| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Combofix meldet VirutWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
30.11.2012, 20:11
| #1 |
| |  Combofix meldet Virut Hallo, hab ziemliche Probleme mit meinem Laptop. Ich hab Windows XP und er läuft ziemlich schlecht. Nach einigen Antiviren Programmen, und Versuchen hat Combofix gemeldet, das Virut auf meinem Rechner ist. Was soll ich nun tun? Hier ein HiJack Log: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:11:06, on 30.11.2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Intel\Wireless\Bin\EvtEng.exe C:\Programme\Intel\Wireless\Bin\S24EvMon.exe C:\Programme\Intel\Wireless\Bin\WLKeeper.exe C:\WINDOWS\system32\svchost.exe C:\Programme\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\system32\brsvc01a.exe C:\WINDOWS\system32\brss01a.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Programme\Java\jre7\bin\jqs.exe C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe C:\Programme\Gemeinsame Dateien\Native Instruments\Hardware\NIHardwareService.exe C:\Programme\CDBurnerXP\NMSAccessU.exe C:\Programme\Intel\Wireless\Bin\RegSrvc.exe C:\Programme\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe C:\Programme\Logitech\Gaming Software\LWEMon.exe C:\Programme\Brother\Brmfcmon\BrMfcWnd.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\stsystra.exe C:\Programme\AVAST Software\Avast\avastUI.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe C:\Programme\Brother\ControlCenter3\brccMCtl.exe C:\Programme\Brother\Brmfcmon\BrMfimon.exe C:\Programme\Brother\Brmfcmon\BrMfcmon.exe C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Programme\Power Mixer\pwmixer.exe C:\WINDOWS\system32\taskmgr.exe C:\DOKUME~1\Hag2bard\LOKALE~1\Temp\nsd67.tmp\setup.exe C:\Programme\Mozilla Firefox\firefox.exe C:\WINDOWS\explorer.exe C:\32788R22FWJFW\cmd.3XE C:\Programme\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Programme\FlashGet\jccatch.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file) O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Programme\FlashGet\getflash.dll O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [IntelWireless] "C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Programme\Logitech\Gaming Software\LWEMon.exe /noui O4 - HKLM\..\Run: [BrMfcWnd] C:\Programme\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [ControlCenter3] C:\Programme\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [avast] "C:\Programme\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [VolumeLock] "C:\Programme\VolumeLock\vollock.exe" /m O4 - HKCU\..\Run: [BatteryCare] C:\Programme\BatteryCare\BatteryCare.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &Alles mit FlashGet laden - C:\Programme\FlashGet\jc_all.htm O8 - Extra context menu item: &Mit FlashGet laden - C:\Programme\FlashGet\jc_link.htm O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Programme\FlashGet\FlashGet.exe O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Programme\FlashGet\FlashGet.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1345197290203 O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - hxxp://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} (DellSystemLite.Scanner) - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.3.0.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Programme\AVAST Software\Avast\AvastSvc.exe O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Programme\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: DCService.exe - Unknown owner - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DatacardService\DCService.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\EvtEng.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Programme\Java\jre7\bin\jqs.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Programme\Gemeinsame Dateien\Native Instruments\Hardware\NIHardwareService.exe O23 - Service: NMSAccess - Unknown owner - C:\Programme\CDBurnerXP\NMSAccessU.exe O23 - Service: Power Mixer - Unknown owner - C:\Programme\Power Mixer\srvman.exe O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Programme\Skype\Updater\Updater.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Programme\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Programme\Intel\Wireless\Bin\WLKeeper.exe -- End of file - 9428 bytes Danke im Voraus |
|
30.11.2012, 20:35
| #2 |
| /// Malware-holic   | Combofix meldet Virut Hi
__________________1. Steht doch bei Combofix ne eindeutige Warnung, nicht auf eigene Faust. 2. "Ziemliche Probleme" Was sollen wir damit anfangen? genauer bitte. 3. Genau das selbe gilt für "einige Antivirenprogramme" welche, und welche funde? logs posten. 4. Nächstes mal bitte auch unsere Anleitungen lesen, HJT wird aus vielerlei Gründen nicht mehr genutzt
__________________ |
|
30.11.2012, 20:51
| #3 |
| | Combofix meldet Virut Naja sorry dass ich so wenig geschrieben hab.
