0c1b64f2850bf44f) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:27:27.0359 3228 nv - ok
20:27:27.0500 3228 NVSvc (0febe37db6650faa5965c00545009d1d) C:\WINDOWS\system32\nvsvc32.exe
20:27:27.0500 3228 NVSvc - ok
20:27:27.0531 3228 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:27:27.0531 3228 NwlnkFlt - ok
20:27:27.0546 3228 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:27:27.0546 3228 NwlnkFwd - ok
20:27:27.0578 3228 p2pgasvc (9bad7edcfee78ff3b3d852e881633c6a) C:\WINDOWS\system32\p2pgasvc.dll
20:27:27.0578 3228 p2pgasvc - ok
20:27:27.0625 3228 p2pimsvc (02ebbece9fb4a4811ad3c4bb55cced0c) C:\WINDOWS\system32\p2psvc.dll
20:27:27.0640 3228 p2pimsvc - ok
20:27:27.0656 3228 p2psvc (02ebbece9fb4a4811ad3c4bb55cced0c) C:\WINDOWS\system32\p2psvc.dll
20:27:27.0656 3228 p2psvc - ok
20:27:27.0687 3228 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
20:27:27.0687 3228 Parport - ok
20:27:27.0703 3228 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
20:27:27.0703 3228 PartMgr - ok
20:27:27.0734 3228 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
20:27:27.0734 3228 ParVdm - ok
20:27:27.0765 3228 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
20:27:27.0765 3228 PCI - ok
20:27:27.0765 3228 PCIDump - ok
20:27:27.0812 3228 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
20:27:27.0812 3228 PCIIde - ok
20:27:27.0828 3228 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
20:27:27.0828 3228 Pcmcia - ok
20:27:27.0843 3228 PDCOMP - ok
20:27:27.0859 3228 PDFRAME - ok
20:27:27.0875 3228 PDRELI - ok
20:27:27.0890 3228 PDRFRAME - ok
20:27:27.0906 3228 perc2 - ok
20:27:27.0921 3228 perc2hib - ok
20:27:27.0984 3228 PlugPlay (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
20:27:27.0984 3228 PlugPlay - ok
20:27:28.0015 3228 Pml Driver HPZ12 (5c1cadd1cb67c0b9d8a84ec6e4d6b5cc) C:\WINDOWS\system32\HPZipm12.exe
20:27:28.0015 3228 Pml Driver HPZ12 - ok
20:27:28.0031 3228 PNRPSvc (02ebbece9fb4a4811ad3c4bb55cced0c) C:\WINDOWS\system32\p2psvc.dll
20:27:28.0046 3228 PNRPSvc - ok
20:27:28.0078 3228 Point32 (3b6973d60bde757c53bb76842d31318e) C:\WINDOWS\system32\DRIVERS\point32.sys
20:27:28.0078 3228 Point32 - ok
20:27:28.0093 3228 PolicyAgent (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:27:28.0093 3228 PolicyAgent - ok
20:27:28.0125 3228 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:27:28.0125 3228 PptpMiniport - ok
20:27:28.0125 3228 ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:27:28.0140 3228 ProtectedStorage - ok
20:27:28.0156 3228 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
20:27:28.0156 3228 PSched - ok
20:27:28.0187 3228 PSI (d24dfd16a1e2a76034df5aa18125c35d) C:\WINDOWS\system32\DRIVERS\psi_mf.sys
20:27:28.0187 3228 PSI - ok
20:27:28.0203 3228 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:27:28.0203 3228 Ptilink - ok
20:27:28.0218 3228 ql1080 - ok
20:27:28.0234 3228 Ql10wnt - ok
20:27:28.0250 3228 ql12160 - ok
20:27:28.0265 3228 ql1240 - ok
20:27:28.0281 3228 ql1280 - ok
20:27:28.0296 3228 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:27:28.0296 3228 RasAcd - ok
20:27:28.0328 3228 RasAuto (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
20:27:28.0328 3228 RasAuto - ok
20:27:28.0359 3228 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:27:28.0359 3228 Rasl2tp - ok
20:27:28.0406 3228 RasMan (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
20:27:28.0406 3228 RasMan - ok
20:27:28.0421 3228 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:27:28.0421 3228 RasPppoe - ok
20:27:28.0437 3228 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:27:28.0437 3228 Raspti - ok
20:27:28.0468 3228 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:27:28.0468 3228 Rdbss - ok
20:27:28.0484 3228 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:27:28.0484 3228 RDPCDD - ok
20:27:28.0531 3228 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
20:27:28.0531 3228 RDPWD - ok
20:27:28.0578 3228 RDSessMgr (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
20:27:28.0578 3228 RDSessMgr - ok
20:27:28.0593 3228 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:27:28.0593 3228 redbook - ok
20:27:28.0625 3228 RemoteAccess (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
20:27:28.0625 3228 RemoteAccess - ok
20:27:28.0640 3228 RimUsb - ok
20:27:28.0671 3228 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\WINDOWS\system32\DRIVERS\RimSerial.sys
20:27:28.0671 3228 RimVSerPort - ok
20:27:28.0703 3228 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
20:27:28.0703 3228 ROOTMODEM - ok
20:27:28.0718 3228 RpcLocator (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
20:27:28.0718 3228 RpcLocator - ok
20:27:28.0765 3228 RpcSs (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\System32\rpcss.dll
20:27:28.0765 3228 RpcSs - ok
20:27:28.0781 3228 RSVP (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
20:27:28.0796 3228 RSVP - ok
20:27:28.0812 3228 RTL8023xp (911e07056b865760c0762f6221145999) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
20:27:28.0828 3228 RTL8023xp - ok
20:27:28.0906 3228 RTL8192cu (5b3a5bc13614fffa1be65d434688ed3f) C:\WINDOWS\system32\DRIVERS\RTL8192cu.sys
20:27:28.0921 3228 RTL8192cu - ok
20:27:28.0953 3228 SamSs (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:27:28.0953 3228 SamSs - ok
20:27:28.0968 3228 SCardSvr (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
20:27:28.0968 3228 SCardSvr - ok
20:27:29.0015 3228 Schedule (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
20:27:29.0031 3228 Schedule - ok
20:27:29.0062 3228 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:27:29.0078 3228 Secdrv - ok
20:27:29.0093 3228 seclogon (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
20:27:29.0093 3228 seclogon - ok
20:27:29.0156 3228 Secunia PSI Agent - ok
20:27:29.0156 3228 Secunia Update Agent - ok
20:27:29.0187 3228 SENS (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
20:27:29.0187 3228 SENS - ok
20:27:29.0234 3228 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
20:27:29.0234 3228 serenum - ok
20:27:29.0265 3228 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
20:27:29.0265 3228 Serial - ok
20:27:29.0281 3228 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
20:27:29.0281 3228 Sfloppy - ok
20:27:29.0328 3228 SharedAccess (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
20:27:29.0343 3228 SharedAccess - ok
20:27:29.0375 3228 ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:27:29.0375 3228 ShellHWDetection - ok
20:27:29.0375 3228 Simbad - ok
20:27:29.0406 3228 SimpTcp (7a1a532f14fde28489dc349c6e404a67) C:\WINDOWS\system32\tcpsvcs.exe
20:27:29.0421 3228 SimpTcp - ok
20:27:29.0453 3228 SNMP (708a1b41e7e850b2b1309073551cbd53) C:\WINDOWS\System32\snmp.exe
20:27:29.0453 3228 SNMP - ok
20:27:29.0468 3228 SNMPTRAP (0702e1d16b7003049918595057f3904f) C:\WINDOWS\System32\snmptrap.exe
20:27:29.0484 3228 SNMPTRAP - ok
