| |
| |||||||
Log-Analyse und Auswertung: Hilfe zur Entfernung des "Live Security Platinum" TrojanersWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
13.08.2012, 18:20
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Hilfe zur Entfernung des "Live Security Platinum" Trojaners Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C  nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.08.2012, 22:32
| #17 |
 | Hilfe zur Entfernung des "Live Security Platinum" Trojaners OK, habe den TDSSKiller ausgeführt wie beschrieben, hier das Log.
__________________Code:
ATTFilter 23:24:22.0531 1408 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
23:24:23.0078 1408 ============================================================
23:24:23.0093 1408 Current date / time: 2012/08/13 23:24:23.0078
23:24:23.0093 1408 SystemInfo:
23:24:23.0093 1408
23:24:23.0093 1408 OS Version: 5.1.2600 ServicePack: 3.0
23:24:23.0093 1408 Product type: Workstation
23:24:23.0093 1408 ComputerName: DEEPBLUE
23:24:23.0093 1408 UserName: Michael
23:24:23.0093 1408 Windows directory: C:\WINDOWS
23:24:23.0093 1408 System windows directory: C:\WINDOWS
23:24:23.0093 1408 Processor architecture: Intel x86
23:24:23.0093 1408 Number of processors: 2
23:24:23.0093 1408 Page size: 0x1000
23:24:23.0093 1408 Boot type: Normal boot
23:24:23.0093 1408 ============================================================
23:24:23.0968 1408 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
23:24:23.0984 1408 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
23:24:24.0015 1408 ============================================================
23:24:24.0015 1408 \Device\Harddisk0\DR0:
23:24:24.0015 1408 MBR partitions:
23:24:24.0015 1408 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x963084C
23:24:24.0031 1408 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x96308CA, BlocksNum 0x186A62DB
23:24:24.0062 1408 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x21CD6BE4, BlocksNum 0x186AA19C
23:24:24.0062 1408 \Device\Harddisk1\DR1:
23:24:24.0062 1408 MBR partitions:
23:24:24.0062 1408 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
23:24:24.0062 1408 ============================================================
23:24:24.0093 1408 C: <-> \Device\Harddisk0\DR0\Partition0
23:24:24.0140 1408 D: <-> \Device\Harddisk0\DR0\Partition1
23:24:24.0187 1408 E: <-> \Device\Harddisk0\DR0\Partition2
23:24:24.0218 1408 H: <-> \Device\Harddisk1\DR1\Partition0
23:24:24.0218 1408 ============================================================
23:24:24.0218 1408 Initialize success
23:24:24.0218 1408 ============================================================
23:25:34.0328 3516 ============================================================
23:25:34.0328 3516 Scan started
23:25:34.0328 3516 Mode: Manual; SigCheck; TDLFS;
23:25:34.0328 3516 ============================================================
23:25:34.0468 3516 Abiosdsk - ok
23:25:34.0468 3516 abp480n5 - ok
23:25:34.0500 3516 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
23:25:35.0421 3516 ACPI - ok
23:25:35.0453 3516 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
23:25:35.0546 3516 ACPIEC - ok
23:25:35.0609 3516 AdobeActiveFileMonitor7.0 (3fd8dc2c9735c2aa70155102cfb93eda) C:\Programme\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
23:25:35.0625 3516 AdobeActiveFileMonitor7.0 - ok
23:25:35.0671 3516 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:25:35.0687 3516 AdobeFlashPlayerUpdateSvc - ok
23:25:35.0687 3516 adpu160m - ok
23:25:35.0703 3516 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
23:25:35.0765 3516 aec - ok
23:25:35.0796 3516 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
23:25:35.0843 3516 AFD - ok
23:25:35.0843 3516 Aha154x - ok
23:25:35.0843 3516 aic78u2 - ok
23:25:35.0859 3516 aic78xx - ok
23:25:35.0890 3516 aksfridge (730e9d3bb324fb1899005aea63c6782d) C:\WINDOWS\system32\drivers\aksfridge.sys
23:25:35.0921 3516 aksfridge - ok
23:25:35.0953 3516 Alerter (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
23:25:36.0015 3516 Alerter - ok
23:25:36.0031 3516 ALG (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
23:25:36.0093 3516 ALG - ok
23:25:36.0093 3516 AliIde - ok
23:25:36.0093 3516 amsint - ok
23:25:36.0140 3516 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Programme\Avira\AntiVir Desktop\sched.exe
23:25:36.0140 3516 AntiVirSchedulerService - ok
23:25:36.0171 3516 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Programme\Avira\AntiVir Desktop\avguard.exe
23:25:36.0187 3516 AntiVirService - ok
23:25:36.0187 3516 AppMgmt - ok
23:25:36.0187 3516 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
23:25:36.0265 3516 Arp1394 - ok
23:25:36.0265 3516 asc - ok
23:25:36.0265 3516 asc3350p - ok
23:25:36.0265 3516 asc3550 - ok
23:25:36.0296 3516 Aspi32 (b979979ab8027f7f53fb16ec4229b7db) C:\WINDOWS\system32\drivers\Aspi32.sys
23:25:36.0312 3516 Aspi32 ( UnsignedFile.Multi.Generic ) - warning
23:25:36.0312 3516 Aspi32 - detected UnsignedFile.Multi.Generic (1)
23:25:36.0359 3516 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
23:25:36.0421 3516 aspnet_state - ok
23:25:36.0437 3516 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:25:36.0500 3516 AsyncMac - ok
23:25:36.0515 3516 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
23:25:36.0578 3516 atapi - ok
23:25:36.0578 3516 Atdisk - ok
23:25:36.0609 3516 atksgt (5b80e84af6b02ecab72dae9afee06309) C:\WINDOWS\system32\DRIVERS\atksgt.sys
23:25:36.0609 3516 atksgt ( UnsignedFile.Multi.Generic ) - warning
23:25:36.0609 3516 atksgt - detected UnsignedFile.Multi.Generic (1)
23:25:36.0640 3516 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
23:25:36.0687 3516 Atmarpc - ok
23:25:36.0718 3516 AudioSrv (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
23:25:36.0781 3516 AudioSrv - ok
23:25:36.0796 3516 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
23:25:36.0859 3516 audstub - ok
23:25:36.0875 3516 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
23:25:36.0937 3516 avgntflt - ok
23:25:36.0968 3516 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\WINDOWS\system32\DRIVERS\avipbb.sys
23:25:36.0968 3516 avipbb - ok
23:25:36.0968 3516 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys
23:25:36.0984 3516 avkmgr - ok
23:25:37.0046 3516 AVM WLAN Connection Service (55bdaf9d7ede7eebd99b068546ed9c1a) C:\Programme\avmwlanstick\WlanNetService.exe
23:25:37.0062 3516 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - warning
23:25:37.0062 3516 AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic (1)
23:25:37.0078 3516 avmeject (263cf9d248fd5e020a1333ed4f7eaa88) C:\WINDOWS\system32\drivers\avmeject.sys
23:25:37.0078 3516 avmeject ( UnsignedFile.Multi.Generic ) - warning
23:25:37.0078 3516 avmeject - detected UnsignedFile.Multi.Generic (1)
23:25:37.0093 3516 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
23:25:37.0156 3516 Beep - ok
23:25:37.0171 3516 Browser (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
23:25:37.0250 3516 Browser - ok
23:25:37.0265 3516 C-DillaCdaC11BA (3de014dfc14e8530f3a85572e2763446) C:\WINDOWS\system32\drivers\CDAC11BA.EXE
23:25:37.0265 3516 C-DillaCdaC11BA ( UnsignedFile.Multi.Generic ) - warning
23:25:37.0265 3516 C-DillaCdaC11BA - detected UnsignedFile.Multi.Generic (1)
23:25:37.0281 3516 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
23:25:37.0359 3516 cbidf2k - ok
23:25:37.0390 3516 CBN (946595da193c5b49062fdf23bde5c764) C:\WINDOWS\System32\Drivers\CBN.SYS
23:25:37.0390 3516 CBN ( UnsignedFile.Multi.Generic ) - warning
23:25:37.0390 3516 CBN - detected UnsignedFile.Multi.Generic (1)
23:25:37.0390 3516 cd20xrnt - ok
23:25:37.0406 3516 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
23:25:37.0468 3516 Cdaudio - ok
23:25:37.0484 3516 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
23:25:37.0546 3516 Cdfs - ok
23:25:37.0578 3516 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
23:25:37.0640 3516 Cdrom - ok
23:25:37.0640 3516 Changer - ok
23:25:37.0656 3516 CiSvc (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
23:25:37.0718 3516 CiSvc - ok
23:25:37.0734 3516 ClipSrv (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
23:25:37.0796 3516 ClipSrv - ok
23:25:37.0843 3516 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:25:37.0906 3516 clr_optimization_v2.0.50727_32 - ok
23:25:37.0953 3516 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:25:37.0968 3516 clr_optimization_v4.0.30319_32 - ok
23:25:37.0968 3516 CmdIde - ok
23:25:37.0968 3516 COMSysApp - ok
23:25:37.0968 3516 Cpqarray - ok
23:25:37.0984 3516 CryptSvc (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
23:25:38.0046 3516 CryptSvc - ok
23:25:38.0062 3516 CVirtA (b5ecadf7708960f1818c7fa015f4c239) C:\WINDOWS\system32\DRIVERS\CVirtA.sys
23:25:38.0078 3516 CVirtA - ok
23:25:38.0078 3516 dac2w2k - ok
23:25:38.0078 3516 dac960nt - ok
23:25:38.0125 3516 DcomLaunch (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
23:25:38.0156 3516 DcomLaunch - ok
23:25:38.0171 3516 Dhcp (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
23:25:38.0250 3516 Dhcp - ok
23:25:38.0281 3516 DigiCellDriver (ca2c652f167da4271ba6b34c6255f159) C:\Programme\MSI\DualCoreCenter\NTGLM7X.sys
23:25:38.0296 3516 DigiCellDriver ( UnsignedFile.Multi.Generic ) - warning
23:25:38.0296 3516 DigiCellDriver - detected UnsignedFile.Multi.Generic (1)
23:25:38.0343 3516 DirMngr (4f26bb00747d41e7c0fe8ebb2900f862) C:\Programme\GNU\GnuPG\dirmngr.exe
23:25:38.0359 3516 DirMngr ( UnsignedFile.Multi.Generic ) - warning
23:25:38.0359 3516 DirMngr - detected UnsignedFile.Multi.Generic (1)
23:25:38.0375 3516 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
23:25:38.0421 3516 Disk - ok
23:25:38.0437 3516 dmadmin - ok
23:25:38.0468 3516 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
23:25:38.0546 3516 dmboot - ok
23:25:38.0562 3516 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
23:25:38.0640 3516 dmio - ok
23:25:38.0656 3516 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
23:25:38.0718 3516 dmload - ok
23:25:38.0734 3516 dmserver (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
23:25:38.0812 3516 dmserver - ok
23:25:38.0812 3516 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
23:25:38.0875 3516 DMusic - ok
23:25:38.0906 3516 Dnscache (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
23:25:38.0968 3516 Dnscache - ok
23:25:38.0984 3516 Dot3svc (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
23:25:39.0062 3516 Dot3svc - ok
23:25:39.0093 3516 dot4 (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys
23:25:39.0156 3516 dot4 - ok
23:25:39.0171 3516 Dot4Print (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
23:25:39.0234 3516 Dot4Print - ok
23:25:39.0234 3516 dot4usb (29e86af2f3457d0441348020fe3cfbd0) C:\WINDOWS\system32\DRIVERS\dot4usb.sys
23:25:39.0296 3516 dot4usb - ok
23:25:39.0296 3516 dpti2o - ok
23:25:39.0312 3516 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
23:25:39.0375 3516 drmkaud - ok
23:25:39.0406 3516 DT T-Sinus 130data(R) (2136cd5ed0f09bdf2abb45b5ae8b6ed7) C:\WINDOWS\system32\DRIVERS\dtusbxp.sys
23:25:39.0406 3516 DT T-Sinus 130data(R) ( UnsignedFile.Multi.Generic ) - warning
23:25:39.0406 3516 DT T-Sinus 130data(R) - detected UnsignedFile.Multi.Generic (1)
23:25:39.0421 3516 EapHost (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
23:25:39.0484 3516 EapHost - ok
23:25:39.0500 3516 ERSvc (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
23:25:39.0562 3516 ERSvc - ok
23:25:39.0593 3516 Eventlog (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
23:25:39.0609 3516 Eventlog - ok
23:25:39.0640 3516 EventSystem (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
23:25:39.0687 3516 EventSystem - ok
23:25:39.0718 3516 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
23:25:39.0781 3516 Fastfat - ok
23:25:39.0812 3516 FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
23:25:39.0843 3516 FastUserSwitchingCompatibility - ok
23:25:39.0859 3516 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
23:25:39.0906 3516 Fdc - ok
23:25:39.0921 3516 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
23:25:39.0984 3516 Fips - ok