__________________Dann hol ich also mal ganz weit aus. Vor etwa 1 Woche wurde ich auf youtube informiert, dass ein Anmeldungsvorgang auf mein Konto verhindert wirkte. Es war eine Anmeldung aus China. Da wurde ich aufmerksam und scannte meinen Rechner erstmal mit AntiMalware und er fand einen Virus mit den Namen stolen.data. Dummerweise hab ich die log nicht mehr. Seit kurzem war es dann so, dass das Starten von Windows ewig gedauert hat und er sich dann aufhing. Maus bewegen ging noch und beim Zeigen auf Objekte wurde mir auch die Beschreibung angezeigt. Taskmanager lies sich nicht öffnen und die Taskleiste sowie andere Explorer Sachen, reagierten nicht. Seitdem versuche ich mit allen möglichen Mitteln meinen PC zu säubern. Benutzt habe ich: Malwarebytes Anti Malware TDSSKiller Gmer OTL RSIT ERUNT aswMBR adwcleaner Also alles sehr zusammengewürfelt, da ich mir alle Tipps aus vielen Threads zu Herzen genommen hab. Deshalb kann ich auch keine so klare Aussage darüber machen, was schon alles gefunden und was gelöscht wurde. Da ich das Chaos nun beseitigen möchte, geh ich mal die Anleitung Schritt für Schritt durch und poste dann. Sorry für die Unprofessionalität, normalerweise gehe ich immer etwas intelligenter an solche Sachen ran, aber da mein Passwort geklaut wurde, wollte ich alle Geschütze auffahren. |
|
30.11.2012, 20:56
| #4 |
| /// Malware-holic | Combofix meldet Virut hi Malwarebytes logs mit Funden posten: http://www.trojaner-board.de/125889-...en-posten.html C: öffnen, tdss-killer-version-datum.txt posten
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
01.12.2012, 01:30
| #5 |
| | Combofix meldet Virut Hallo, danke erstmal dass du hilfst. Die Logs die ich laut Tutorial machen sollte hab ich im Anhang als Zip Datei mit dem Namen "logstutorial.zip" angehängt. In dem Archiv sind: OTL.txt Extras.txt gmer.log Soweit zu den Sachen aus der Anleitung Hier die tdss-killer-version-datum.txt Code:
ATTFilter 23:52:38.0031 0744 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
23:52:39.0437 0744 ============================================================
23:52:39.0437 0744 Current date / time: 2012/11/28 23:52:39.0437
23:52:39.0437 0744 SystemInfo:
23:52:39.0437 0744
23:52:39.0453 0744 OS Version: 5.1.2600 ServicePack: 3.0
23:52:39.0453 0744 Product type: Workstation
23:52:39.0453 0744 ComputerName: DELL-PC
23:52:39.0453 0744 UserName: Hag2bard
23:52:39.0453 0744 Windows directory: C:\WINDOWS
23:52:39.0453 0744 System windows directory: C:\WINDOWS
23:52:39.0453 0744 Processor architecture: Intel x86
23:52:39.0453 0744 Number of processors: 2
23:52:39.0453 0744 Page size: 0x1000
23:52:39.0453 0744 Boot type: Normal boot
23:52:39.0453 0744 ============================================================
23:52:41.0156 0744 Drive \Device\Harddisk0\DR0 - Size: 0x1248119400 (73.13 Gb), SectorSize: 0x200, Cylinders: 0x254A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
23:52:41.0156 0744 Drive \Device\Harddisk1\DR2 - Size: 0x15D50D00000 (1397.26 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:52:41.0625 0744 Drive \Device\Harddisk2\DR3 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:52:41.0625 0744 ============================================================
23:52:41.0625 0744 \Device\Harddisk0\DR0:
23:52:41.0625 0744 MBR partitions:
23:52:41.0625 0744 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x923C9CA
23:52:41.0625 0744 \Device\Harddisk1\DR2:
23:52:41.0625 0744 MBR partitions:
23:52:41.0625 0744 \Device\Harddisk1\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAEA86000
23:52:41.0625 0744 \Device\Harddisk2\DR3:
23:52:41.0625 0744 MBR partitions:
23:52:41.0625 0744 \Device\Harddisk2\DR3\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
23:52:41.0625 0744 ============================================================
23:52:41.0671 0744 C: <-> \Device\Harddisk0\DR0\Partition1
23:52:41.0703 0744 F: <-> \Device\Harddisk1\DR2\Partition1
23:52:42.0187 0744 G: <-> \Device\Harddisk2\DR3\Partition1
23:52:42.0187 0744 ============================================================
23:52:42.0187 0744 Initialize success
23:52:42.0187 0744 ============================================================
23:53:14.0171 1976 ============================================================
23:53:14.0171 1976 Scan started
23:53:14.0171 1976 Mode: Manual; SigCheck; TDLFS;
23:53:14.0171 1976 ============================================================
23:53:15.0406 1976 ================ Scan system memory ========================
23:53:17.0734 1976 System memory - ok
23:53:17.0734 1976 ================ Scan services =============================
23:53:17.0921 1976 Abiosdsk - ok
23:53:17.0937 1976 abp480n5 - ok
23:53:18.0000 1976 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
23:53:19.0671 1976 ACPI - ok
23:53:19.0718 1976 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
23:53:19.0921 1976 ACPIEC - ok
23:53:20.0000 1976 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:53:20.0031 1976 AdobeFlashPlayerUpdateSvc - ok
23:53:20.0031 1976 adpu160m - ok
23:53:20.0093 1976 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
23:53:20.0218 1976 aec - ok
23:53:20.0265 1976 [ 023867B6606FBABCDD52E089C4A507DA ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
23:53:20.0265 1976 AegisP ( UnsignedFile.Multi.Generic ) - warning
23:53:20.0265 1976 AegisP - detected UnsignedFile.Multi.Generic (1)
23:53:20.0328 1976 [ 322D0E36693D6E24A2398BEE62A268CD ] AFD C:\WINDOWS\System32\drivers\afd.sys
23:53:20.0515 1976 AFD - ok
23:53:20.0531 1976 Aha154x - ok
23:53:20.0531 1976 aic78u2 - ok
23:53:20.0546 1976 aic78xx - ok
23:53:20.0593 1976 [ 64FC197D24A2B240598F29CE0A6660C0 ] akshasp C:\WINDOWS\system32\DRIVERS\akshasp.sys
23:53:20.0687 1976 akshasp - ok
23:53:20.0718 1976 [ AE2C310930AC216B80A1CE65E834C4DE ] aksusb C:\WINDOWS\system32\DRIVERS\aksusb.sys
23:53:20.0765 1976 aksusb - ok
23:53:20.0812 1976 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
23:53:20.0906 1976 ALG - ok
23:53:20.0921 1976 AliIde - ok
23:53:20.0921 1976 amsint - ok
23:53:20.0984 1976 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
23:53:21.0062 1976 AppMgmt - ok
23:53:21.0109 1976 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
23:53:21.0296 1976 Arp1394 - ok
23:53:21.0312 1976 asc - ok
23:53:21.0312 1976 asc3350p - ok
23:53:21.0312 1976 asc3550 - ok
23:53:21.0406 1976 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
23:53:21.0421 1976 aspnet_state - ok
23:53:21.0468 1976 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:53:21.0593 1976 AsyncMac - ok
23:53:21.0656 1976 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
23:53:21.0765 1976 atapi - ok
23:53:21.0781 1976 Atdisk - ok
23:53:21.0812 1976 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
23:53:22.0000 1976 Atmarpc - ok
23:53:22.0093 1976 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
23:53:22.0218 1976 AudioSrv - ok
23:53:22.0265 1976 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
23:53:22.0390 1976 audstub - ok
23:53:22.0468 1976 [ 34F335FEC0D7A7A4D329390B7C7B59B8 ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys
23:53:22.0500 1976 avgtp - ok