20:27:29.0484 3228 Sparrow - ok
20:27:29.0515 3228 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
20:27:29.0515 3228 splitter - ok
20:27:29.0546 3228 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
20:27:29.0562 3228 Spooler - ok
20:27:29.0578 3228 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
20:27:29.0578 3228 sr - ok
20:27:29.0609 3228 srservice (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
20:27:29.0609 3228 srservice - ok
20:27:29.0640 3228 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
20:27:29.0640 3228 Srv - ok
20:27:29.0671 3228 SSDPSRV (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
20:27:29.0671 3228 SSDPSRV - ok
20:27:29.0703 3228 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
20:27:29.0703 3228 ssmdrv - ok
20:27:29.0750 3228 stisvc (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
20:27:29.0765 3228 stisvc - ok
20:27:29.0781 3228 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:27:29.0781 3228 swenum - ok
20:27:29.0796 3228 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
20:27:29.0812 3228 swmidi - ok
20:27:29.0812 3228 SwPrv - ok
20:27:29.0828 3228 symc810 - ok
20:27:29.0843 3228 symc8xx - ok
20:27:29.0859 3228 sym_hi - ok
20:27:29.0875 3228 sym_u3 - ok
20:27:29.0890 3228 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
20:27:29.0906 3228 sysaudio - ok
20:27:29.0921 3228 SysmonLog (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
20:27:29.0937 3228 SysmonLog - ok
20:27:29.0968 3228 TapiSrv (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
20:27:29.0968 3228 TapiSrv - ok
20:27:30.0093 3228 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:27:30.0093 3228 Tcpip - ok
20:27:30.0125 3228 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:27:30.0125 3228 TDPIPE - ok
20:27:30.0140 3228 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
20:27:30.0140 3228 TDTCP - ok
20:27:30.0171 3228 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:27:30.0171 3228 TermDD - ok
20:27:30.0203 3228 TermService (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
20:27:30.0218 3228 TermService - ok
20:27:30.0250 3228 Themes (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:27:30.0250 3228 Themes - ok
20:27:30.0265 3228 TosIde - ok
20:27:30.0296 3228 TrkWks (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
20:27:30.0296 3228 TrkWks - ok
20:27:30.0343 3228 tunmp (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys
20:27:30.0343 3228 tunmp - ok
20:27:30.0359 3228 uagp35 (d85938f272d1bcf3db3a31fc0a048928) C:\WINDOWS\system32\DRIVERS\uagp35.sys
20:27:30.0359 3228 uagp35 - ok
20:27:30.0390 3228 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
20:27:30.0390 3228 Udfs - ok
20:27:30.0390 3228 ultra - ok
20:27:30.0437 3228 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
20:27:30.0453 3228 Update - ok
20:27:30.0468 3228 upnphost (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
20:27:30.0484 3228 upnphost - ok
20:27:30.0500 3228 UPS (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
20:27:30.0500 3228 UPS - ok
20:27:30.0531 3228 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\WINDOWS\system32\Drivers\usbaapl.sys
20:27:30.0531 3228 USBAAPL - ok
20:27:30.0546 3228 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:27:30.0546 3228 usbccgp - ok
20:27:30.0562 3228 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:27:30.0562 3228 usbehci - ok
20:27:30.0578 3228 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:27:30.0578 3228 usbhub - ok
20:27:30.0593 3228 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:27:30.0593 3228 usbprint - ok
20:27:30.0609 3228 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:27:30.0609 3228 usbscan - ok
20:27:30.0625 3228 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:27:30.0625 3228 usbstor - ok
20:27:30.0640 3228 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:27:30.0640 3228 usbuhci - ok
20:27:30.0656 3228 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
20:27:30.0656 3228 VgaSave - ok
20:27:30.0671 3228 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
20:27:30.0671 3228 ViaIde - ok
20:27:30.0703 3228 videX32 (c8ee49fa76eb7c41a9cddfe58151a74e) C:\WINDOWS\system32\DRIVERS\videX32.sys
20:27:30.0703 3228 videX32 - ok
20:27:30.0734 3228 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
20:27:30.0734 3228 VolSnap - ok
20:27:30.0765 3228 VSS (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
20:27:30.0781 3228 VSS - ok
20:27:30.0812 3228 W32Time (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
20:27:30.0812 3228 W32Time - ok
20:27:30.0843 3228 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:27:30.0843 3228 Wanarp - ok
20:27:30.0890 3228 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
20:27:30.0906 3228 Wdf01000 - ok
20:27:30.0906 3228 WDICA - ok
20:27:30.0937 3228 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
20:27:30.0937 3228 wdmaud - ok
20:27:30.0968 3228 WebClient (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
20:27:30.0968 3228 WebClient - ok
20:27:31.0046 3228 winmgmt (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
20:27:31.0046 3228 winmgmt - ok
20:27:31.0093 3228 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
20:27:31.0093 3228 WmdmPmSN - ok
20:27:31.0125 3228 WmiApSrv (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:27:31.0140 3228 WmiApSrv - ok
20:27:31.0250 3228 WMPNetworkSvc (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
20:27:31.0265 3228 WMPNetworkSvc - ok
20:27:31.0296 3228 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:27:31.0296 3228 WS2IFSL - ok
20:27:31.0343 3228 wscsvc (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
20:27:31.0343 3228 wscsvc - ok
20:27:31.0359 3228 wuauserv (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
20:27:31.0359 3228 wuauserv - ok
20:27:31.0390 3228 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:27:31.0390 3228 WudfPf - ok
20:27:31.0421 3228 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:27:31.0421 3228 WudfRd - ok
20:27:31.0453 3228 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
20:27:31.0453 3228 WudfSvc - ok
20:27:31.0500 3228 WZCSVC (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
20:27:31.0515 3228 WZCSVC - ok
20:27:31.0531 3228 xfilt (fcbc27869092850cdb75139f3818653a) C:\WINDOWS\system32\DRIVERS\xfilt.sys
20:27:31.0546 3228 xfilt - ok
20:27:31.0578 3228 xmlprov (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
20:27:31.0578 3228 xmlprov - ok
20:27:31.0625 3228 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
20:27:31.0953 3228 \Device\Harddisk0\DR0 - ok
20:27:31.0968 3228 Boot (0x1200) (14b4c6e1d797a881e439dd6d00df6bab) \Device\Harddisk0\DR0\Partition0
20:27:31.0968 3228 \Device\Harddisk0\DR0\Partition0 - ok
20:27:31.0984 3228 Boot (0x1200) (aea75a07b27c829b66c3a29100410709) \Device\Harddisk0\DR0\Partition1