23:25:40.0046 3516 FLEXnet Licensing Service (f76d04f7413b07daa029f6520b64b4e8) C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
23:25:40.0062 3516 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
23:25:40.0062 3516 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
23:25:40.0062 3516 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
23:25:40.0125 3516 Flpydisk - ok
23:25:40.0140 3516 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
23:25:40.0203 3516 FltMgr - ok
23:25:40.0250 3516 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
23:25:40.0265 3516 FontCache3.0.0.0 - ok
23:25:40.0265 3516 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:25:40.0328 3516 Fs_Rec - ok
23:25:40.0359 3516 FTDIBUS (a36e8beedb3aaca09bf55a1d17904bc8) C:\WINDOWS\system32\drivers\ftdibus.sys
23:25:40.0359 3516 FTDIBUS - ok
23:25:40.0359 3516 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
23:25:40.0437 3516 Ftdisk - ok
23:25:40.0453 3516 FTSER2K (a14a1f4bb391df9c233cb5dbd05feb70) C:\WINDOWS\system32\drivers\ftser2k.sys
23:25:40.0453 3516 FTSER2K - ok
23:25:40.0484 3516 FWLANUSB (ff12fa487265da2ac7de4be53f72ff1a) C:\WINDOWS\system32\DRIVERS\fwlanusb.sys
23:25:40.0515 3516 FWLANUSB - ok
23:25:40.0515 3516 GMSIPCI - ok
23:25:40.0531 3516 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
23:25:40.0593 3516 Gpc - ok
23:25:40.0640 3516 hardlock (a9d587e31dbee3e9bd97fefece0ba874) C:\WINDOWS\system32\drivers\hardlock.sys
23:25:40.0656 3516 hardlock - ok
23:25:40.0656 3516 hasplms - ok
23:25:40.0687 3516 hcmon (eebe6b4d6c95aede577af9a8060963c8) C:\WINDOWS\system32\Drivers\hcmon.sys
23:25:40.0687 3516 hcmon ( UnsignedFile.Multi.Generic ) - warning
23:25:40.0687 3516 hcmon - detected UnsignedFile.Multi.Generic (1)
23:25:40.0703 3516 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
23:25:40.0765 3516 HDAudBus - ok
23:25:40.0796 3516 helpsvc (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
23:25:40.0859 3516 helpsvc - ok
23:25:40.0859 3516 HidServ - ok
23:25:40.0875 3516 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
23:25:40.0937 3516 HidUsb - ok
23:25:40.0968 3516 hkmsvc (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
23:25:41.0031 3516 hkmsvc - ok
23:25:41.0031 3516 hpn - ok
23:25:41.0062 3516 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
23:25:41.0109 3516 HTTP - ok
23:25:41.0125 3516 HTTPFilter (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
23:25:41.0203 3516 HTTPFilter - ok
23:25:41.0203 3516 i2omgmt - ok
23:25:41.0203 3516 i2omp - ok
23:25:41.0218 3516 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
23:25:41.0265 3516 i8042prt - ok
23:25:41.0359 3516 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:25:41.0390 3516 idsvc - ok
23:25:41.0437 3516 IGDCTRL (e28602c9e17b0ddce9f5deb3b3e2a635) C:\Programme\FRITZ!DSL\IGDCTRL.EXE
23:25:41.0437 3516 IGDCTRL - ok
23:25:41.0453 3516 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
23:25:41.0515 3516 Imapi - ok
23:25:41.0531 3516 ImapiService (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
23:25:41.0609 3516 ImapiService - ok
23:25:41.0609 3516 ini910u - ok
23:25:41.0796 3516 IntcAzAudAddService (001aaca6ed0e6b00fc5b8faf74977e81) C:\WINDOWS\system32\drivers\RtkHDAud.sys
23:25:41.0921 3516 IntcAzAudAddService - ok
23:25:42.0046 3516 IntelIde - ok
23:25:42.0046 3516 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
23:25:42.0109 3516 intelppm - ok
23:25:42.0140 3516 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
23:25:42.0203 3516 Ip6Fw - ok
23:25:42.0234 3516 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:25:42.0296 3516 IpFilterDriver - ok
23:25:42.0312 3516 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
23:25:42.0390 3516 IpInIp - ok
23:25:42.0406 3516 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
23:25:42.0468 3516 IpNat - ok
23:25:42.0484 3516 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
23:25:42.0531 3516 IPSec - ok
23:25:42.0546 3516 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
23:25:42.0609 3516 IRENUM - ok
23:25:42.0625 3516 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
23:25:42.0687 3516 isapnp - ok
23:25:42.0750 3516 JavaQuickStarterService (890369aed0dde1a98f09f7dc239ca2bd) C:\Programme\Java\jre6\bin\jqs.exe
23:25:42.0765 3516 JavaQuickStarterService - ok
23:25:42.0765 3516 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
23:25:42.0828 3516 Kbdclass - ok
23:25:42.0828 3516 kbdhid (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
23:25:42.0890 3516 kbdhid - ok
23:25:42.0890 3516 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
23:25:42.0953 3516 kmixer - ok
23:25:42.0968 3516 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
23:25:43.0000 3516 KSecDD - ok
23:25:43.0031 3516 lanmanserver (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
23:25:43.0078 3516 lanmanserver - ok
23:25:43.0093 3516 lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
23:25:43.0109 3516 lanmanworkstation - ok
23:25:43.0125 3516 lbrtfdc - ok
23:25:43.0140 3516 LightScribeService (e75adcfafdef3f4c3af3332928d59926) C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
23:25:43.0156 3516 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
23:25:43.0156 3516 LightScribeService - detected UnsignedFile.Multi.Generic (1)
23:25:43.0171 3516 lirsgt (975b6cf65f44e95883f3855bae8cecaf) C:\WINDOWS\system32\DRIVERS\lirsgt.sys
23:25:43.0187 3516 lirsgt ( UnsignedFile.Multi.Generic ) - warning
23:25:43.0187 3516 lirsgt - detected UnsignedFile.Multi.Generic (1)
23:25:43.0203 3516 LmHosts (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
23:25:43.0265 3516 LmHosts - ok
23:25:43.0281 3516 MBAMProtector (6dfe7f2e8e8a337263aa5c92a215f161) C:\WINDOWS\system32\drivers\mbam.sys
23:25:43.0296 3516 MBAMProtector - ok
23:25:43.0343 3516 MBAMService (43683e970f008c93c9429ef428147a54) C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
23:25:43.0359 3516 MBAMService - ok
23:25:43.0375 3516 Messenger (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
23:25:43.0421 3516 Messenger - ok
23:25:43.0437 3516 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
23:25:43.0500 3516 mnmdd - ok
23:25:43.0531 3516 mnmsrvc (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
23:25:43.0593 3516 mnmsrvc - ok
23:25:43.0609 3516 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
23:25:43.0687 3516 Modem - ok
23:25:43.0703 3516 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
23:25:43.0765 3516 Mouclass - ok
23:25:43.0765 3516 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
23:25:43.0828 3516 MountMgr - ok
23:25:43.0875 3516 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
23:25:43.0890 3516 MozillaMaintenance - ok
23:25:43.0890 3516 mraid35x - ok
23:25:43.0906 3516 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
23:25:43.0968 3516 MRxDAV - ok
23:25:44.0000 3516 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:25:44.0031 3516 MRxSmb - ok
23:25:44.0062 3516 MSDTC (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
23:25:44.0109 3516 MSDTC - ok
23:25:44.0125 3516 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
23:25:44.0203 3516 Msfs - ok
23:25:44.0203 3516 MSICPL - ok
23:25:44.0203 3516 MSIServer - ok
23:25:44.0218 3516 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:25:44.0265 3516 MSKSSRV - ok
23:25:44.0281 3516 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:25:44.0328 3516 MSPCLOCK - ok
23:25:44.0359 3516 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
23:25:44.0437 3516 MSPQM - ok
23:25:44.0453 3516 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
23:25:44.0500 3516 mssmbios - ok
23:25:44.0515 3516 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
23:25:44.0546 3516 Mup - ok
23:25:44.0593 3516 napagent (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
23:25:44.0656 3516 napagent - ok
23:25:44.0671 3516 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
23:25:44.0734 3516 NDIS - ok
23:25:44.0765 3516 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:25:44.0781 3516 NdisTapi - ok
23:25:44.0812 3516 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:25:44.0875 3516 Ndisuio - ok
23:25:44.0890 3516 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:25:44.0953 3516 NdisWan - ok
23:25:44.0968 3516 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
23:25:45.0000 3516 NDProxy - ok
23:25:45.0015 3516 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
23:25:45.0078 3516 NetBIOS - ok
23:25:45.0093 3516 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
23:25:45.0156 3516 NetBT - ok
23:25:45.0171 3516 NetDDE (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
23:25:45.0234 3516 NetDDE - ok
23:25:45.0250 3516 NetDDEdsdm (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
23:25:45.0296 3516 NetDDEdsdm - ok
23:25:45.0312 3516 Netlogon (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
23:25:45.0390 3516 Netlogon - ok
23:25:45.0406 3516 Netman (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
23:25:45.0468 3516 Netman - ok
23:25:45.0562 3516 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:25:45.0578 3516 NetTcpPortSharing - ok
23:25:45.0609 3516 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
23:25:45.0671 3516 NIC1394 - ok
23:25:45.0703 3516 Nla (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
23:25:45.0734 3516 Nla - ok
23:25:45.0796 3516 NMIndexingService (d36107465e716cf2335a25c54b6d11c2) C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe
23:25:45.0812 3516 NMIndexingService - ok
23:25:45.0828 3516 nmwcd (c82f4cc10ad315b6d6bcb14d0a7cad66) C:\WINDOWS\system32\drivers\ccdcmb.sys
23:25:45.0890 3516 nmwcd - ok
23:25:45.0906 3516 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
23:25:45.0968 3516 Npfs - ok
23:25:45.0968 3516 NTACCESS - ok
23:25:46.0000 3516 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
23:25:46.0078 3516 Ntfs - ok
23:25:46.0093 3516 NtLmSsp (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
23:25:46.0156 3516 NtLmSsp - ok
23:25:46.0203 3516 NtmsSvc (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
23:25:46.0265 3516 NtmsSvc - ok
23:25:46.0296 3516 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
23:25:46.0359 3516 Null - ok
23:25:46.0593 3516 nv (da63d1aa47da369c211452086992dfb4) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
23:25:46.0781 3516 nv ( UnsignedFile.Multi.Generic ) - warning
23:25:46.0781 3516 nv - detected UnsignedFile.Multi.Generic (1)
23:25:46.0859 3516 NVSvc (d537549216a2e6d12d02f498fcd974aa) C:\WINDOWS\system32\nvsvc32.exe
23:25:46.0859 3516 NVSvc ( UnsignedFile.Multi.Generic ) - warning
23:25:46.0859 3516 NVSvc - detected UnsignedFile.Multi.Generic (1)
23:25:46.0906 3516 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
23:25:46.0953 3516 NwlnkFlt - ok
23:25:46.0968 3516 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
23:25:47.0031 3516 NwlnkFwd - ok
23:25:47.0062 3516 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
23:25:47.0125 3516 ohci1394 - ok
23:25:47.0140 3516 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
23:25:47.0203 3516 Parport - ok
23:25:47.0203 3516 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
23:25:47.0265 3516 PartMgr - ok
23:25:47.0296 3516 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
23:25:47.0359 3516 ParVdm - ok
23:25:47.0375 3516 PCANDIS5 (58c5ea3de400fe1d08cfeca6d5c14ebd) C:\WINDOWS\system32\PCANDIS5.SYS
23:25:47.0375 3516 PCANDIS5 ( UnsignedFile.Multi.Generic ) - warning
23:25:47.0375 3516 PCANDIS5 - detected UnsignedFile.Multi.Generic (1)
23:25:47.0390 3516 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
23:25:47.0437 3516 PCI - ok
23:25:47.0437 3516 PCIDump - ok
23:25:47.0468 3516 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
23:25:47.0531 3516 PCIIde - ok
23:25:47.0546 3516 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
23:25:47.0625 3516 Pcmcia - ok
23:25:47.0625 3516 PDCOMP - ok
23:25:47.0625 3516 PDFRAME - ok
23:25:47.0625 3516 PDRELI - ok
23:25:47.0640 3516 PDRFRAME - ok
23:25:47.0640 3516 perc2 - ok
23:25:47.0640 3516 perc2hib - ok
23:25:47.0671 3516 PlugPlay (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
23:25:47.0671 3516 PlugPlay - ok