23:53:22.0593 1976 [ 7692F4B242E45870873CAF4CB85CF769 ] AxAutoMntSrv C:\Programme\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe
23:53:22.0625 1976 AxAutoMntSrv - ok
23:53:22.0687 1976 [ CD4646067CC7DCBA1907FA0ACF7E3966 ] bcm4sbxp C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
23:53:22.0750 1976 bcm4sbxp - ok
23:53:22.0781 1976 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
23:53:23.0000 1976 Beep - ok
23:53:23.0078 1976 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
23:53:23.0218 1976 BITS - ok
23:53:23.0218 1976 BMLoad - ok
23:53:23.0250 1976 [ D3FACB34FFF5DB91ADB70987838F8BA7 ] Brother XP spl Service C:\WINDOWS\system32\brsvc01a.exe
23:53:23.0281 1976 Brother XP spl Service ( UnsignedFile.Multi.Generic ) - warning
23:53:23.0281 1976 Brother XP spl Service - detected UnsignedFile.Multi.Generic (1)
23:53:23.0312 1976 [ 92A964547B96D697E5E9ED43B4297F5A ] BrScnUsb C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys
23:53:23.0359 1976 BrScnUsb - ok
23:53:23.0390 1976 [ 1A5FC78E41840EDF79D65EC16EFF2787 ] BrSerIf C:\WINDOWS\system32\Drivers\BrSerIf.sys
23:53:23.0421 1976 BrSerIf - ok
23:53:23.0437 1976 [ A24C7B39602218F8DBDB2B6704325FC7 ] BrUsbSer C:\WINDOWS\system32\Drivers\BrUsbSer.sys
23:53:23.0468 1976 BrUsbSer - ok
23:53:23.0609 1976 catchme - ok
23:53:23.0656 1976 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
23:53:23.0812 1976 cbidf2k - ok
23:53:23.0828 1976 cd20xrnt - ok
23:53:23.0875 1976 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
23:53:24.0031 1976 Cdaudio - ok
23:53:24.0109 1976 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
23:53:24.0312 1976 Cdfs - ok
23:53:24.0390 1976 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
23:53:24.0515 1976 Cdrom - ok
23:53:24.0515 1976 Changer - ok
23:53:24.0546 1976 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
23:53:24.0671 1976 CiSvc - ok
23:53:24.0750 1976 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
23:53:24.0890 1976 ClipSrv - ok
23:53:24.0937 1976 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:53:24.0953 1976 clr_optimization_v2.0.50727_32 - ok
23:53:24.0984 1976 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
23:53:25.0109 1976 CmBatt - ok
23:53:25.0109 1976 CmdIde - ok
23:53:25.0156 1976 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
23:53:25.0281 1976 Compbatt - ok
23:53:25.0296 1976 COMSysApp - ok
23:53:25.0312 1976 Cpqarray - ok
23:53:25.0375 1976 [ D01F685F8B4598D144B0CCE9FF95D8D5 ] cpudrv C:\Programme\SystemRequirementsLab\cpudrv.sys
23:53:25.0375 1976 cpudrv - ok
23:53:25.0421 1976 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
23:53:25.0562 1976 CryptSvc - ok
23:53:25.0562 1976 dac2w2k - ok
23:53:25.0578 1976 dac960nt - ok
23:53:25.0703 1976 [ E970C2296916BF4A2F958680016FE312 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
23:53:25.0875 1976 DcomLaunch - ok
23:53:26.0046 1976 DCService.exe - ok
23:53:26.0109 1976 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
23:53:26.0328 1976 Dhcp - ok
23:53:26.0375 1976 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
23:53:26.0500 1976 Disk - ok
23:53:26.0515 1976 dmadmin - ok
23:53:26.0625 1976 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
23:53:26.0812 1976 dmboot - ok
23:53:26.0875 1976 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\DRIVERS\dmio.sys
23:53:27.0015 1976 dmio - ok
23:53:27.0046 1976 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
23:53:27.0218 1976 dmload - ok
23:53:27.0234 1976 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
23:53:27.0359 1976 dmserver - ok
23:53:27.0390 1976 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