20:27:32.0000 3228 \Device\Harddisk0\DR0\Partition1 - ok
20:27:32.0000 3228 ============================================================
20:27:32.0000 3228 Scan finished
20:27:32.0000 3228 ============================================================
20:27:32.0015 4032 Detected object count: 0
20:27:32.0015 4032 Actual detected object count: 0
20:28:03.0812 2624 Deinitialize success
Code:
ATTFilter 20:40:13.0734 3260 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
20:40:13.0843 3260 ============================================================
20:40:13.0843 3260 Current date / time: 2012/08/06 20:40:13.0843
20:40:13.0843 3260 SystemInfo:
20:40:13.0843 3260
20:40:13.0843 3260 OS Version: 5.1.2600 ServicePack: 3.0
20:40:13.0843 3260 Product type: Workstation
20:40:13.0843 3260 ComputerName: JXXXXX
20:40:13.0843 3260 UserName: *******
20:40:13.0843 3260 Windows directory: C:\WINDOWS
20:40:13.0843 3260 System windows directory: C:\WINDOWS
20:40:13.0843 3260 Processor architecture: Intel x86
20:40:13.0843 3260 Number of processors: 2
20:40:13.0843 3260 Page size: 0x1000
20:40:13.0843 3260 Boot type: Normal boot
20:40:13.0843 3260 ============================================================
20:40:15.0265 3260 Drive \Device\Harddisk0\DR0 - Size: 0x3A38A25E00 (232.88 Gb), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
20:40:15.0281 3260 Drive \Device\Harddisk5\DR11 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:40:15.0296 3260 ============================================================
20:40:15.0296 3260 \Device\Harddisk0\DR0:
20:40:15.0296 3260 MBR partitions:
20:40:15.0296 3260 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61AD921
20:40:15.0296 3260 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x61AD960, BlocksNum 0x17004120
20:40:15.0296 3260 \Device\Harddisk5\DR11:
20:40:15.0296 3260 MBR partitions:
20:40:15.0296 3260 \Device\Harddisk5\DR11\Partition0: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x129ED876
20:40:15.0296 3260 ============================================================
20:40:15.0312 3260 C: <-> \Device\Harddisk0\DR0\Partition0
20:40:15.0328 3260 D: <-> \Device\Harddisk0\DR0\Partition1
20:40:15.0390 3260 F: <-> \Device\Harddisk5\DR11\Partition0
20:40:15.0390 3260 ============================================================
20:40:15.0390 3260 Initialize success
20:40:15.0390 3260 ============================================================
20:40:36.0640 0120 ============================================================
20:40:36.0640 0120 Scan started
20:40:36.0640 0120 Mode: Manual; SigCheck; TDLFS;
20:40:36.0640 0120 ============================================================
20:40:36.0859 0120 Abiosdsk - ok
20:40:36.0875 0120 abp480n5 - ok
20:40:36.0921 0120 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:40:37.0375 0120 ACPI - ok
20:40:37.0406 0120 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
20:40:37.0515 0120 ACPIEC - ok
20:40:37.0578 0120 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:40:37.0625 0120 AdobeFlashPlayerUpdateSvc - ok
20:40:37.0640 0120 adpu160m - ok
20:40:37.0671 0120 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
20:40:37.0796 0120 aec - ok
20:40:37.0843 0120 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
20:40:37.0937 0120 AFD - ok
20:40:37.0953 0120 AFS2K (c719341a1cf6afd4fa0808ae3d23d6a3) C:\WINDOWS\system32\drivers\AFS2K.sys
20:40:38.0000 0120 AFS2K - ok
20:40:38.0015 0120 Aha154x - ok
20:40:38.0031 0120 aic78u2 - ok
20:40:38.0046 0120 aic78xx - ok
20:40:38.0078 0120 Alerter (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
20:40:38.0203 0120 Alerter - ok
20:40:38.0234 0120 ALG (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
20:40:38.0312 0120 ALG - ok
20:40:38.0328 0120 AliIde - ok
20:40:38.0343 0120 amsint - ok
20:40:38.0421 0120 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Programme\Avira\AntiVir Desktop\sched.exe
20:40:38.0468 0120 AntiVirSchedulerService - ok
20:40:38.0484 0120 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Programme\Avira\AntiVir Desktop\avguard.exe
20:40:38.0531 0120 AntiVirService - ok
20:40:38.0593 0120 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:40:38.0640 0120 Apple Mobile Device - ok
20:40:38.0656 0120 AppMgmt - ok
20:40:38.0671 0120 asc - ok
20:40:38.0687 0120 asc3350p - ok
20:40:38.0687 0120 asc3550 - ok
20:40:38.0796 0120 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:40:38.0828 0120 aspnet_state - ok
20:40:38.0859 0120 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:40:38.0968 0120 AsyncMac - ok
20:40:39.0000 0120 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:40:39.0093 0120 atapi - ok
20:40:39.0109 0120 Atdisk - ok
20:40:39.0140 0120 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:40:39.0265 0120 Atmarpc - ok
20:40:39.0281 0120 AudioSrv (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
20:40:39.0421 0120 AudioSrv - ok
20:40:39.0468 0120 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:40:39.0593 0120 audstub - ok
20:40:39.0625 0120 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
20:40:40.0656 0120 avgntflt - ok
20:40:40.0875 0120 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\WINDOWS\system32\DRIVERS\avipbb.sys
20:40:40.0937 0120 avipbb - ok
20:40:41.0031 0120 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys
20:40:41.0093 0120 avkmgr - ok
20:40:41.0156 0120 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:40:41.0312 0120 Beep - ok
20:40:41.0593 0120 BITS (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
20:40:41.0828 0120 BITS - ok
20:40:42.0234 0120 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Programme\Bonjour\mDNSResponder.exe
20:40:42.0312 0120 Bonjour Service - ok
20:40:42.0390 0120 Browser (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
20:40:42.0578 0120 Browser - ok
20:40:42.0859 0120 catchme - ok
20:40:42.0921 0120 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:40:43.0359 0120 cbidf2k - ok
20:40:43.0375 0120 cd20xrnt - ok
20:40:43.0437 0120 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:40:43.0609 0120 Cdaudio - ok
20:40:43.0765 0120 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
20:40:43.0953 0120 Cdfs - ok
20:40:44.0031 0120 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:40:44.0187 0120 Cdrom - ok
20:40:44.0203 0120 Changer - ok
20:40:44.0265 0120 CiSvc (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
20:40:44.0421 0120 CiSvc - ok
20:40:44.0453 0120 ClipSrv (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
20:40:44.0625 0120 ClipSrv - ok
20:40:44.0875 0120 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:40:45.0093 0120 clr_optimization_v2.0.50727_32 - ok
20:40:45.0109 0120 CmdIde - ok
20:40:45.0171 0120 CnxTrLan (7071c6fcc5c452d8f1bce78d53015154) C:\WINDOWS\system32\DRIVERS\CnxTrLan.sys
20:40:45.0265 0120 CnxTrLan - ok
20:40:45.0328 0120 CnxTrUsb (60dc47fffae8b1987db88f7afd101ea3) C:\WINDOWS\system32\DRIVERS\CnxTrUsb.sys