23:25:47.0703 3516 PolicyAgent (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
23:25:47.0750 3516 PolicyAgent - ok
23:25:47.0765 3516 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
23:25:47.0828 3516 PptpMiniport - ok
23:25:47.0828 3516 ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
23:25:47.0875 3516 ProtectedStorage - ok
23:25:47.0890 3516 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
23:25:47.0937 3516 PSched - ok
23:25:47.0953 3516 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
23:25:48.0015 3516 Ptilink - ok
23:25:48.0031 3516 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
23:25:48.0031 3516 PxHelp20 - ok
23:25:48.0046 3516 ql1080 - ok
23:25:48.0046 3516 Ql10wnt - ok
23:25:48.0046 3516 ql12160 - ok
23:25:48.0046 3516 ql1240 - ok
23:25:48.0046 3516 ql1280 - ok
23:25:48.0062 3516 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:25:48.0109 3516 RasAcd - ok
23:25:48.0125 3516 RasAuto (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
23:25:48.0187 3516 RasAuto - ok
23:25:48.0203 3516 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
23:25:48.0250 3516 Rasl2tp - ok
23:25:48.0281 3516 RasMan (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
23:25:48.0343 3516 RasMan - ok
23:25:48.0343 3516 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:25:48.0406 3516 RasPppoe - ok
23:25:48.0406 3516 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
23:25:48.0468 3516 Raspti - ok
23:25:48.0484 3516 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:25:48.0546 3516 Rdbss - ok
23:25:48.0546 3516 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
23:25:48.0609 3516 RDPCDD - ok
23:25:48.0640 3516 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
23:25:48.0671 3516 RDPWD - ok
23:25:48.0687 3516 RDSessMgr (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
23:25:48.0734 3516 RDSessMgr - ok
23:25:48.0765 3516 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
23:25:48.0812 3516 redbook - ok
23:25:48.0828 3516 RemoteAccess (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
23:25:48.0890 3516 RemoteAccess - ok
23:25:48.0906 3516 RpcLocator (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
23:25:48.0968 3516 RpcLocator - ok
23:25:49.0000 3516 RpcSs (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
23:25:49.0015 3516 RpcSs - ok
23:25:49.0046 3516 RSVP (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
23:25:49.0109 3516 RSVP - ok
23:25:49.0109 3516 SamSs (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
23:25:49.0171 3516 SamSs - ok
23:25:49.0187 3516 SCardSvr (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
23:25:49.0250 3516 SCardSvr - ok
23:25:49.0265 3516 Schedule (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
23:25:49.0312 3516 Schedule - ok
23:25:49.0343 3516 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
23:25:49.0406 3516 Secdrv - ok
23:25:49.0406 3516 seclogon (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
23:25:49.0468 3516 seclogon - ok
23:25:49.0484 3516 SENS (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
23:25:49.0546 3516 SENS - ok
23:25:49.0562 3516 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
23:25:49.0625 3516 serenum - ok
23:25:49.0625 3516 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
23:25:49.0687 3516 Serial - ok
23:25:49.0687 3516 SetupNTGLM7X - ok
23:25:49.0718 3516 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
23:25:49.0781 3516 Sfloppy - ok
23:25:49.0812 3516 ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
23:25:49.0828 3516 ShellHWDetection - ok
23:25:49.0828 3516 Simbad - ok
23:25:49.0828 3516 Sparrow - ok
23:25:49.0843 3516 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
23:25:49.0906 3516 splitter - ok
23:25:49.0921 3516 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
23:25:49.0937 3516 Spooler - ok
23:25:49.0968 3516 Spyder3 (1c63fe706ab797bc3c24813ff969b4de) C:\WINDOWS\system32\DRIVERS\Spyder3.sys
23:25:49.0984 3516 Spyder3 - ok
23:25:50.0000 3516 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
23:25:50.0046 3516 sr - ok
23:25:50.0078 3516 srservice (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
23:25:50.0125 3516 srservice - ok
23:25:50.0140 3516 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
23:25:50.0171 3516 Srv - ok
23:25:50.0203 3516 SSDPSRV (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
23:25:50.0265 3516 SSDPSRV - ok
23:25:50.0296 3516 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
23:25:50.0296 3516 ssmdrv - ok
23:25:50.0312 3516 stisvc (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
23:25:50.0390 3516 stisvc - ok
23:25:50.0406 3516 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
23:25:50.0453 3516 swenum - ok
23:25:50.0468 3516 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
23:25:50.0531 3516 swmidi - ok
23:25:50.0531 3516 SwPrv - ok
23:25:50.0531 3516 symc810 - ok
23:25:50.0531 3516 symc8xx - ok
23:25:50.0546 3516 sym_hi - ok
23:25:50.0546 3516 sym_u3 - ok
23:25:50.0562 3516 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
23:25:50.0609 3516 sysaudio - ok
23:25:50.0625 3516 SysmonLog (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
23:25:50.0703 3516 SysmonLog - ok
23:25:50.0718 3516 TapiSrv (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
23:25:50.0765 3516 TapiSrv - ok
23:25:50.0812 3516 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:25:50.0859 3516 Tcpip - ok
23:25:50.0859 3516 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
23:25:50.0921 3516 TDPIPE - ok
23:25:50.0937 3516 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
23:25:50.0984 3516 TDTCP - ok
23:25:51.0000 3516 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
23:25:51.0062 3516 TermDD - ok
23:25:51.0078 3516 TermService (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
23:25:51.0140 3516 TermService - ok
23:25:51.0171 3516 Themes (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
23:25:51.0187 3516 Themes - ok
23:25:51.0187 3516 TosIde - ok
23:25:51.0203 3516 TrkWks (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
23:25:51.0250 3516 TrkWks - ok
23:25:51.0265 3516 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
23:25:51.0328 3516 Udfs - ok
23:25:51.0343 3516 ultra - ok
23:25:51.0375 3516 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
23:25:51.0437 3516 Update - ok
23:25:51.0453 3516 upnphost (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
23:25:51.0531 3516 upnphost - ok
23:25:51.0546 3516 UPS (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
23:25:51.0593 3516 UPS - ok
23:25:51.0625 3516 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
23:25:51.0671 3516 usbehci - ok
23:25:51.0687 3516 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
23:25:51.0750 3516 usbhub - ok
23:25:51.0750 3516 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
23:25:51.0796 3516 usbohci - ok
23:25:51.0812 3516 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
23:25:51.0875 3516 usbscan - ok
23:25:51.0890 3516 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
23:25:51.0953 3516 usbstor - ok
23:25:51.0953 3516 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
23:25:52.0000 3516 VgaSave - ok
23:25:52.0015 3516 ViaIde - ok
23:25:52.0062 3516 VMAuthdService (aeabee8dd80271b884da0d444f125569) C:\Programme\VMware\VMware Server\vmware-authd.exe
23:25:52.0078 3516 VMAuthdService ( UnsignedFile.Multi.Generic ) - warning
23:25:52.0078 3516 VMAuthdService - detected UnsignedFile.Multi.Generic (1)
23:25:52.0078 3516 VMnetAdapter (fdfd74ab4d0f27b5d062c2a39cbb6d54) C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys
23:25:52.0109 3516 VMnetAdapter - ok
23:25:52.0109 3516 VMnetBridge (ba74018271bf7b8df01f8e2c616a0772) C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys
23:25:52.0125 3516 VMnetBridge ( UnsignedFile.Multi.Generic ) - warning
23:25:52.0125 3516 VMnetBridge - detected UnsignedFile.Multi.Generic (1)
23:25:52.0140 3516 VMnetDHCP (ac695073450dff55352d94bb5be52098) C:\WINDOWS\system32\vmnetdhcp.exe
23:25:52.0156 3516 VMnetDHCP ( UnsignedFile.Multi.Generic ) - warning
23:25:52.0156 3516 VMnetDHCP - detected UnsignedFile.Multi.Generic (1)
23:25:52.0156 3516 VMnetuserif (1bc57b77fdccd3260e20d9a3cbd46f37) C:\WINDOWS\system32\drivers\vmnetuserif.sys
23:25:52.0171 3516 VMnetuserif ( UnsignedFile.Multi.Generic ) - warning
23:25:52.0171 3516 VMnetuserif - detected UnsignedFile.Multi.Generic (1)
23:25:52.0203 3516 vmount2 (0015a806c7f3c7916f16fa6b31373023) C:\Programme\Gemeinsame Dateien\VMware\VMware Virtual Image Editing\vmount2.exe
23:25:52.0203 3516 vmount2 - ok
23:25:52.0218 3516 VMparport (36fcd1af797b942e7d4749d2a101b283) C:\WINDOWS\system32\Drivers\VMparport.sys
23:25:52.0234 3516 VMparport ( UnsignedFile.Multi.Generic ) - warning
23:25:52.0234 3516 VMparport - detected UnsignedFile.Multi.Generic (1)
23:25:52.0312 3516 vmserverdWin32 (2035b7400a0079eaa9dc2cffa9a3de90) C:\Programme\VMware\VMware Server\vmserverdWin32.exe
23:25:52.0343 3516 vmserverdWin32 ( UnsignedFile.Multi.Generic ) - warning
23:25:52.0343 3516 vmserverdWin32 - detected UnsignedFile.Multi.Generic (1)
23:25:52.0406 3516 VMware NAT Service (9dc205ba82436a760b9b19225da2b458) C:\WINDOWS\system32\vmnat.exe
23:25:52.0406 3516 VMware NAT Service ( UnsignedFile.Multi.Generic ) - warning
23:25:52.0406 3516 VMware NAT Service - detected UnsignedFile.Multi.Generic (1)
23:25:52.0437 3516 vmx86 (225a6763f4f70f7f924bee50fb226f26) C:\WINDOWS\system32\Drivers\vmx86.sys
23:25:52.0437 3516 vmx86 ( UnsignedFile.Multi.Generic ) - warning
23:25:52.0437 3516 vmx86 - detected UnsignedFile.Multi.Generic (1)
23:25:52.0468 3516 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
23:25:52.0531 3516 VolSnap - ok
23:25:52.0562 3516 VSS (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
23:25:52.0625 3516 VSS - ok
23:25:52.0656 3516 vstor2 (449bf234cae814ba938252364bb4c39d) C:\Programme\Gemeinsame Dateien\VMware\VMware Virtual Image Editing\vstor2.sys
23:25:52.0656 3516 vstor2 - ok
23:25:52.0671 3516 W32Time (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
23:25:52.0734 3516 W32Time - ok
23:25:52.0750 3516 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:25:52.0812 3516 Wanarp - ok
23:25:52.0859 3516 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
23:25:52.0875 3516 Wdf01000 - ok
23:25:52.0875 3516 WDICA - ok
23:25:52.0890 3516 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
23:25:52.0953 3516 wdmaud - ok
23:25:52.0968 3516 WebClient (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
23:25:53.0031 3516 WebClient - ok
23:25:53.0078 3516 winmgmt (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
23:25:53.0140 3516 winmgmt - ok
23:25:53.0156 3516 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
23:25:53.0187 3516 WmdmPmSN - ok
23:25:53.0203 3516 WmiApSrv (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
23:25:53.0265 3516 WmiApSrv - ok
23:25:53.0328 3516 WMPNetworkSvc (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
23:25:53.0359 3516 WMPNetworkSvc - ok
23:25:53.0390 3516 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
23:25:53.0390 3516 WpdUsb - ok
23:25:53.0500 3516 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:25:53.0515 3516 WPFFontCache_v0400 - ok
23:25:53.0531 3516 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
23:25:53.0578 3516 WudfPf - ok
23:25:53.0593 3516 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
23:25:53.0609 3516 WudfRd - ok
23:25:53.0625 3516 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
23:25:53.0656 3516 WudfSvc - ok
23:25:53.0687 3516 WZCSVC (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
23:25:53.0750 3516 WZCSVC - ok
23:25:53.0781 3516 X-Rite (9043050ba8c2da8d9da94908ef8a0fe7) C:\WINDOWS\system32\DRIVERS\XrUsb.sys
23:25:53.0781 3516 X-Rite ( UnsignedFile.Multi.Generic ) - warning
23:25:53.0781 3516 X-Rite - detected UnsignedFile.Multi.Generic (1)
23:25:53.0812 3516 xmlprov (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
23:25:53.0875 3516 xmlprov - ok
23:25:53.0890 3516 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
23:25:54.0281 3516 \Device\Harddisk0\DR0 - ok
23:25:54.0296 3516 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