23:53:27.0531 1976 DMusic - ok
23:53:27.0562 1976 [ D2EE54CDBCED01D48F2B18642BE79A98 ] DNINDIS5 C:\WINDOWS\system32\DNINDIS5.SYS
23:53:27.0578 1976 DNINDIS5 ( UnsignedFile.Multi.Generic ) - warning
23:53:27.0578 1976 DNINDIS5 - detected UnsignedFile.Multi.Generic (1)
23:53:27.0625 1976 [ 8C9ED3B2834AAE63081AB2DA831C6FE9 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
23:53:27.0750 1976 Dnscache - ok
23:53:27.0812 1976 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
23:53:27.0953 1976 Dot3svc - ok
23:53:27.0968 1976 dpti2o - ok
23:53:28.0046 1976 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
23:53:28.0203 1976 drmkaud - ok
23:53:28.0218 1976 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
23:53:28.0359 1976 EapHost - ok
23:53:28.0390 1976 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
23:53:28.0531 1976 ERSvc - ok
23:53:28.0593 1976 [ 4BB6A83640F1D1792AD21CE767B621C6 ] Eventlog C:\WINDOWS\system32\services.exe
23:53:28.0718 1976 Eventlog - ok
23:53:28.0781 1976 [ 0F3EDAEE1EF97CF3DB2BE23A7289B78C ] EventSystem C:\WINDOWS\system32\es.dll
23:53:28.0921 1976 EventSystem - ok
23:53:29.0015 1976 [ ED9C755312F29D55B8C815EEC7115635 ] EvtEng C:\Programme\Intel\Wireless\Bin\EvtEng.exe
23:53:29.0046 1976 EvtEng ( UnsignedFile.Multi.Generic ) - warning
23:53:29.0046 1976 EvtEng - detected UnsignedFile.Multi.Generic (1)
23:53:29.0125 1976 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
23:53:29.0250 1976 Fastfat - ok
23:53:29.0312 1976 [ 40602EBFBE06AA075C8E4560743F6883 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
23:53:29.0453 1976 FastUserSwitchingCompatibility - ok
23:53:29.0484 1976 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
23:53:29.0671 1976 Fdc - ok
23:53:29.0671 1976 filtertdidriver - ok
23:53:29.0750 1976 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
23:53:29.0890 1976 Fips - ok
23:53:29.0968 1976 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
23:53:30.0015 1976 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
23:53:30.0015 1976 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
23:53:30.0046 1976 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
23:53:30.0171 1976 Flpydisk - ok
23:53:30.0218 1976 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
23:53:30.0375 1976 FltMgr - ok
23:53:30.0500 1976 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
23:53:30.0515 1976 FontCache3.0.0.0 - ok
23:53:30.0531 1976 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:53:30.0687 1976 Fs_Rec - ok
23:53:30.0765 1976 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
23:53:30.0968 1976 Ftdisk - ok
23:53:30.0968 1976 GEARAspiWDM - ok
23:53:31.0046 1976 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
23:53:31.0218 1976 Gpc - ok
23:53:31.0296 1976 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
23:53:31.0328 1976 gupdate - ok
23:53:31.0343 1976 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
23:53:31.0359 1976 gupdatem - ok
23:53:31.0406 1976 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\WINDOWS\system32\DRIVERS\hamachi.sys
23:53:31.0437 1976 hamachi - ok
23:53:31.0484 1976 [ 506097D91E96AEE4BAD61800782E8FB6 ] hardlock C:\WINDOWS\system32\drivers\hardlock.sys
23:53:31.0546 1976 hardlock - ok
23:53:31.0609 1976 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
23:53:31.0812 1976 HDAudBus - ok
23:53:31.0890 1976 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
23:53:32.0031 1976 helpsvc - ok
23:53:32.0062 1976 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll
23:53:32.0171 1976 HidServ - ok
23:53:32.0203 1976 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