20:40:45.0421 0120 CnxTrUsb - ok
20:40:45.0421 0120 COMSysApp - ok
20:40:45.0453 0120 Cpqarray - ok
20:40:45.0546 0120 CryptSvc (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
20:40:45.0718 0120 CryptSvc - ok
20:40:45.0718 0120 dac2w2k - ok
20:40:45.0734 0120 dac960nt - ok
20:40:46.0093 0120 DcomLaunch (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
20:40:46.0187 0120 DcomLaunch - ok
20:40:46.0328 0120 Dhcp (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
20:40:46.0437 0120 Dhcp - ok
20:40:46.0500 0120 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
20:40:46.0656 0120 Disk - ok
20:40:46.0671 0120 dmadmin - ok
20:40:47.0109 0120 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
20:40:47.0484 0120 dmboot - ok
20:40:47.0578 0120 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
20:40:47.0765 0120 dmio - ok
20:40:47.0828 0120 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:40:47.0984 0120 dmload - ok
20:40:48.0031 0120 dmserver (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
20:40:48.0203 0120 dmserver - ok
20:40:48.0250 0120 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
20:40:48.0390 0120 DMusic - ok
20:40:48.0468 0120 Dnscache (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
20:40:48.0671 0120 Dnscache - ok
20:40:48.0859 0120 Dot3svc (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
20:40:49.0031 0120 Dot3svc - ok
20:40:49.0046 0120 dpti2o - ok
20:40:49.0078 0120 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
20:40:49.0234 0120 drmkaud - ok
20:40:49.0265 0120 EapHost (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
20:40:49.0390 0120 EapHost - ok
20:40:49.0437 0120 ERSvc (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
20:40:49.0578 0120 ERSvc - ok
20:40:49.0625 0120 Eventlog (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
20:40:49.0687 0120 Eventlog - ok
20:40:50.0343 0120 EventSystem (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
20:40:50.0453 0120 EventSystem - ok
20:40:50.0500 0120 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
20:40:50.0640 0120 Fastfat - ok
20:40:50.0687 0120 FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:40:50.0781 0120 FastUserSwitchingCompatibility - ok
20:40:50.0843 0120 Fax (08b8b302af0d1b3b8543429bbac8f21f) C:\WINDOWS\system32\fxssvc.exe
20:40:50.0984 0120 Fax - ok
20:40:51.0015 0120 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
20:40:51.0140 0120 Fdc - ok
20:40:51.0171 0120 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
20:40:51.0265 0120 Fips - ok
20:40:51.0312 0120 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
20:40:51.0484 0120 Flpydisk - ok
20:40:51.0515 0120 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
20:40:51.0640 0120 FltMgr - ok
20:40:51.0718 0120 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:40:51.0750 0120 FontCache3.0.0.0 - ok
20:40:51.0796 0120 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:40:51.0921 0120 Fs_Rec - ok
20:40:51.0937 0120 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:40:52.0062 0120 Ftdisk - ok
20:40:52.0093 0120 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
20:40:52.0125 0120 GEARAspiWDM - ok
20:40:52.0156 0120 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:40:52.0281 0120 Gpc - ok
20:40:52.0375 0120 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
20:40:52.0421 0120 gupdate - ok
20:40:52.0421 0120 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
20:40:52.0437 0120 gupdatem - ok
20:40:52.0468 0120 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:40:52.0609 0120 HDAudBus - ok
20:40:52.0656 0120 helpsvc (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:40:52.0781 0120 helpsvc - ok
20:40:52.0828 0120 HidServ (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll
20:40:52.0937 0120 HidServ - ok
20:40:52.0953 0120 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:40:53.0062 0120 hidusb - ok
20:40:53.0093 0120 hkmsvc (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
20:40:53.0203 0120 hkmsvc - ok
20:40:53.0218 0120 hpn - ok
20:40:53.0265 0120 HPZid412 (287a63bd8509bd78e7978823b38afa81) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
20:40:53.0328 0120 HPZid412 - ok
20:40:53.0375 0120 HPZipr12 (0b4fda2657c3e0315eaa57f9c6d4fd1f) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
20:40:53.0421 0120 HPZipr12 - ok
20:40:53.0437 0120 HPZius12 (29559db25258b60510a60c4e470fce32) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
20:40:53.0500 0120 HPZius12 - ok
20:40:53.0531 0120 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
20:40:53.0593 0120 HTTP - ok
20:40:53.0609 0120 HTTPFilter (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
20:40:53.0734 0120 HTTPFilter - ok
20:40:53.0734 0120 i2omgmt - ok
20:40:53.0750 0120 i2omp - ok
20:40:53.0812 0120 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:40:53.0937 0120 i8042prt - ok
20:40:54.0031 0120 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:40:54.0109 0120 idsvc - ok
20:40:54.0140 0120 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:40:54.0265 0120 Imapi - ok
20:40:54.0328 0120 ImapiService (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
20:40:54.0468 0120 ImapiService - ok
20:40:54.0484 0120 ini910u - ok
20:40:54.0750 0120 IntcAzAudAddService (284bcb80391783d328a8d8163e97fd58) C:\WINDOWS\system32\drivers\RtkHDAud.sys
20:40:55.0031 0120 IntcAzAudAddService - ok
20:40:55.0125 0120 IntelIde - ok
20:40:55.0156 0120 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:40:55.0281 0120 intelppm - ok
20:40:55.0328 0120 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
20:40:55.0453 0120 Ip6Fw - ok
20:40:55.0484 0120 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:40:55.0593 0120 IpFilterDriver - ok
20:40:55.0609 0120 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:40:55.0734 0120 IpInIp - ok
20:40:55.0765 0120 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:40:55.0890 0120 IpNat - ok
20:40:55.0984 0120 iPod Service (e6be7a41a28d8f2db174957454d32448) C:\Programme\iPod\bin\iPodService.exe
20:40:56.0062 0120 iPod Service - ok
20:40:56.0078 0120 Iprip (9843f75e31fb74c5fe757d28150c2b9f) C:\WINDOWS\System32\iprip.dll
20:40:56.0218 0120 Iprip - ok
20:40:56.0250 0120 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:40:56.0375 0120 IPSec - ok
20:40:56.0406 0120 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:40:56.0484 0120 IRENUM - ok
20:40:56.0515 0120 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:40:56.0656 0120 isapnp - ok
20:40:56.0687 0120 JGOGO (c995c0e8b4503fac38793bb0236ad246) C:\WINDOWS\system32\DRIVERS\JGOGO.sys
20:40:56.0718 0120 JGOGO - ok
20:40:56.0734 0120 JRAID (bd29e1a6fcdf66f5e3875da88728feb1) C:\WINDOWS\system32\DRIVERS\jraid.sys
20:40:56.0781 0120 JRAID - ok
20:40:56.0796 0120 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:40:56.0937 0120 Kbdclass - ok