23:25:54.0343 3516 \Device\Harddisk1\DR1 - ok
23:25:54.0359 3516 Boot (0x1200) (191776b81b55a6381f68d6a8abc1d5bf) \Device\Harddisk0\DR0\Partition0
23:25:54.0359 3516 \Device\Harddisk0\DR0\Partition0 - ok
23:25:54.0359 3516 Boot (0x1200) (4b8ec8a1bee37e01555ba13e3b361982) \Device\Harddisk0\DR0\Partition1
23:25:54.0359 3516 \Device\Harddisk0\DR0\Partition1 - ok
23:25:54.0375 3516 Boot (0x1200) (5b961cd131b785aaf706aa112451e1b5) \Device\Harddisk0\DR0\Partition2
23:25:54.0375 3516 \Device\Harddisk0\DR0\Partition2 - ok
23:25:54.0375 3516 Boot (0x1200) (2d5e6fb67f672d8828d5cf030d14c5d4) \Device\Harddisk1\DR1\Partition0
23:25:54.0375 3516 \Device\Harddisk1\DR1\Partition0 - ok
23:25:54.0375 3516 ============================================================
23:25:54.0375 3516 Scan finished
23:25:54.0375 3516 ============================================================
23:25:54.0484 0688 Detected object count: 25
23:25:54.0484 0688 Actual detected object count: 25
23:26:22.0218 0688 Aspi32 ( UnsignedFile.Multi.Generic ) - skipped by user
23:26:22.0218 0688 Aspi32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:26:22.0218 0688 atksgt ( UnsignedFile.Multi.Generic ) - skipped by user
23:26:22.0218 0688 atksgt ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:26:22.0218 0688 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - skipped by user
23:26:22.0218 0688 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:26:22.0218 0688 avmeject ( UnsignedFile.Multi.Generic ) - skipped by user
23:26:22.0218 0688 avmeject ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:26:22.0218 0688 C-DillaCdaC11BA ( UnsignedFile.Multi.Generic ) - skipped by user
23:26:22.0218 0688 C-DillaCdaC11BA ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:26:22.0218 0688 CBN ( UnsignedFile.Multi.Generic ) - skipped by user
23:26:22.0218 0688 CBN ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:26:22.0218 0688 DigiCellDriver ( UnsignedFile.Multi.Generic ) - skipped by user
23:26:22.0218 0688 DigiCellDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:26:22.0234 0688 DirMngr ( UnsignedFile.Multi.Generic ) - skipped by user
23:26:22.0234 0688 DirMngr ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:26:22.0234 0688 DT T-Sinus 130data(R) ( UnsignedFile.Multi.Generic ) - skipped by user
23:26:22.0234 0688 DT T-Sinus 130data(R) ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:26:22.0234 0688 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
23:26:22.0234 0688 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:26:22.0234 0688 hcmon ( UnsignedFile.Multi.Generic ) - skipped by user
23:26:22.0234 0688 hcmon ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:26:22.0234 0688 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
23:26:22.0234 0688 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:26:22.0234 0688 lirsgt ( UnsignedFile.Multi.Generic ) - skipped by user
23:26:22.0234 0688 lirsgt ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:26:22.0234 0688 nv ( UnsignedFile.Multi.Generic ) - skipped by user
23:26:22.0234 0688 nv ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:26:22.0234 0688 NVSvc ( UnsignedFile.Multi.Generic ) - skipped by user
23:26:22.0234 0688 NVSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:26:22.0234 0688 PCANDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user
23:26:22.0234 0688 PCANDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:26:22.0234 0688 VMAuthdService ( UnsignedFile.Multi.Generic ) - skipped by user
23:26:22.0234 0688 VMAuthdService ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:26:22.0234 0688 VMnetBridge ( UnsignedFile.Multi.Generic ) - skipped by user
23:26:22.0234 0688 VMnetBridge ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:26:22.0234 0688 VMnetDHCP ( UnsignedFile.Multi.Generic ) - skipped by user
23:26:22.0234 0688 VMnetDHCP ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:26:22.0234 0688 VMnetuserif ( UnsignedFile.Multi.Generic ) - skipped by user
23:26:22.0234 0688 VMnetuserif ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:26:22.0234 0688 VMparport ( UnsignedFile.Multi.Generic ) - skipped by user
23:26:22.0234 0688 VMparport ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:26:22.0234 0688 vmserverdWin32 ( UnsignedFile.Multi.Generic ) - skipped by user
23:26:22.0234 0688 vmserverdWin32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:26:22.0234 0688 VMware NAT Service ( UnsignedFile.Multi.Generic ) - skipped by user
23:26:22.0234 0688 VMware NAT Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:26:22.0234 0688 vmx86 ( UnsignedFile.Multi.Generic ) - skipped by user
23:26:22.0234 0688 vmx86 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:26:22.0234 0688 X-Rite ( UnsignedFile.Multi.Generic ) - skipped by user
23:26:22.0234 0688 X-Rite ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:26:51.0562 3256 ============================================================
23:26:51.0562 3256 Scan started
23:26:51.0562 3256 Mode: Manual; SigCheck; TDLFS;
23:26:51.0562 3256 ============================================================
23:26:51.0687 3256 Abiosdsk - ok
23:26:51.0687 3256 abp480n5 - ok
23:26:51.0718 3256 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
23:26:51.0781 3256 ACPI - ok
23:26:51.0812 3256 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
23:26:51.0875 3256 ACPIEC - ok
23:26:51.0937 3256 AdobeActiveFileMonitor7.0 (3fd8dc2c9735c2aa70155102cfb93eda) C:\Programme\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
23:26:51.0937 3256 AdobeActiveFileMonitor7.0 - ok
23:26:52.0000 3256 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:26:52.0000 3256 AdobeFlashPlayerUpdateSvc - ok
23:26:52.0000 3256 adpu160m - ok
23:26:52.0015 3256 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
23:26:52.0078 3256 aec - ok
23:26:52.0109 3256 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
23:26:52.0125 3256 AFD - ok
23:26:52.0125 3256 Aha154x - ok
23:26:52.0125 3256 aic78u2 - ok
23:26:52.0125 3256 aic78xx - ok
23:26:52.0156 3256 aksfridge (730e9d3bb324fb1899005aea63c6782d) C:\WINDOWS\system32\drivers\aksfridge.sys
23:26:52.0171 3256 aksfridge - ok
23:26:52.0187 3256 Alerter (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
23:26:52.0250 3256 Alerter - ok
23:26:52.0265 3256 ALG (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
23:26:52.0328 3256 ALG - ok
23:26:52.0328 3256 AliIde - ok
23:26:52.0328 3256 amsint - ok
23:26:52.0359 3256 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Programme\Avira\AntiVir Desktop\sched.exe
23:26:52.0375 3256 AntiVirSchedulerService - ok
23:26:52.0390 3256 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Programme\Avira\AntiVir Desktop\avguard.exe
23:26:52.0390 3256 AntiVirService - ok
23:26:52.0390 3256 AppMgmt - ok
23:26:52.0406 3256 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
23:26:52.0468 3256 Arp1394 - ok
23:26:52.0468 3256 asc - ok
23:26:52.0468 3256 asc3350p - ok
23:26:52.0484 3256 asc3550 - ok
23:26:52.0500 3256 Aspi32 (b979979ab8027f7f53fb16ec4229b7db) C:\WINDOWS\system32\drivers\Aspi32.sys
23:26:52.0515 3256 Aspi32 ( UnsignedFile.Multi.Generic ) - warning
23:26:52.0515 3256 Aspi32 - detected UnsignedFile.Multi.Generic (1)
23:26:52.0562 3256 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
23:26:52.0562 3256 aspnet_state - ok
23:26:52.0578 3256 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:26:52.0640 3256 AsyncMac - ok
23:26:52.0640 3256 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
23:26:52.0703 3256 atapi - ok
23:26:52.0703 3256 Atdisk - ok
23:26:52.0750 3256 atksgt (5b80e84af6b02ecab72dae9afee06309) C:\WINDOWS\system32\DRIVERS\atksgt.sys
23:26:52.0750 3256 atksgt ( UnsignedFile.Multi.Generic ) - warning
23:26:52.0750 3256 atksgt - detected UnsignedFile.Multi.Generic (1)
23:26:52.0765 3256 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
23:26:52.0812 3256 Atmarpc - ok
23:26:52.0843 3256 AudioSrv (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
23:26:52.0906 3256 AudioSrv - ok
23:26:52.0921 3256 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
23:26:52.0984 3256 audstub - ok
23:26:53.0000 3256 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
23:26:53.0015 3256 avgntflt - ok
23:26:53.0031 3256 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\WINDOWS\system32\DRIVERS\avipbb.sys
23:26:53.0046 3256 avipbb - ok
23:26:53.0046 3256 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys
23:26:53.0046 3256 avkmgr - ok
23:26:53.0109 3256 AVM WLAN Connection Service (55bdaf9d7ede7eebd99b068546ed9c1a) C:\Programme\avmwlanstick\WlanNetService.exe
23:26:53.0125 3256 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - warning
23:26:53.0125 3256 AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic (1)
23:26:53.0140 3256 avmeject (263cf9d248fd5e020a1333ed4f7eaa88) C:\WINDOWS\system32\drivers\avmeject.sys
23:26:53.0140 3256 avmeject ( UnsignedFile.Multi.Generic ) - warning
23:26:53.0140 3256 avmeject - detected UnsignedFile.Multi.Generic (1)
23:26:53.0156 3256 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
23:26:53.0218 3256 Beep - ok
23:26:53.0234 3256 Browser (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
23:26:53.0296 3256 Browser - ok
23:26:53.0312 3256 C-DillaCdaC11BA (3de014dfc14e8530f3a85572e2763446) C:\WINDOWS\system32\drivers\CDAC11BA.EXE
23:26:53.0312 3256 C-DillaCdaC11BA ( UnsignedFile.Multi.Generic ) - warning
23:26:53.0312 3256 C-DillaCdaC11BA - detected UnsignedFile.Multi.Generic (1)
23:26:53.0328 3256 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
23:26:53.0390 3256 cbidf2k - ok
23:26:53.0421 3256 CBN (946595da193c5b49062fdf23bde5c764) C:\WINDOWS\System32\Drivers\CBN.SYS
23:26:53.0421 3256 CBN ( UnsignedFile.Multi.Generic ) - warning
23:26:53.0421 3256 CBN - detected UnsignedFile.Multi.Generic (1)
23:26:53.0421 3256 cd20xrnt - ok
23:26:53.0421 3256 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
23:26:53.0484 3256 Cdaudio - ok
23:26:53.0500 3256 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
23:26:53.0546 3256 Cdfs - ok
23:26:53.0578 3256 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
23:26:53.0625 3256 Cdrom - ok
23:26:53.0640 3256 Changer - ok
23:26:53.0640 3256 CiSvc (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
23:26:53.0703 3256 CiSvc - ok
23:26:53.0718 3256 ClipSrv (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
23:26:53.0781 3256 ClipSrv - ok
23:26:53.0828 3256 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:26:53.0843 3256 clr_optimization_v2.0.50727_32 - ok
23:26:53.0890 3256 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:26:53.0890 3256 clr_optimization_v4.0.30319_32 - ok
23:26:53.0890 3256 CmdIde - ok
23:26:53.0890 3256 COMSysApp - ok
23:26:53.0906 3256 Cpqarray - ok
23:26:53.0921 3256 CryptSvc (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
23:26:53.0968 3256 CryptSvc - ok
23:26:53.0984 3256 CVirtA (b5ecadf7708960f1818c7fa015f4c239) C:\WINDOWS\system32\DRIVERS\CVirtA.sys
23:26:54.0000 3256 CVirtA - ok
23:26:54.0000 3256 dac2w2k - ok
23:26:54.0000 3256 dac960nt - ok
23:26:54.0046 3256 DcomLaunch (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
23:26:54.0062 3256 DcomLaunch - ok
23:26:54.0078 3256 Dhcp (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
23:26:54.0156 3256 Dhcp - ok
23:26:54.0187 3256 DigiCellDriver (ca2c652f167da4271ba6b34c6255f159) C:\Programme\MSI\DualCoreCenter\NTGLM7X.sys
23:26:54.0203 3256 DigiCellDriver ( UnsignedFile.Multi.Generic ) - warning
23:26:54.0203 3256 DigiCellDriver - detected UnsignedFile.Multi.Generic (1)
23:26:54.0250 3256 DirMngr (4f26bb00747d41e7c0fe8ebb2900f862) C:\Programme\GNU\GnuPG\dirmngr.exe
23:26:54.0265 3256 DirMngr ( UnsignedFile.Multi.Generic ) - warning
23:26:54.0265 3256 DirMngr - detected UnsignedFile.Multi.Generic (1)
23:26:54.0281 3256 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
23:26:54.0328 3256 Disk - ok
23:26:54.0328 3256 dmadmin - ok
23:26:54.0375 3256 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
23:26:54.0453 3256 dmboot - ok
23:26:54.0468 3256 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
23:26:54.0546 3256 dmio - ok