23:53:32.0343 1976 HidUsb - ok
23:53:32.0390 1976 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
23:53:32.0531 1976 hkmsvc - ok
23:53:32.0546 1976 hpn - ok
23:53:32.0593 1976 [ 1C8CAA80E91FB71864E9426F9EED048D ] HSFHWAZL C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
23:53:32.0656 1976 HSFHWAZL - ok
23:53:32.0718 1976 [ 698204D9C2832E53633E53A30A53FC3D ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
23:53:32.0796 1976 HSF_DPV - ok
23:53:32.0796 1976 HTCAND32 - ok
23:53:32.0875 1976 [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
23:53:33.0078 1976 HTTP - ok
23:53:33.0109 1976 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
23:53:33.0250 1976 HTTPFilter - ok
23:53:33.0250 1976 hwdatacard - ok
23:53:33.0250 1976 hwusbdev - ok
23:53:33.0265 1976 i2omgmt - ok
23:53:33.0265 1976 i2omp - ok
23:53:33.0343 1976 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
23:53:33.0484 1976 i8042prt - ok
23:53:33.0734 1976 [ E8C7CC369C2FB657E0792AF70DF529E6 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
23:53:34.0187 1976 ialm - ok
23:53:34.0296 1976 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:53:34.0375 1976 idsvc - ok
23:53:34.0421 1976 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
23:53:34.0640 1976 Imapi - ok
23:53:34.0687 1976 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
23:53:34.0828 1976 ImapiService - ok
23:53:34.0828 1976 ini910u - ok
23:53:34.0843 1976 IntelIde - ok
23:53:34.0875 1976 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
23:53:35.0000 1976 intelppm - ok
23:53:35.0031 1976 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
23:53:35.0156 1976 Ip6Fw - ok
23:53:35.0171 1976 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:53:35.0328 1976 IpFilterDriver - ok
23:53:35.0343 1976 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
23:53:35.0484 1976 IpInIp - ok
23:53:35.0546 1976 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
23:53:35.0703 1976 IpNat - ok
23:53:35.0734 1976 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
23:53:35.0859 1976 IPSec - ok
23:53:35.0890 1976 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
23:53:35.0953 1976 IRENUM - ok
23:53:36.0000 1976 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
23:53:36.0125 1976 isapnp - ok
23:53:36.0156 1976 [ AD67795900AA8C05CC4570F5349E0639 ] JSWSCIMD C:\WINDOWS\system32\DRIVERS\jswscimd.sys
23:53:36.0203 1976 JSWSCIMD - ok
23:53:36.0234 1976 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
23:53:36.0343 1976 Kbdclass - ok
23:53:36.0375 1976 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
23:53:36.0562 1976 kbdhid - ok
23:53:36.0656 1976 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
23:53:36.0828 1976 kmixer - ok
23:53:36.0859 1976 [ 1705745D900DABF2D89F90EBADDC7517 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
23:53:37.0046 1976 KSecDD - ok
23:53:37.0093 1976 [ D6EB4916B203CBE525F8EFF5FD5AB16C ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
23:53:37.0312 1976 LanmanServer - ok
23:53:37.0328 1976 lbrtfdc - ok
23:53:37.0359 1976 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
23:53:37.0484 1976 LmHosts - ok
23:53:37.0531 1976 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
23:53:37.0546 1976 MBAMProtector - ok
23:53:37.0609 1976 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
23:53:37.0656 1976 MBAMScheduler - ok
23:53:37.0703 1976 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
23:53:37.0734 1976 MBAMService - ok
23:53:37.0781 1976 [ 3C318B9CD391371BED62126581EE9961 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