20:40:56.0968 0120 kbdhid (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:40:57.0078 0120 kbdhid - ok
20:40:57.0109 0120 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
20:40:57.0234 0120 kmixer - ok
20:40:57.0265 0120 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
20:40:57.0359 0120 KSecDD - ok
20:40:57.0437 0120 lanmanserver (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
20:40:57.0515 0120 lanmanserver - ok
20:40:57.0546 0120 lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
20:40:57.0609 0120 lanmanworkstation - ok
20:40:57.0609 0120 lbrtfdc - ok
20:40:57.0703 0120 LightScribeService (6e68e520e6f2f5dce97a9ff947038769) C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
20:40:57.0750 0120 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
20:40:57.0750 0120 LightScribeService - detected UnsignedFile.Multi.Generic (1)
20:40:57.0781 0120 LmHosts (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
20:40:57.0906 0120 LmHosts - ok
20:40:57.0953 0120 MBAMProtector (6dfe7f2e8e8a337263aa5c92a215f161) C:\WINDOWS\system32\drivers\mbam.sys
20:40:57.0968 0120 MBAMProtector - ok
20:40:58.0031 0120 MBAMService (43683e970f008c93c9429ef428147a54) C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
20:40:58.0093 0120 MBAMService - ok
20:40:58.0125 0120 Messenger (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
20:40:58.0234 0120 Messenger - ok
20:40:58.0281 0120 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:40:58.0421 0120 mnmdd - ok
20:40:58.0453 0120 mnmsrvc (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
20:40:58.0562 0120 mnmsrvc - ok
20:40:58.0578 0120 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
20:40:58.0703 0120 Modem - ok
20:40:58.0734 0120 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:40:58.0859 0120 Mouclass - ok
20:40:58.0875 0120 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:40:59.0015 0120 mouhid - ok
20:40:59.0031 0120 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
20:40:59.0156 0120 MountMgr - ok
20:40:59.0203 0120 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
20:40:59.0234 0120 MozillaMaintenance - ok
20:40:59.0234 0120 mraid35x - ok
20:40:59.0281 0120 MRENDIS5 (594b9d8194e3f4ecbf0325bd10bbeb05) C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS
20:40:59.0296 0120 MRENDIS5 ( UnsignedFile.Multi.Generic ) - warning
20:40:59.0296 0120 MRENDIS5 - detected UnsignedFile.Multi.Generic (1)
20:40:59.0328 0120 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:40:59.0437 0120 MRxDAV - ok
20:40:59.0484 0120 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:40:59.0593 0120 MRxSmb - ok
20:40:59.0625 0120 MSDTC (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
20:40:59.0765 0120 MSDTC - ok
20:40:59.0796 0120 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
20:40:59.0906 0120 Msfs - ok
20:40:59.0906 0120 MSIServer - ok
20:40:59.0937 0120 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:41:00.0062 0120 MSKSSRV - ok
20:41:00.0078 0120 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:41:00.0187 0120 MSPCLOCK - ok
20:41:00.0203 0120 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
20:41:00.0328 0120 MSPQM - ok
20:41:00.0343 0120 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:41:00.0453 0120 mssmbios - ok
20:41:00.0484 0120 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
20:41:00.0531 0120 MTsensor - ok
20:41:00.0562 0120 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
20:41:00.0609 0120 Mup - ok
20:41:00.0656 0120 napagent (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
20:41:00.0781 0120 napagent - ok
20:41:00.0828 0120 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
20:41:00.0968 0120 NDIS - ok
20:41:01.0000 0120 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:41:01.0046 0120 NdisTapi - ok
20:41:01.0062 0120 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:41:01.0187 0120 Ndisuio - ok
20:41:01.0218 0120 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:41:01.0328 0120 NdisWan - ok
20:41:01.0343 0120 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
20:41:01.0390 0120 NDProxy - ok
20:41:01.0406 0120 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
20:41:01.0515 0120 NetBIOS - ok
20:41:01.0546 0120 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
20:41:01.0687 0120 NetBT - ok
20:41:01.0734 0120 NetDDE (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
20:41:01.0843 0120 NetDDE - ok
20:41:01.0859 0120 NetDDEdsdm (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
20:41:01.0953 0120 NetDDEdsdm - ok
20:41:01.0968 0120 Netlogon (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:41:02.0093 0120 Netlogon - ok
20:41:02.0125 0120 Netman (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
20:41:02.0218 0120 Netman - ok
20:41:02.0343 0120 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:41:02.0390 0120 NetTcpPortSharing - ok
20:41:02.0421 0120 Nla (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
20:41:02.0437 0120 Nla - ok
20:41:02.0484 0120 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
20:41:02.0593 0120 Npfs - ok
20:41:02.0640 0120 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
20:41:02.0781 0120 Ntfs - ok
20:41:02.0796 0120 NtLmSsp (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:41:02.0890 0120 NtLmSsp - ok
20:41:02.0953 0120 NtmsSvc (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
20:41:03.0078 0120 NtmsSvc - ok
20:41:03.0093 0120 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
20:41:03.0125 0120 NuidFltr - ok
20:41:03.0156 0120 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:41:03.0265 0120 Null - ok
20:41:03.0515 0120 nv (ba1b732c1a70cfea0c1b64f2850bf44f) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:41:03.0750 0120 nv - ok
20:41:03.0875 0120 NVSvc (0febe37db6650faa5965c00545009d1d) C:\WINDOWS\system32\nvsvc32.exe
20:41:03.0937 0120 NVSvc - ok
20:41:03.0968 0120 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:41:04.0093 0120 NwlnkFlt - ok
20:41:04.0093 0120 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:41:04.0218 0120 NwlnkFwd - ok
20:41:04.0250 0120 p2pgasvc (9bad7edcfee78ff3b3d852e881633c6a) C:\WINDOWS\system32\p2pgasvc.dll
20:41:04.0359 0120 p2pgasvc - ok
20:41:04.0421 0120 p2pimsvc (02ebbece9fb4a4811ad3c4bb55cced0c) C:\WINDOWS\system32\p2psvc.dll
20:41:04.0546 0120 p2pimsvc - ok
20:41:04.0562 0120 p2psvc (02ebbece9fb4a4811ad3c4bb55cced0c) C:\WINDOWS\system32\p2psvc.dll
20:41:04.0671 0120 p2psvc - ok
20:41:04.0703 0120 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
20:41:04.0843 0120 Parport - ok
20:41:04.0875 0120 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
20:41:04.0984 0120 PartMgr - ok
20:41:05.0015 0120 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
20:41:05.0125 0120 ParVdm - ok
20:41:05.0140 0120 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