23:26:54.0562 3256 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
23:26:54.0625 3256 dmload - ok
23:26:54.0656 3256 dmserver (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
23:26:54.0718 3256 dmserver - ok
23:26:54.0734 3256 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
23:26:54.0796 3256 DMusic - ok
23:26:54.0812 3256 Dnscache (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
23:26:54.0843 3256 Dnscache - ok
23:26:54.0859 3256 Dot3svc (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
23:26:54.0921 3256 Dot3svc - ok
23:26:54.0937 3256 dot4 (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys
23:26:55.0000 3256 dot4 - ok
23:26:55.0031 3256 Dot4Print (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
23:26:55.0078 3256 Dot4Print - ok
23:26:55.0078 3256 dot4usb (29e86af2f3457d0441348020fe3cfbd0) C:\WINDOWS\system32\DRIVERS\dot4usb.sys
23:26:55.0140 3256 dot4usb - ok
23:26:55.0140 3256 dpti2o - ok
23:26:55.0156 3256 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
23:26:55.0218 3256 drmkaud - ok
23:26:55.0234 3256 DT T-Sinus 130data(R) (2136cd5ed0f09bdf2abb45b5ae8b6ed7) C:\WINDOWS\system32\DRIVERS\dtusbxp.sys
23:26:55.0234 3256 DT T-Sinus 130data(R) ( UnsignedFile.Multi.Generic ) - warning
23:26:55.0234 3256 DT T-Sinus 130data(R) - detected UnsignedFile.Multi.Generic (1)
23:26:55.0250 3256 EapHost (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
23:26:55.0296 3256 EapHost - ok
23:26:55.0312 3256 ERSvc (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
23:26:55.0375 3256 ERSvc - ok
23:26:55.0406 3256 Eventlog (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
23:26:55.0406 3256 Eventlog - ok
23:26:55.0453 3256 EventSystem (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
23:26:55.0468 3256 EventSystem - ok
23:26:55.0484 3256 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
23:26:55.0546 3256 Fastfat - ok
23:26:55.0578 3256 FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
23:26:55.0578 3256 FastUserSwitchingCompatibility - ok
23:26:55.0593 3256 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
23:26:55.0640 3256 Fdc - ok
23:26:55.0656 3256 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
23:26:55.0718 3256 Fips - ok
23:26:55.0781 3256 FLEXnet Licensing Service (f76d04f7413b07daa029f6520b64b4e8) C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
23:26:55.0812 3256 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
23:26:55.0812 3256 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
23:26:55.0812 3256 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
23:26:55.0875 3256 Flpydisk - ok
23:26:55.0890 3256 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
23:26:55.0953 3256 FltMgr - ok
23:26:56.0000 3256 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
23:26:56.0015 3256 FontCache3.0.0.0 - ok
23:26:56.0031 3256 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:26:56.0093 3256 Fs_Rec - ok
23:26:56.0109 3256 FTDIBUS (a36e8beedb3aaca09bf55a1d17904bc8) C:\WINDOWS\system32\drivers\ftdibus.sys
23:26:56.0109 3256 FTDIBUS - ok
23:26:56.0125 3256 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
23:26:56.0171 3256 Ftdisk - ok
23:26:56.0203 3256 FTSER2K (a14a1f4bb391df9c233cb5dbd05feb70) C:\WINDOWS\system32\drivers\ftser2k.sys
23:26:56.0203 3256 FTSER2K - ok
23:26:56.0234 3256 FWLANUSB (ff12fa487265da2ac7de4be53f72ff1a) C:\WINDOWS\system32\DRIVERS\fwlanusb.sys
23:26:56.0250 3256 FWLANUSB - ok
23:26:56.0250 3256 GMSIPCI - ok
23:26:56.0281 3256 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
23:26:56.0328 3256 Gpc - ok
23:26:56.0375 3256 hardlock (a9d587e31dbee3e9bd97fefece0ba874) C:\WINDOWS\system32\drivers\hardlock.sys
23:26:56.0390 3256 hardlock - ok
23:26:56.0390 3256 hasplms - ok
23:26:56.0421 3256 hcmon (eebe6b4d6c95aede577af9a8060963c8) C:\WINDOWS\system32\Drivers\hcmon.sys
23:26:56.0437 3256 hcmon ( UnsignedFile.Multi.Generic ) - warning
23:26:56.0437 3256 hcmon - detected UnsignedFile.Multi.Generic (1)
23:26:56.0453 3256 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
23:26:56.0500 3256 HDAudBus - ok
23:26:56.0546 3256 helpsvc (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
23:26:56.0609 3256 helpsvc - ok
23:26:56.0609 3256 HidServ - ok
23:26:56.0625 3256 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
23:26:56.0687 3256 HidUsb - ok
23:26:56.0718 3256 hkmsvc (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
23:26:56.0765 3256 hkmsvc - ok
23:26:56.0765 3256 hpn - ok
23:26:56.0812 3256 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
23:26:56.0828 3256 HTTP - ok
23:26:56.0843 3256 HTTPFilter (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
23:26:56.0906 3256 HTTPFilter - ok
23:26:56.0906 3256 i2omgmt - ok
23:26:56.0906 3256 i2omp - ok
23:26:56.0921 3256 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
23:26:56.0968 3256 i8042prt - ok
23:26:57.0078 3256 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:26:57.0093 3256 idsvc - ok
23:26:57.0140 3256 IGDCTRL (e28602c9e17b0ddce9f5deb3b3e2a635) C:\Programme\FRITZ!DSL\IGDCTRL.EXE
23:26:57.0156 3256 IGDCTRL - ok
23:26:57.0171 3256 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
23:26:57.0218 3256 Imapi - ok
23:26:57.0250 3256 ImapiService (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
23:26:57.0312 3256 ImapiService - ok
23:26:57.0312 3256 ini910u - ok
23:26:57.0500 3256 IntcAzAudAddService (001aaca6ed0e6b00fc5b8faf74977e81) C:\WINDOWS\system32\drivers\RtkHDAud.sys
23:26:57.0609 3256 IntcAzAudAddService - ok
23:26:57.0656 3256 IntelIde - ok
23:26:57.0671 3256 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
23:26:57.0734 3256 intelppm - ok
23:26:57.0750 3256 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
23:26:57.0812 3256 Ip6Fw - ok
23:26:57.0843 3256 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:26:57.0890 3256 IpFilterDriver - ok
23:26:57.0906 3256 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
23:26:57.0984 3256 IpInIp - ok
23:26:58.0000 3256 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
23:26:58.0062 3256 IpNat - ok
23:26:58.0078 3256 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
23:26:58.0125 3256 IPSec - ok
23:26:58.0140 3256 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
23:26:58.0203 3256 IRENUM - ok
23:26:58.0218 3256 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
23:26:58.0281 3256 isapnp - ok
23:26:58.0343 3256 JavaQuickStarterService (890369aed0dde1a98f09f7dc239ca2bd) C:\Programme\Java\jre6\bin\jqs.exe
23:26:58.0359 3256 JavaQuickStarterService - ok
23:26:58.0359 3256 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
23:26:58.0406 3256 Kbdclass - ok
23:26:58.0421 3256 kbdhid (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
23:26:58.0468 3256 kbdhid - ok
23:26:58.0484 3256 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
23:26:58.0546 3256 kmixer - ok
23:26:58.0562 3256 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
23:26:58.0562 3256 KSecDD - ok
23:26:58.0593 3256 lanmanserver (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
23:26:58.0609 3256 lanmanserver - ok
23:26:58.0625 3256 lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
23:26:58.0640 3256 lanmanworkstation - ok
23:26:58.0640 3256 lbrtfdc - ok
23:26:58.0671 3256 LightScribeService (e75adcfafdef3f4c3af3332928d59926) C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
23:26:58.0671 3256 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
23:26:58.0671 3256 LightScribeService - detected UnsignedFile.Multi.Generic (1)
23:26:58.0703 3256 lirsgt (975b6cf65f44e95883f3855bae8cecaf) C:\WINDOWS\system32\DRIVERS\lirsgt.sys
23:26:58.0718 3256 lirsgt ( UnsignedFile.Multi.Generic ) - warning
23:26:58.0718 3256 lirsgt - detected UnsignedFile.Multi.Generic (1)
23:26:58.0718 3256 LmHosts (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
23:26:58.0781 3256 LmHosts - ok
23:26:58.0812 3256 MBAMProtector (6dfe7f2e8e8a337263aa5c92a215f161) C:\WINDOWS\system32\drivers\mbam.sys
23:26:58.0812 3256 MBAMProtector - ok
23:26:58.0859 3256 MBAMService (43683e970f008c93c9429ef428147a54) C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
23:26:58.0875 3256 MBAMService - ok
23:26:58.0906 3256 Messenger (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
23:26:58.0953 3256 Messenger - ok
23:26:58.0968 3256 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
23:26:59.0031 3256 mnmdd - ok
23:26:59.0062 3256 mnmsrvc (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
23:26:59.0125 3256 mnmsrvc - ok
23:26:59.0156 3256 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
23:26:59.0218 3256 Modem - ok
23:26:59.0234 3256 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
23:26:59.0296 3256 Mouclass - ok
23:26:59.0296 3256 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
23:26:59.0359 3256 MountMgr - ok
23:26:59.0421 3256 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
23:26:59.0421 3256 MozillaMaintenance - ok
23:26:59.0421 3256 mraid35x - ok
23:26:59.0437 3256 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
23:26:59.0484 3256 MRxDAV - ok
23:26:59.0515 3256 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:26:59.0546 3256 MRxSmb - ok
23:26:59.0546 3256 MSDTC (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
23:26:59.0609 3256 MSDTC - ok
23:26:59.0609 3256 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
23:26:59.0671 3256 Msfs - ok
23:26:59.0671 3256 MSICPL - ok
23:26:59.0687 3256 MSIServer - ok
23:26:59.0703 3256 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:26:59.0750 3256 MSKSSRV - ok
23:26:59.0765 3256 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:26:59.0812 3256 MSPCLOCK - ok
23:26:59.0812 3256 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
23:26:59.0875 3256 MSPQM - ok
23:26:59.0890 3256 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
23:26:59.0937 3256 mssmbios - ok
23:26:59.0968 3256 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
23:26:59.0968 3256 Mup - ok
23:27:00.0000 3256 napagent (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
23:27:00.0062 3256 napagent - ok
23:27:00.0062 3256 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
23:27:00.0140 3256 NDIS - ok
23:27:00.0156 3256 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:27:00.0171 3256 NdisTapi - ok
23:27:00.0187 3256 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:27:00.0250 3256 Ndisuio - ok
23:27:00.0281 3256 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:27:00.0343 3256 NdisWan - ok
23:27:00.0359 3256 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
23:27:00.0375 3256 NDProxy - ok
23:27:00.0375 3256 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
23:27:00.0437 3256 NetBIOS - ok
23:27:00.0453 3256 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
23:27:00.0500 3256 NetBT - ok
23:27:00.0531 3256 NetDDE (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
23:27:00.0593 3256 NetDDE - ok
23:27:00.0593 3256 NetDDEdsdm (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
23:27:00.0656 3256 NetDDEdsdm - ok
23:27:00.0718 3256 Netlogon (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
23:27:00.0765 3256 Netlogon - ok
23:27:00.0781 3256 Netman (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
23:27:00.0843 3256 Netman - ok
23:27:00.0937 3256 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:27:00.0953 3256 NetTcpPortSharing - ok
23:27:00.0968 3256 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
23:27:01.0015 3256 NIC1394 - ok
23:27:01.0046 3256 Nla (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
23:27:01.0062 3256 Nla - ok
23:27:01.0140 3256 NMIndexingService (d36107465e716cf2335a25c54b6d11c2) C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe
23:27:01.0156 3256 NMIndexingService - ok
23:27:01.0171 3256 nmwcd (c82f4cc10ad315b6d6bcb14d0a7cad66) C:\WINDOWS\system32\drivers\ccdcmb.sys
23:27:01.0203 3256 nmwcd - ok
23:27:01.0218 3256 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
23:27:01.0265 3256 Npfs - ok
23:27:01.0265 3256 NTACCESS - ok
23:27:01.0312 3256 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
23:27:01.0375 3256 Ntfs - ok
23:27:01.0390 3256 NtLmSsp (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
23:27:01.0437 3256 NtLmSsp - ok
23:27:01.0484 3256 NtmsSvc (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
23:27:01.0546 3256 NtmsSvc - ok
23:27:01.0562 3256 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
23:27:01.0625 3256 Null - ok
23:27:01.0859 3256 nv (da63d1aa47da369c211452086992dfb4) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
23:27:02.0031 3256 nv ( UnsignedFile.Multi.Generic ) - warning
23:27:02.0031 3256 nv - detected UnsignedFile.Multi.Generic (1)
23:27:02.0093 3256 NVSvc (d537549216a2e6d12d02f498fcd974aa) C:\WINDOWS\system32\nvsvc32.exe
23:27:02.0109 3256 NVSvc ( UnsignedFile.Multi.Generic ) - warning
23:27:02.0109 3256 NVSvc - detected UnsignedFile.Multi.Generic (1)
23:27:02.0140 3256 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
23:27:02.0187 3256 NwlnkFlt - ok
23:27:02.0218 3256 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
23:27:02.0265 3256 NwlnkFwd - ok
23:27:02.0296 3256 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
23:27:02.0359 3256 ohci1394 - ok
23:27:02.0375 3256 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
23:27:02.0437 3256 Parport - ok
23:27:02.0437 3256 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
23:27:02.0500 3256 PartMgr - ok
23:27:02.0515 3256 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
23:27:02.0578 3256 ParVdm - ok
23:27:02.0593 3256 PCANDIS5 (58c5ea3de400fe1d08cfeca6d5c14ebd) C:\WINDOWS\system32\PCANDIS5.SYS
23:27:02.0609 3256 PCANDIS5 ( UnsignedFile.Multi.Generic ) - warning
23:27:02.0609 3256 PCANDIS5 - detected UnsignedFile.Multi.Generic (1)
23:27:02.0609 3256 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
23:27:02.0656 3256 PCI - ok
23:27:02.0671 3256 PCIDump - ok
23:27:02.0687 3256 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
23:27:02.0750 3256 PCIIde - ok
23:27:02.0781 3256 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
23:27:02.0843 3256 Pcmcia - ok
23:27:02.0843 3256 PDCOMP - ok
23:27:02.0843 3256 PDFRAME - ok
23:27:02.0843 3256 PDRELI - ok
23:27:02.0843 3256 PDRFRAME - ok
23:27:02.0843 3256 perc2 - ok
23:27:02.0843 3256 perc2hib - ok
23:27:02.0890 3256 PlugPlay (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
23:27:02.0890 3256 PlugPlay - ok
23:27:02.0921 3256 PolicyAgent (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
23:27:02.0968 3256 PolicyAgent - ok
23:27:02.0968 3256 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
23:27:03.0031 3256 PptpMiniport - ok
23:27:03.0046 3256 ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
23:27:03.0093 3256 ProtectedStorage - ok
23:27:03.0093 3256 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
23:27:03.0156 3256 PSched - ok
23:27:03.0171 3256 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
23:27:03.0218 3256 Ptilink - ok
23:27:03.0234 3256 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
23:27:03.0234 3256 PxHelp20 - ok
23:27:03.0234 3256 ql1080 - ok
23:27:03.0250 3256 Ql10wnt - ok
23:27:03.0250 3256 ql12160 - ok
23:27:03.0250 3256 ql1240 - ok
23:27:03.0250 3256 ql1280 - ok
23:27:03.0265 3256 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:27:03.0312 3256 RasAcd - ok
23:27:03.0328 3256 RasAuto (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
23:27:03.0375 3256 RasAuto - ok
23:27:03.0390 3256 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
23:27:03.0437 3256 Rasl2tp - ok
23:27:03.0453 3256 RasMan (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
23:27:03.0531 3256 RasMan - ok
23:27:03.0531 3256 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:27:03.0578 3256 RasPppoe - ok
23:27:03.0578 3256 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
23:27:03.0640 3256 Raspti - ok
23:27:03.0656 3256 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:27:03.0718 3256 Rdbss - ok
23:27:03.0734 3256 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
23:27:03.0781 3256 RDPCDD - ok
23:27:03.0812 3256 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
23:27:03.0812 3256 RDPWD - ok
23:27:03.0828 3256 RDSessMgr (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
23:27:03.0875 3256 RDSessMgr - ok
23:27:03.0906 3256 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
23:27:03.0968 3256 redbook - ok
23:27:03.0984 3256 RemoteAccess (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
23:27:04.0046 3256 RemoteAccess - ok
23:27:04.0062 3256 RpcLocator (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
23:27:04.0109 3256 RpcLocator - ok
23:27:04.0156 3256 RpcSs (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
23:27:04.0171 3256 RpcSs - ok
23:27:04.0187 3256 RSVP (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
23:27:04.0250 3256 RSVP - ok
23:27:04.0265 3256 SamSs (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
23:27:04.0312 3256 SamSs - ok
23:27:04.0328 3256 SCardSvr (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
23:27:04.0390 3256 SCardSvr - ok
23:27:04.0406 3256 Schedule (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
23:27:04.0468 3256 Schedule - ok
23:27:04.0484 3256 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
23:27:04.0546 3256 Secdrv - ok
23:27:04.0546 3256 seclogon (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
23:27:04.0593 3256 seclogon - ok
23:27:04.0609 3256 SENS (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
23:27:04.0671 3256 SENS - ok
23:27:04.0687 3256 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
23:27:04.0750 3256 serenum - ok
23:27:04.0765 3256 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
23:27:04.0812 3256 Serial - ok
23:27:04.0812 3256 SetupNTGLM7X - ok
23:27:04.0843 3256 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
23:27:04.0890 3256 Sfloppy - ok
23:27:04.0921 3256 ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
23:27:04.0937 3256 ShellHWDetection - ok
23:27:04.0937 3256 Simbad - ok
23:27:04.0937 3256 Sparrow - ok
23:27:04.0937 3256 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
23:27:05.0000 3256 splitter - ok
23:27:05.0031 3256 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
23:27:05.0031 3256 Spooler - ok
23:27:05.0046 3256 Spyder3 (1c63fe706ab797bc3c24813ff969b4de) C:\WINDOWS\system32\DRIVERS\Spyder3.sys
23:27:05.0078 3256 Spyder3 - ok
23:27:05.0078 3256 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
23:27:05.0140 3256 sr - ok
23:27:05.0156 3256 srservice (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
23:27:05.0203 3256 srservice - ok
23:27:05.0218 3256 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
23:27:05.0234 3256 Srv - ok
23:27:05.0250 3256 SSDPSRV (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
23:27:05.0312 3256 SSDPSRV - ok
23:27:05.0328 3256 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
23:27:05.0343 3256 ssmdrv - ok
23:27:05.0375 3256 stisvc (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
23:27:05.0437 3256 stisvc - ok
23:27:05.0453 3256 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
23:27:05.0515 3256 swenum - ok
23:27:05.0515 3256 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
23:27:05.0593 3256 swmidi - ok
23:27:05.0593 3256 SwPrv - ok
23:27:05.0593 3256 symc810 - ok
23:27:05.0593 3256 symc8xx - ok
23:27:05.0593 3256 sym_hi - ok
23:27:05.0593 3256 sym_u3 - ok
23:27:05.0609 3256 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
23:27:05.0656 3256 sysaudio - ok
23:27:05.0687 3256 SysmonLog (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
23:27:05.0750 3256 SysmonLog - ok
23:27:05.0765 3256 TapiSrv (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
23:27:05.0812 3256 TapiSrv - ok
23:27:05.0843 3256 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:27:05.0890 3256 Tcpip - ok
23:27:05.0906 3256 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
23:27:05.0953 3256 TDPIPE - ok
23:27:05.0968 3256 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
23:27:06.0031 3256 TDTCP - ok
23:27:06.0031 3256 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
23:27:06.0093 3256 TermDD - ok
23:27:06.0109 3256 TermService (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
23:27:06.0171 3256 TermService - ok
23:27:06.0203 3256 Themes (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
23:27:06.0218 3256 Themes - ok
23:27:06.0218 3256 TosIde - ok
23:27:06.0234 3256 TrkWks (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
23:27:06.0281 3256 TrkWks - ok
23:27:06.0296 3256 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
23:27:06.0359 3256 Udfs - ok
23:27:06.0375 3256 ultra - ok
23:27:06.0390 3256 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
23:27:06.0453 3256 Update - ok
23:27:06.0468 3256 upnphost (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
23:27:06.0546 3256 upnphost - ok
23:27:06.0562 3256 UPS (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
23:27:06.0609 3256 UPS - ok
23:27:06.0625 3256 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
23:27:06.0671 3256 usbehci - ok
23:27:06.0687 3256 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
23:27:06.0734 3256 usbhub - ok
23:27:06.0750 3256 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
23:27:06.0812 3256 usbohci - ok
23:27:06.0812 3256 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
23:27:06.0875 3256 usbscan - ok
23:27:06.0890 3256 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
23:27:06.0953 3256 usbstor - ok
23:27:06.0953 3256 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
23:27:07.0000 3256 VgaSave - ok
23:27:07.0000 3256 ViaIde - ok
23:27:07.0062 3256 VMAuthdService (aeabee8dd80271b884da0d444f125569) C:\Programme\VMware\VMware Server\vmware-authd.exe
23:27:07.0062 3256 VMAuthdService ( UnsignedFile.Multi.Generic ) - warning
23:27:07.0062 3256 VMAuthdService - detected UnsignedFile.Multi.Generic (1)
23:27:07.0078 3256 VMnetAdapter (fdfd74ab4d0f27b5d062c2a39cbb6d54) C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys
23:27:07.0093 3256 VMnetAdapter - ok
23:27:07.0093 3256 VMnetBridge (ba74018271bf7b8df01f8e2c616a0772) C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys
23:27:07.0109 3256 VMnetBridge ( UnsignedFile.Multi.Generic ) - warning
23:27:07.0109 3256 VMnetBridge - detected UnsignedFile.Multi.Generic (1)
23:27:07.0109 3256 VMnetDHCP (ac695073450dff55352d94bb5be52098) C:\WINDOWS\system32\vmnetdhcp.exe
23:27:07.0125 3256 VMnetDHCP ( UnsignedFile.Multi.Generic ) - warning
23:27:07.0125 3256 VMnetDHCP - detected UnsignedFile.Multi.Generic (1)
23:27:07.0125 3256 VMnetuserif (1bc57b77fdccd3260e20d9a3cbd46f37) C:\WINDOWS\system32\drivers\vmnetuserif.sys
23:27:07.0125 3256 VMnetuserif ( UnsignedFile.Multi.Generic ) - warning
23:27:07.0125 3256 VMnetuserif - detected UnsignedFile.Multi.Generic (1)
23:27:07.0171 3256 vmount2 (0015a806c7f3c7916f16fa6b31373023) C:\Programme\Gemeinsame Dateien\VMware\VMware Virtual Image Editing\vmount2.exe
23:27:07.0171 3256 vmount2 - ok
23:27:07.0187 3256 VMparport (36fcd1af797b942e7d4749d2a101b283) C:\WINDOWS\system32\Drivers\VMparport.sys
23:27:07.0203 3256 VMparport ( UnsignedFile.Multi.Generic ) - warning
23:27:07.0203 3256 VMparport - detected UnsignedFile.Multi.Generic (1)
23:27:07.0281 3256 vmserverdWin32 (2035b7400a0079eaa9dc2cffa9a3de90) C:\Programme\VMware\VMware Server\vmserverdWin32.exe
23:27:07.0296 3256 vmserverdWin32 ( UnsignedFile.Multi.Generic ) - warning
23:27:07.0296 3256 vmserverdWin32 - detected UnsignedFile.Multi.Generic (1)
23:27:07.0359 3256 VMware NAT Service (9dc205ba82436a760b9b19225da2b458) C:\WINDOWS\system32\vmnat.exe
23:27:07.0375 3256 VMware NAT Service ( UnsignedFile.Multi.Generic ) - warning
23:27:07.0375 3256 VMware NAT Service - detected UnsignedFile.Multi.Generic (1)
23:27:07.0390 3256 vmx86 (225a6763f4f70f7f924bee50fb226f26) C:\WINDOWS\system32\Drivers\vmx86.sys
23:27:07.0390 3256 vmx86 ( UnsignedFile.Multi.Generic ) - warning
23:27:07.0390 3256 vmx86 - detected UnsignedFile.Multi.Generic (1)
23:27:07.0421 3256 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
23:27:07.0468 3256 VolSnap - ok
23:27:07.0500 3256 VSS (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
23:27:07.0562 3256 VSS - ok
23:27:07.0593 3256 vstor2 (449bf234cae814ba938252364bb4c39d) C:\Programme\Gemeinsame Dateien\VMware\VMware Virtual Image Editing\vstor2.sys