20:41:05.0250 0120 PCI - ok
20:41:05.0265 0120 PCIDump - ok
20:41:05.0296 0120 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
20:41:05.0437 0120 PCIIde - ok
20:41:05.0468 0120 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
20:41:05.0578 0120 Pcmcia - ok
20:41:05.0593 0120 PDCOMP - ok
20:41:05.0609 0120 PDFRAME - ok
20:41:05.0625 0120 PDRELI - ok
20:41:05.0625 0120 PDRFRAME - ok
20:41:05.0640 0120 perc2 - ok
20:41:05.0656 0120 perc2hib - ok
20:41:05.0734 0120 PlugPlay (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
20:41:05.0750 0120 PlugPlay - ok
20:41:05.0781 0120 Pml Driver HPZ12 (5c1cadd1cb67c0b9d8a84ec6e4d6b5cc) C:\WINDOWS\system32\HPZipm12.exe
20:41:05.0828 0120 Pml Driver HPZ12 - ok
20:41:05.0843 0120 PNRPSvc (02ebbece9fb4a4811ad3c4bb55cced0c) C:\WINDOWS\system32\p2psvc.dll
20:41:05.0937 0120 PNRPSvc - ok
20:41:05.0968 0120 Point32 (3b6973d60bde757c53bb76842d31318e) C:\WINDOWS\system32\DRIVERS\point32.sys
20:41:06.0015 0120 Point32 - ok
20:41:06.0031 0120 PolicyAgent (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:41:06.0140 0120 PolicyAgent - ok
20:41:06.0171 0120 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:41:06.0296 0120 PptpMiniport - ok
20:41:06.0312 0120 ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:41:06.0406 0120 ProtectedStorage - ok
20:41:06.0421 0120 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
20:41:06.0546 0120 PSched - ok
20:41:06.0578 0120 PSI (d24dfd16a1e2a76034df5aa18125c35d) C:\WINDOWS\system32\DRIVERS\psi_mf.sys
20:41:06.0593 0120 PSI - ok
20:41:06.0609 0120 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:41:06.0734 0120 Ptilink - ok
20:41:06.0734 0120 ql1080 - ok
20:41:06.0765 0120 Ql10wnt - ok
20:41:06.0781 0120 ql12160 - ok
20:41:06.0796 0120 ql1240 - ok
20:41:06.0812 0120 ql1280 - ok
20:41:06.0828 0120 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:41:06.0953 0120 RasAcd - ok
20:41:06.0984 0120 RasAuto (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
20:41:07.0093 0120 RasAuto - ok
20:41:07.0125 0120 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:41:07.0234 0120 Rasl2tp - ok
20:41:07.0281 0120 RasMan (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
20:41:07.0437 0120 RasMan - ok
20:41:07.0437 0120 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:41:07.0562 0120 RasPppoe - ok
20:41:07.0593 0120 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:41:07.0687 0120 Raspti - ok
20:41:07.0718 0120 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:41:07.0843 0120 Rdbss - ok
20:41:07.0875 0120 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:41:08.0000 0120 RDPCDD - ok
20:41:08.0046 0120 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
20:41:08.0125 0120 RDPWD - ok
20:41:08.0156 0120 RDSessMgr (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
20:41:08.0265 0120 RDSessMgr - ok
20:41:08.0296 0120 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:41:08.0453 0120 redbook - ok
20:41:08.0484 0120 RemoteAccess (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
20:41:08.0593 0120 RemoteAccess - ok
20:41:08.0609 0120 RimUsb - ok
20:41:08.0640 0120 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\WINDOWS\system32\DRIVERS\RimSerial.sys
20:41:08.0718 0120 RimVSerPort - ok
20:41:08.0734 0120 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
20:41:08.0843 0120 ROOTMODEM - ok
20:41:08.0875 0120 RpcLocator (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
20:41:09.0000 0120 RpcLocator - ok
20:41:09.0046 0120 RpcSs (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\System32\rpcss.dll
20:41:09.0093 0120 RpcSs - ok
20:41:09.0109 0120 RSVP (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
20:41:09.0218 0120 RSVP - ok
20:41:09.0250 0120 RTL8023xp (911e07056b865760c0762f6221145999) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
20:41:09.0343 0120 RTL8023xp - ok
20:41:09.0421 0120 RTL8192cu (5b3a5bc13614fffa1be65d434688ed3f) C:\WINDOWS\system32\DRIVERS\RTL8192cu.sys
20:41:09.0515 0120 RTL8192cu - ok
20:41:09.0531 0120 SamSs (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:41:09.0625 0120 SamSs - ok
20:41:09.0656 0120 SCardSvr (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
20:41:09.0781 0120 SCardSvr - ok
20:41:09.0828 0120 Schedule (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
20:41:09.0968 0120 Schedule - ok
20:41:09.0984 0120 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:41:10.0046 0120 Secdrv - ok
20:41:10.0078 0120 seclogon (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
20:41:10.0187 0120 seclogon - ok
20:41:10.0250 0120 Secunia PSI Agent - ok
20:41:10.0265 0120 Secunia Update Agent - ok
20:41:10.0281 0120 SENS (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
20:41:10.0390 0120 SENS - ok
20:41:10.0421 0120 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
20:41:10.0546 0120 serenum - ok
20:41:10.0562 0120 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
20:41:10.0687 0120 Serial - ok
20:41:10.0718 0120 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
20:41:10.0843 0120 Sfloppy - ok
20:41:10.0890 0120 SharedAccess (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
20:41:11.0031 0120 SharedAccess - ok
20:41:11.0062 0120 ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:41:11.0078 0120 ShellHWDetection - ok
20:41:11.0093 0120 Simbad - ok
20:41:11.0125 0120 SimpTcp (7a1a532f14fde28489dc349c6e404a67) C:\WINDOWS\system32\tcpsvcs.exe
20:41:11.0234 0120 SimpTcp - ok
20:41:11.0281 0120 SNMP (708a1b41e7e850b2b1309073551cbd53) C:\WINDOWS\System32\snmp.exe
20:41:11.0375 0120 SNMP - ok
20:41:11.0406 0120 SNMPTRAP (0702e1d16b7003049918595057f3904f) C:\WINDOWS\System32\snmptrap.exe
20:41:11.0500 0120 SNMPTRAP - ok
20:41:11.0515 0120 Sparrow - ok
20:41:11.0546 0120 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
20:41:11.0656 0120 splitter - ok
20:41:11.0703 0120 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
20:41:11.0750 0120 Spooler - ok
20:41:11.0765 0120 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
20:41:11.0843 0120 sr - ok
20:41:11.0859 0120 srservice (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
20:41:11.0937 0120 srservice - ok
20:41:11.0968 0120 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
20:41:12.0031 0120 Srv - ok
20:41:12.0046 0120 SSDPSRV (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
20:41:12.0109 0120 SSDPSRV - ok
20:41:12.0140 0120 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
20:41:12.0171 0120 ssmdrv - ok
20:41:12.0218 0120 stisvc (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
20:41:12.0343 0120 stisvc - ok
20:41:12.0375 0120 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:41:12.0468 0120 swenum - ok
20:41:12.0500 0120 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
20:41:12.0593 0120 swmidi - ok
20:41:12.0609 0120 SwPrv - ok
20:41:12.0640 0120 symc810 - ok
20:41:12.0640 0120 symc8xx - ok