23:27:07.0593 3256 vstor2 - ok
23:27:07.0609 3256 W32Time (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
23:27:07.0656 3256 W32Time - ok
23:27:07.0671 3256 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:27:07.0718 3256 Wanarp - ok
23:27:07.0765 3256 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
23:27:07.0781 3256 Wdf01000 - ok
23:27:07.0781 3256 WDICA - ok
23:27:07.0812 3256 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
23:27:07.0875 3256 wdmaud - ok
23:27:07.0890 3256 WebClient (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
23:27:07.0937 3256 WebClient - ok
23:27:07.0984 3256 winmgmt (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
23:27:08.0046 3256 winmgmt - ok
23:27:08.0062 3256 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
23:27:08.0078 3256 WmdmPmSN - ok
23:27:08.0093 3256 WmiApSrv (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
23:27:08.0140 3256 WmiApSrv - ok
23:27:08.0218 3256 WMPNetworkSvc (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
23:27:08.0265 3256 WMPNetworkSvc - ok
23:27:08.0281 3256 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
23:27:08.0296 3256 WpdUsb - ok
23:27:08.0406 3256 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:27:08.0421 3256 WPFFontCache_v0400 - ok
23:27:08.0437 3256 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
23:27:08.0468 3256 WudfPf - ok
23:27:08.0468 3256 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
23:27:08.0500 3256 WudfRd - ok
23:27:08.0500 3256 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
23:27:08.0531 3256 WudfSvc - ok
23:27:08.0562 3256 WZCSVC (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
23:27:08.0625 3256 WZCSVC - ok
23:27:08.0656 3256 X-Rite (9043050ba8c2da8d9da94908ef8a0fe7) C:\WINDOWS\system32\DRIVERS\XrUsb.sys
23:27:08.0671 3256 X-Rite ( UnsignedFile.Multi.Generic ) - warning
23:27:08.0671 3256 X-Rite - detected UnsignedFile.Multi.Generic (1)
23:27:08.0703 3256 xmlprov (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
23:27:08.0765 3256 xmlprov - ok
23:27:08.0765 3256 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
23:27:09.0140 3256 \Device\Harddisk0\DR0 - ok
23:27:09.0156 3256 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
23:27:09.0203 3256 \Device\Harddisk1\DR1 - ok
23:27:09.0218 3256 Boot (0x1200) (191776b81b55a6381f68d6a8abc1d5bf) \Device\Harddisk0\DR0\Partition0
23:27:09.0218 3256 \Device\Harddisk0\DR0\Partition0 - ok
23:27:09.0218 3256 Boot (0x1200) (4b8ec8a1bee37e01555ba13e3b361982) \Device\Harddisk0\DR0\Partition1
23:27:09.0218 3256 \Device\Harddisk0\DR0\Partition1 - ok
23:27:09.0234 3256 Boot (0x1200) (5b961cd131b785aaf706aa112451e1b5) \Device\Harddisk0\DR0\Partition2
23:27:09.0234 3256 \Device\Harddisk0\DR0\Partition2 - ok
23:27:09.0234 3256 Boot (0x1200) (2d5e6fb67f672d8828d5cf030d14c5d4) \Device\Harddisk1\DR1\Partition0
23:27:09.0234 3256 \Device\Harddisk1\DR1\Partition0 - ok
23:27:09.0234 3256 ============================================================
23:27:09.0234 3256 Scan finished
23:27:09.0234 3256 ============================================================
23:27:09.0250 0780 Detected object count: 25
23:27:09.0250 0780 Actual detected object count: 25
23:28:04.0859 0780 Aspi32 ( UnsignedFile.Multi.Generic ) - skipped by user
23:28:04.0859 0780 Aspi32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:28:04.0859 0780 atksgt ( UnsignedFile.Multi.Generic ) - skipped by user
23:28:04.0859 0780 atksgt ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:28:04.0875 0780 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - skipped by user
23:28:04.0875 0780 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:28:04.0875 0780 avmeject ( UnsignedFile.Multi.Generic ) - skipped by user
23:28:04.0875 0780 avmeject ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:28:04.0875 0780 C-DillaCdaC11BA ( UnsignedFile.Multi.Generic ) - skipped by user
23:28:04.0875 0780 C-DillaCdaC11BA ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:28:04.0875 0780 CBN ( UnsignedFile.Multi.Generic ) - skipped by user
23:28:04.0875 0780 CBN ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:28:04.0875 0780 DigiCellDriver ( UnsignedFile.Multi.Generic ) - skipped by user
23:28:04.0875 0780 DigiCellDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:28:04.0875 0780 DirMngr ( UnsignedFile.Multi.Generic ) - skipped by user
23:28:04.0875 0780 DirMngr ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:28:04.0875 0780 DT T-Sinus 130data(R) ( UnsignedFile.Multi.Generic ) - skipped by user
23:28:04.0875 0780 DT T-Sinus 130data(R) ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:28:04.0875 0780 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
23:28:04.0875 0780 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:28:04.0875 0780 hcmon ( UnsignedFile.Multi.Generic ) - skipped by user
23:28:04.0875 0780 hcmon ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:28:04.0875 0780 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
23:28:04.0875 0780 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:28:04.0875 0780 lirsgt ( UnsignedFile.Multi.Generic ) - skipped by user
23:28:04.0875 0780 lirsgt ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:28:04.0875 0780 nv ( UnsignedFile.Multi.Generic ) - skipped by user
23:28:04.0875 0780 nv ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:28:04.0875 0780 NVSvc ( UnsignedFile.Multi.Generic ) - skipped by user
23:28:04.0875 0780 NVSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:28:04.0875 0780 PCANDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user
23:28:04.0875 0780 PCANDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:28:04.0875 0780 VMAuthdService ( UnsignedFile.Multi.Generic ) - skipped by user
23:28:04.0875 0780 VMAuthdService ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:28:04.0875 0780 VMnetBridge ( UnsignedFile.Multi.Generic ) - skipped by user
23:28:04.0875 0780 VMnetBridge ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:28:04.0875 0780 VMnetDHCP ( UnsignedFile.Multi.Generic ) - skipped by user
23:28:04.0875 0780 VMnetDHCP ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:28:04.0875 0780 VMnetuserif ( UnsignedFile.Multi.Generic ) - skipped by user
23:28:04.0875 0780 VMnetuserif ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:28:04.0875 0780 VMparport ( UnsignedFile.Multi.Generic ) - skipped by user
23:28:04.0875 0780 VMparport ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:28:04.0875 0780 vmserverdWin32 ( UnsignedFile.Multi.Generic ) - skipped by user
23:28:04.0875 0780 vmserverdWin32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:28:04.0875 0780 VMware NAT Service ( UnsignedFile.Multi.Generic ) - skipped by user
23:28:04.0875 0780 VMware NAT Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:28:04.0875 0780 vmx86 ( UnsignedFile.Multi.Generic ) - skipped by user
23:28:04.0875 0780 vmx86 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:28:04.0875 0780 X-Rite ( UnsignedFile.Multi.Generic ) - skipped by user
23:28:04.0875 0780 X-Rite ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
14.08.2012, 14:57
| #18 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Hilfe zur Entfernung des "Live Security Platinum" Trojaners Das Log ist ok
__________________Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ |
|
14.08.2012, 23:02
| #19 |
| | Hilfe zur Entfernung des "Live Security Platinum" Trojaners Hallo, ich habe nun combofix ausgeführt, es wurde angemahnt, dass Antivir noch läuft, ich hatte aber den Antivir Echtzeit Scanner explizit abgeschaltet. Die Antivir Dienste/Prozesse ließen sich nicht stoppen. Ich hoffe, das war ok. Hier nun das combofix Log: Code:
ATTFilter Combofix Logfile: |
|
15.08.2012, 19:33
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Hilfe zur Entfernung des "Live Security Platinum" TrojanersCode:
ATTFilter Achtung - Auf diesem PC ist keine Wiederherstellungskonsole installiert !!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.08.2012, 11:10
| #21 |
| | Hilfe zur Entfernung des "Live Security Platinum" Trojaners Hallo, combofix hat versucht die Wiederherstellungskonsole zu installieren, hat dies aber dann mit einem Fehler abgebrochen. Zu diesem Zeitpunkt stand plötzlich die Internetverbindung nicht mehr zur Verfügung, keine Ahnung warum. Vor dem Start von combofix war alles ok. Ich wollte aber auch den combofix Lauf nicht gewaltsam abbrechen. Erst nach dem Reboot war die Internetverbindung dann wieder verfügbar. Weitere Frage: Ich habe standardmässig den Trojan-Remover laufen, dieser meldet nun bei seinem FastScan dass der IExplore.exe Eintrag in der Registry geändert wurde und schlägt vor diesen auf den Standard Eintrag zurückzusetzen. Was soll ich tun? Bisher habe ich das verneint. Gruß MikeP |
|
16.08.2012, 12:34
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Hilfe zur Entfernung des "Live Security Platinum" Trojaners Wir brauchen die Wiederherstellungskonsole: Gehe auf die Microsoft Seite => http://support.microsoft.com/?scid=kb%3Bde%3B310994&x=21&y=12 Wähle den Download, der für dein Betriebssystem bestimmt ist: Hinweis: Für WinXP Sp3 wähle die Sp2 Version.  Lade die Datei herunter und speichere diese mit dem original Namen, neben ComboFix.exe ab (bzw. cofi.exe wenn umbenannt)  Nun schließe alle offenen Programme und Fenster, inklusive der Antiviren und Antimalware Programme. Dies ist notwendig, damit kein Program den Suchlauf von ComboFix behindert.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.08.2012, 12:50
| #23 |
| | Hilfe zur Entfernung des "Live Security Platinum" Trojaners Ok, danke, werde ich machen. Vielleicht noch ein Tip, wie ich die Antivir Prozesse killen kann? Es ist auf normalem Weg ja nur möglich, den Echtzeit Scanner zu deaktivieren. Falls das nicht ausreicht, müsste ich eine Möglichkeit finden, die Antivir Prozesse zu stoppen. Gruß MikeP |
|
16.08.2012, 14:02
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Hilfe zur Entfernung des "Live Security Platinum" Trojaners Echtzeitscanner deaktivieren reicht, falls Meldungen kommen kann man diese ignorieren
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.08.2012, 10:26
| #25 |
| | Hilfe zur Entfernung des "Live Security Platinum" Trojaners Die Wiederherstellungskonsole ist leider über den angegebenen Link nicht mehr herunterzuladen. Auch bei einer ausgiebigen Suche auf der MS Supportseite bin ich nicht fündig geworden. Ich vermute, weil WinXP SP2 bereits aus der Wartung ist. Und für SP3 gibt es die Wiederherstellungskonsole wohl nicht. Also habe ich nun von meiner WinXP Installations CD (SP2) die Wiederherstellungskonsole installiert (und die Warnung, dass meine installierte WinXP Version neuer ist wie die auf der CD ignoriert). Wie soll ich nun weitermachen? Einfach nochmal einen Combofix Suchlauf machen und das Logfile posten? Gruß MikeP |
|
17.08.2012, 20:23
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Hilfe zur Entfernung des "Live Security Platinum" Trojaners Auman, was hat M$ denn schon wieder für einen Mist gebaut  die Datei ist wirklich nicht mehr verfügbar  Starte Windows bitte neu, lade combofix.exe neu runter und mach wie schon o.g. nach Anleitung einen neuen Lauf mit combofix
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.08.2012, 11:35
| #27 |
| | Hilfe zur Entfernung des "Live Security Platinum" Trojaners OK, habe nun combofix nochmal runtergeladen und erneut ausgeführt. Seltsamerweise meldet combofix, dass keine Wiederherstellungskonsole installiert sei, obwohl ich die nun manuell installiert habe. Den Installationsversuch der Konsole bricht combofix dann auch mit der Fehlermeldung ab, dass die Installationsdateien nicht gefunden werden, da ist combofix wohl auch nicht auf dem neuesten Stand... Wie auch immer, hier nun das aktuelle Log: Combofix Logfile: Code:
ATTFilter ComboFix 12-08-17.03 - Michael 18.08.2012 12:22:10.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.49.1031.18.2047.1420 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Michael\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
Achtung - Auf diesem PC ist keine Wiederherstellungskonsole installiert !!