20:41:12.0656 0120 sym_hi - ok
20:41:12.0671 0120 sym_u3 - ok
20:41:12.0703 0120 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
20:41:12.0812 0120 sysaudio - ok
20:41:12.0843 0120 SysmonLog (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
20:41:12.0953 0120 SysmonLog - ok
20:41:13.0000 0120 TapiSrv (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
20:41:13.0125 0120 TapiSrv - ok
20:41:13.0171 0120 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:41:13.0250 0120 Tcpip - ok
20:41:13.0281 0120 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:41:13.0375 0120 TDPIPE - ok
20:41:13.0406 0120 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
20:41:13.0531 0120 TDTCP - ok
20:41:13.0546 0120 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:41:13.0656 0120 TermDD - ok
20:41:13.0703 0120 TermService (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
20:41:13.0843 0120 TermService - ok
20:41:13.0875 0120 Themes (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:41:13.0890 0120 Themes - ok
20:41:13.0906 0120 TosIde - ok
20:41:13.0921 0120 TrkWks (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
20:41:14.0031 0120 TrkWks - ok
20:41:14.0062 0120 tunmp (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys
20:41:14.0171 0120 tunmp - ok
20:41:14.0203 0120 uagp35 (d85938f272d1bcf3db3a31fc0a048928) C:\WINDOWS\system32\DRIVERS\uagp35.sys
20:41:14.0296 0120 uagp35 - ok
20:41:14.0328 0120 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
20:41:14.0437 0120 Udfs - ok
20:41:14.0453 0120 ultra - ok
20:41:14.0500 0120 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
20:41:14.0625 0120 Update - ok
20:41:14.0656 0120 upnphost (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
20:41:14.0750 0120 upnphost - ok
20:41:14.0765 0120 UPS (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
20:41:14.0890 0120 UPS - ok
20:41:14.0921 0120 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\WINDOWS\system32\Drivers\usbaapl.sys
20:41:14.0984 0120 USBAAPL - ok
20:41:15.0015 0120 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:41:15.0109 0120 usbccgp - ok
20:41:15.0140 0120 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:41:15.0250 0120 usbehci - ok
20:41:15.0265 0120 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:41:15.0359 0120 usbhub - ok
20:41:15.0375 0120 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:41:15.0484 0120 usbprint - ok
20:41:15.0500 0120 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:41:15.0609 0120 usbscan - ok
20:41:15.0625 0120 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:41:15.0750 0120 usbstor - ok
20:41:15.0765 0120 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:41:15.0875 0120 usbuhci - ok
20:41:15.0890 0120 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
20:41:16.0015 0120 VgaSave - ok
20:41:16.0031 0120 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
20:41:16.0125 0120 ViaIde - ok
20:41:16.0156 0120 videX32 (c8ee49fa76eb7c41a9cddfe58151a74e) C:\WINDOWS\system32\DRIVERS\videX32.sys
20:41:16.0203 0120 videX32 - ok
20:41:16.0234 0120 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
20:41:16.0328 0120 VolSnap - ok
20:41:16.0375 0120 VSS (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
20:41:16.0453 0120 VSS - ok
20:41:16.0500 0120 W32Time (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
20:41:16.0609 0120 W32Time - ok
20:41:16.0640 0120 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:41:16.0734 0120 Wanarp - ok
20:41:16.0796 0120 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
20:41:16.0843 0120 Wdf01000 - ok
20:41:16.0843 0120 WDICA - ok
20:41:16.0890 0120 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
20:41:17.0015 0120 wdmaud - ok
20:41:17.0046 0120 WebClient (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
20:41:17.0156 0120 WebClient - ok
20:41:17.0234 0120 winmgmt (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
20:41:17.0359 0120 winmgmt - ok
20:41:17.0421 0120 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
20:41:17.0484 0120 WmdmPmSN - ok
20:41:17.0531 0120 WmiApSrv (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:41:17.0656 0120 WmiApSrv - ok
20:41:17.0781 0120 WMPNetworkSvc (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
20:41:17.0875 0120 WMPNetworkSvc - ok
20:41:17.0921 0120 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:41:18.0031 0120 WS2IFSL - ok
20:41:18.0062 0120 wscsvc (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
20:41:18.0171 0120 wscsvc - ok
20:41:18.0203 0120 wuauserv (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
20:41:18.0312 0120 wuauserv - ok
20:41:18.0359 0120 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:41:18.0406 0120 WudfPf - ok
20:41:18.0437 0120 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:41:18.0484 0120 WudfRd - ok
20:41:18.0500 0120 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
20:41:18.0531 0120 WudfSvc - ok
20:41:18.0593 0120 WZCSVC (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
20:41:18.0687 0120 WZCSVC - ok
20:41:18.0718 0120 xfilt (fcbc27869092850cdb75139f3818653a) C:\WINDOWS\system32\DRIVERS\xfilt.sys
20:41:18.0750 0120 xfilt - ok
20:41:18.0796 0120 xmlprov (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
20:41:18.0921 0120 xmlprov - ok
20:41:18.0968 0120 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
20:41:19.0406 0120 \Device\Harddisk0\DR0 - ok
20:41:19.0421 0120 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk5\DR11
20:41:20.0093 0120 \Device\Harddisk5\DR11 - ok
20:41:20.0109 0120 Boot (0x1200) (14b4c6e1d797a881e439dd6d00df6bab) \Device\Harddisk0\DR0\Partition0
20:41:20.0109 0120 \Device\Harddisk0\DR0\Partition0 - ok
20:41:20.0125 0120 Boot (0x1200) (aea75a07b27c829b66c3a29100410709) \Device\Harddisk0\DR0\Partition1
20:41:20.0125 0120 \Device\Harddisk0\DR0\Partition1 - ok
20:41:20.0140 0120 Boot (0x1200) (d38f144be31fdffe926adc1c43539296) \Device\Harddisk5\DR11\Partition0
20:41:20.0140 0120 \Device\Harddisk5\DR11\Partition0 - ok
20:41:20.0140 0120 ============================================================
20:41:20.0140 0120 Scan finished
20:41:20.0140 0120 ============================================================
20:41:20.0281 3384 Detected object count: 2
20:41:20.0281 3384 Actual detected object count: 2
20:44:55.0046 3384 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
20:44:55.0046 3384 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:44:55.0046 3384 MRENDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user
20:44:55.0046 3384 MRENDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:45:09.0125 0408 Deinitialize success
|
|
07.08.2012, 13:58
| #20 |
| /// Helfer-Team | BKA-Trojaner "GEMA / SUISA / GVU 2.03", Windows XP Java aktualisieren Dein Java ist nicht mehr aktuell. Älter Versionen enthalten Sicherheitslücken, die von Malware missbraucht werden können.
Dann so einstellen: http://www.trojaner-board.de/105213-...tellungen.html |
|
07.08.2012, 20:10
| #21 |
| | BKA-Trojaner "GEMA / SUISA / GVU 2.03", Windows XP Hi t'john Alles abgearbeitet. Zwischendurch bedanke ich mich herzlich für Deinen geleisteten Support. Die Anweisungen kommen schneller als ich sie ausführen kann und dies zu fast jeder Tageszeit...wow, wann schläft der Mann, frage ich mich. Grüsse |
|
07.08.2012, 20:14
| #22 |
| /// Helfer-Team | BKA-Trojaner "GEMA / SUISA / GVU 2.03", Windows XP Sehr gut! damit bist Du sauber und entlassen!  Combofix deinstallieren Bitte vor der folgenden Aktion wieder temporär Antivirus-Programm, evtl. vorhandenes Skript-Blocking (Norton) und Anti-Malware Programme deaktivieren. Start => Ausführen => dort reinschreiben ComboFix /Uninstall => Enter drücken Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert, damit auch daraus die Schädlinge verschwinden. Es wird ein neuer Systemwiederherstellungspunkt erstellt. Gleichzeitig setzt Combofix die Zeiteinstellungen wieder auf die Ursprungseinstellungen, und setzt die Systemeinstellungen wieder so zurück, dass Dateierweiterungen und Systemdateien versteckt sind, was Du bei Bedarf im Explorer unter Extras => Ordneroptionen aber wieder ändern bzw. Deinen persönlichen Vorlieben entsprechend anpassen kannst. adwCleaner entfernen
Tool-Bereinigung mit OTL Wir werden nun die CleanUp!-Funktion von OTL nutzen, um die meisten Programme, die wir zur Bereinigung installiert haben, wieder von Deinem System zu löschen.
Zurücksetzen der Sicherheitszonen Lasse die Sicherheitszonen wieder zurücksetzen, da diese manipuliert wurden um den Browser für weitere Angriffe zu öffnen. Gehe dabei so vor: http://www.trojaner-board.de/111805-...ecksetzen.html Aufräumen mit CCleaner Lasse mit CCleaner (Download) (Anleitung) Fehler in der
Lektuere zum abarbeiten: http://www.trojaner-board.de/90880-d...tallation.html http://www.trojaner-board.de/105213-...tellungen.html PluginCheck http://www.trojaner-board.de/96344-a...-rechners.html Secunia Online Software Inspector http://www.trojaner-board.de/71715-k...iendungen.html http://www.trojaner-board.de/83238-a...sschalten.html PC wird immer langsamer - was tun? |
|
07.08.2012, 22:40
| #23 | |
| | BKA-Trojaner "GEMA / SUISA / GVU 2.03", Windows XP Hi t'john freut mich zu hören, dass ich nicht mehr  bin ;-)Ich kann mit CCleaner die Registry-Fehler beheben (es sind jede Menge!)? Wäre Jammerschade, wenn mein System auf der Ziellinie das zeitliche segnet: Zitat:
|
|
07.08.2012, 23:32
| #24 |
| /// Helfer-Team | BKA-Trojaner "GEMA / SUISA / GVU 2.03", Windows XP Schoen, dass dir das auffaellt! Ich verlinke die Anleitung, weil man es nicht aus Spass tun soll. Hier ist es aber geboten. |
|
09.08.2012, 21:12
| #25 | |
| | BKA-Trojaner "GEMA / SUISA / GVU 2.03", Windows XP Hi t'john Ich will ja auch was dazulernen. Habe die Registry gefixed - bis auf einen, der will nicht: Code:
ATTFilter Ungenutzte Datei-Endungen {80b8c23c-16e0-4cd8-bbc3-cecec9a78b79} HKCR\{80b8c23c-16e0-4cd8-bbc3-cecec9a78b79}
Nun bin ich clean und genauso sicher unterwegs, wie bevor ich den Trojaner eingefangen habe? Ich will weder nerven noch klugscheissen, aber die Gretchenfrage steht immer noch im Raum: Zitat:
|
|
10.08.2012, 12:36
| #26 | ||||
| /// Helfer-Team | BKA-Trojaner "GEMA / SUISA / GVU 2.03", Windows XPZitat:
Zitat:
Zitat:
Zitat:
 |
|
| Themen zu BKA-Trojaner "GEMA / SUISA / GVU 2.03", Windows XP |
| .dll, administrator, antivirus, avg, blockiert, desktop, dllhost.exe, exp/java.niabil.gen, explorer, juli 2012, kaspersky, locker, log, microsoft, pdf, programm, programme, registry, rundll, scan, services.exe, software, svchost.exe, updates, verweise, warnung, windows, windows xp, windowsunlocker, winlogon.exe |
Linear-Darstellung