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-07-18 bis 2012-08-18 ))))))))))))))))))))))))))))))
.
.
2012-08-17 09:00 . 2012-08-17 09:00 -------- d-----w- C:\$WIN_NT$.~BT
2012-08-12 10:18 . 2012-08-12 10:18 -------- d-----w- C:\_OTL
2012-08-06 20:52 . 2012-08-06 20:52 -------- d-----w- c:\programme\ESET
2012-07-31 16:52 . 2012-07-31 16:52 -------- d-----r- c:\dokumente und einstellungen\NetworkService\Favoriten
2012-07-21 14:18 . 2012-07-21 14:18 -------- d-sh--w- c:\dokumente und einstellungen\Michael\PrivacIE
2012-07-19 21:30 . 2008-04-14 02:22 26624 ----a-w- c:\dokumente und einstellungen\LocalService\Anwendungsdaten\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2012-07-19 20:21 . 2012-07-19 20:21 -------- d-----w- c:\dokumente und einstellungen\Anja\Lokale Einstellungen\Anwendungsdaten\Apple
2012-07-19 20:18 . 2012-07-19 20:26 -------- d-----w- c:\dokumente und einstellungen\Anja\Anwendungsdaten\dvdcss
2012-07-19 20:14 . 2012-07-19 20:14 -------- d-----w- c:\dokumente und einstellungen\Anja\Anwendungsdaten\Garmin
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-14 21:35 . 2012-06-13 07:14 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-14 21:35 . 2012-06-13 07:14 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-03 11:46 . 2012-06-03 13:28 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-02 13:19 . 2007-10-02 18:11 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2007-10-02 18:11 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2007-10-02 18:11 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2007-07-30 17:20 15896 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2007-07-30 17:18 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2007-10-02 18:11 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2007-10-02 18:11 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 13:19 . 2007-07-30 17:20 15896 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2007-07-30 17:19 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2006-02-28 12:00 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2007-07-30 17:18 23576 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2007-10-02 18:11 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2007-10-02 18:11 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-07-18 20:10 . 2011-03-26 23:55 136672 ----a-w- c:\programme\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-08-14_21.47.25 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-08-18 10:07 . 2012-08-18 10:07 16384 c:\windows\Temp\Perflib_Perfdata_72c.dat
+ 2012-08-18 10:06 . 2012-08-18 10:06 16384 c:\windows\Temp\Perflib_Perfdata_61c.dat
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\programme\Gemeinsame Dateien\LightScribe\LightScribeControlPanel.exe" [2008-08-22 2363392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-02-23 7774208]
"nwiz"="nwiz.exe" [2007-02-23 1622016]
"SW20"="c:\windows\system32\sw20.exe" [2006-12-15 208896]
"SW24"="c:\windows\system32\sw24.exe" [2006-12-15 69632]
"WinSys2"="c:\windows\system32\winsys2.exe" [2006-12-15 217088]
"NvMediaCenter"="NvMCTray.dll" [2007-02-23 81920]
"RTHDCPL"="RTHDCPL.EXE" [2006-12-19 16062464]
"QuickTime Task"="c:\programme\QuickTime\qttask.exe" [2007-06-29 286720]
"Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"NeroFilterCheck"="c:\programme\Gemeinsame Dateien\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"SunJavaUpdateSched"="c:\programme\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"AVMWlanClient"="c:\programme\avmwlanstick\wlangui.exe" [2008-09-05 1794048]
"ColorNavigator 6"="c:\programme\EIZO\ColorNavigator 6 Core\cn6_eacore.exe" [2011-11-15 74240]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2012-08-10 348664]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"TrojanScanner"="c:\programme\Trojan Remover\Trjscan.exe" [2012-01-23 1238800]
"Malwarebytes' Anti-Malware"="c:\programme\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
"Garmin Lifetime Updater"="c:\programme\Garmin\Lifetime Updater\GarminLifetime.exe" [2012-06-04 1466760]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\dokumente und einstellungen\Anja\Startmenü\Programme\Autostart\
ColorNavigator 6.lnk - c:\programme\EIZO\ColorNavigator 6\ColorNavigator 6.exe [2012-1-2 142848]
OpenOffice.org 2.3.lnk - c:\programme\OpenOffice.org 2.3\program\quickstart.exe [2007-8-17 393216]
.
c:\dokumente und einstellungen\Michael\Startmenü\Programme\Autostart\
ColorNavigator 6.lnk - c:\programme\EIZO\ColorNavigator 6\ColorNavigator 6.exe [2012-1-2 142848]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\EIZO\\ColorNavigator 6 Core\\cn6_eacore.exe"=
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [03.01.2012 11:46 36000]
R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\programme\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [16.09.2008 13:03 169312]
R2 AntiVirSchedulerService;Avira Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [03.01.2012 11:46 86224]
R2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run --> c:\windows\system32\hasplms.exe -run [?]
R2 IGDCTRL;AVM IGD CTRL Service;c:\programme\FRITZ!DSL\IGDCTRL.EXE [04.09.2007 10:14 87344]
R2 MBAMService;MBAMService;c:\programme\Malwarebytes' Anti-Malware\mbamservice.exe [03.06.2012 15:28 655944]
R2 vmserverdWin32;VMware Registration Service;c:\programme\VMware\VMware Server\vmserverdWin32.exe [06.09.2007 15:40 1650781]
R3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\system32\drivers\fwlanusb.sys [18.05.2009 09:50 265088]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [03.06.2012 15:28 22344]
R3 X-Rite;X-Rite USB Service;c:\windows\system32\drivers\XrUsb.sys [02.01.2012 17:34 18168]
S2 DirMngr;DirMngr;c:\programme\GNU\GnuPG\dirmngr.exe [02.03.2011 17:20 224256]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [13.06.2012 09:14 250056]
S3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys [18.05.2009 09:50 4352]
S3 DigiCellDriver;DigiCellDriver;c:\programme\MSI\DualCoreCenter\NTGLM7X.sys [02.10.2007 22:50 27648]
S3 DT T-Sinus 130data(R);DT T-Sinus 130data(R) Service for T-Sinus 130data;c:\windows\system32\drivers\dtusbxp.sys [02.10.2007 23:05 87552]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\programme\Mozilla Maintenance Service\maintenanceservice.exe [07.05.2012 17:45 113120]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\g:\ntglm7x.sys --> g:\NTGLM7X.sys [?]
S3 Spyder3;Datacolor Spyder3;c:\windows\system32\drivers\Spyder3.sys [06.11.2007 13:08 12288]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-08-22 12:11 451872 ----a-w- c:\programme\Gemeinsame Dateien\LightScribe\LSRunOnce.exe
.
Inhalt des "geplante Tasks" Ordners
.
2012-08-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-13 21:35]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://web.de/
uInternet Settings,ProxyOverride = fritz.box
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\dokumente und einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\hv8isadc.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.startup.homepage - http:\\\\web.de
FF - user.js: yahoo.homepage.dontask - true
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-08-18 12:26
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'explorer.exe'(3752)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Zeit der Fertigstellung: 2012-08-18 12:27:32
ComboFix-quarantined-files.txt 2012-08-18 10:27
ComboFix2.txt 2012-08-14 21:48
.
Vor Suchlauf: 9 Verzeichnis(se), 30.839.816.192 Bytes frei
Nach Suchlauf: 10 Verzeichnis(se), 30.840.307.712 Bytes frei
.
- - End Of File - - 0CBC6B45A314B8D3B3EBD1A0972FFF94
Gruß MikeP |
|
18.08.2012, 14:07
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Hilfe zur Entfernung des "Live Security Platinum" Trojaners Ja, das haut nicht mehr mit der WHK, liegt leider an Micro$oft, die eine Datei von ihrem Server entfernt haben  Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.08.2012, 19:57
| #29 |
| | Hilfe zur Entfernung des "Live Security Platinum" Trojaners Ok, hier nun die aktuellen Logs. GMER Code:
ATTFilter GMER Logfile: Code:
ATTFilter OSAM Logfile: Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-19 16:21:42
-----------------------------
16:21:42.531 OS Version: Windows 5.1.2600 Service Pack 3
16:21:42.531 Number of processors: 2 586 0xF0B
16:21:42.531 ComputerName: DEEPBLUE UserName: Michael
16:21:42.781 Initialize success
16:25:00.578 AVAST engine defs: 12081900
16:26:04.796 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-17
16:26:04.796 Disk 0 Vendor: SAMSUNG_HD501LJ CR100-10 Size: 476940MB BusType: 3
16:26:04.796 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-22
16:26:04.796 Disk 1 Vendor: WDC_WD1001FALS-00E8B0 05.00K05 Size: 953869MB BusType: 3
16:26:04.828 Disk 0 MBR read successfully
16:26:04.828 Disk 0 MBR scan
16:26:04.859 Disk 0 Windows XP default MBR code
16:26:04.859 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76897 MB offset 63
16:26:04.859 Disk 0 Partition - 00 0F Extended LBA 400032 MB offset 157485195
16:26:04.875 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 200012 MB offset 157485258
16:26:04.875 Disk 0 Partition - 00 05 Extended 200020 MB offset 567110565
16:26:04.890 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 200020 MB offset 567110628
16:26:04.890 Disk 0 scanning sectors +976752000
16:26:04.953 Disk 0 scanning C:\WINDOWS\system32\drivers
16:26:15.406 Service scanning
16:26:23.078 Modules scanning
16:27:03.500 Disk 0 trace - called modules:
16:27:03.546 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
16:27:03.546 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a66cab8]
16:27:03.546 3 CLASSPNP.SYS[ba108fd7] -> nt!IofCallDriver -> \Device\0000007f[0x8a66e9e8]
16:27:03.546 5 ACPI.sys[b9f7e620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-17[0x8a701d98]
16:27:03.812 AVAST engine scan C:\WINDOWS
16:28:08.578 AVAST engine scan C:\WINDOWS\system32
16:37:01.078 AVAST engine scan C:\WINDOWS\system32\drivers
16:37:58.125 AVAST engine scan C:\Dokumente und Einstellungen\Michael
16:42:52.031 AVAST engine scan C:\Dokumente und Einstellungen\All Users
16:45:11.484 Scan finished successfully
16:45:46.578 Disk 0 MBR has been saved successfully to "C:\Dokumente und Einstellungen\Michael\Desktop\MBR.dat"
16:45:46.578 The log file has been saved successfully to "C:\Dokumente und Einstellungen\Michael\Desktop\aswMBR.txt"
|
|
20.08.2012, 21:31
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Hilfe zur Entfernung des "Live Security Platinum" Trojaners Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Hilfe zur Entfernung des "Live Security Platinum" Trojaners |
| abgesicherten, aktuelle, anleitung, antivirus, avira, brauche, free, gen, hallo zusammen, home, live, logfiles, malwarebytes, modus, neu, platinum, programme, rechner, scan, security, system, trojaner, winxp, xp home |
Linear-Darstellung