23:53:37.0812 1976 mdmxsdk - ok
23:53:37.0843 1976 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
23:53:37.0968 1976 mnmdd - ok
23:53:38.0000 1976 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
23:53:38.0140 1976 mnmsrvc - ok
23:53:38.0187 1976 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
23:53:38.0328 1976 Modem - ok
23:53:38.0359 1976 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
23:53:38.0484 1976 Mouclass - ok
23:53:38.0515 1976 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
23:53:38.0640 1976 mouhid - ok
23:53:38.0671 1976 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
23:53:38.0796 1976 MountMgr - ok
23:53:38.0843 1976 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
23:53:38.0859 1976 MozillaMaintenance - ok
23:53:38.0875 1976 mraid35x - ok
23:53:38.0921 1976 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
23:53:39.0031 1976 MRxDAV - ok
23:53:39.0078 1976 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
23:53:39.0203 1976 MSDTC - ok
23:53:39.0234 1976 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
23:53:39.0390 1976 Msfs - ok
23:53:39.0390 1976 MSIServer - ok
23:53:39.0437 1976 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:53:39.0625 1976 MSKSSRV - ok
23:53:39.0640 1976 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:53:39.0796 1976 MSPCLOCK - ok
23:53:39.0812 1976 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
23:53:39.0937 1976 MSPQM - ok
23:53:39.0953 1976 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
23:53:40.0062 1976 mssmbios - ok
23:53:40.0109 1976 [ 2F625D11385B1A94360BFC70AAEFDEE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
23:53:40.0218 1976 Mup - ok
23:53:40.0312 1976 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
23:53:40.0437 1976 napagent - ok
23:53:40.0500 1976 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
23:53:40.0625 1976 NDIS - ok
23:53:40.0828 1976 [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:53:40.0953 1976 NdisTapi - ok
23:53:40.0984 1976 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:53:41.0109 1976 Ndisuio - ok
23:53:41.0156 1976 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:53:41.0265 1976 NdisWan - ok
23:53:41.0312 1976 [ 6215023940CFD3702B46ABC304E1D45A ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
23:53:41.0531 1976 NDProxy - ok
23:53:41.0593 1976 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
23:53:41.0734 1976 NetBT - ok
23:53:41.0781 1976 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
23:53:41.0921 1976 NetDDE - ok
23:53:41.0921 1976 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
23:53:42.0062 1976 NetDDEdsdm - ok
23:53:42.0171 1976 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
23:53:42.0312 1976 Netman - ok
23:53:42.0343 1976 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:53:42.0359 1976 NetTcpPortSharing - ok
23:53:42.0390 1976 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
23:53:42.0546 1976 NIC1394 - ok
23:53:42.0812 1976 [ FEB33E85DA105767265C89F97201135F ] NIHardwareService C:\Programme\Gemeinsame Dateien\Native Instruments\Hardware\NIHardwareService.exe
23:53:43.0171 1976 NIHardwareService ( UnsignedFile.Multi.Generic ) - warning
23:53:43.0171 1976 NIHardwareService - detected UnsignedFile.Multi.Generic (1)
23:53:43.0265 1976 [ F12B9D9A069331877D006CC81B4735F9 ] Nla C:\WINDOWS\System32\mswsock.dll
23:53:43.0406 1976 Nla - ok
23:53:43.0484 1976 [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F ] NMSAccess C:\Programme\CDBurnerXP\NMSAccessU.exe
23:53:43.0500 1976 NMSAccess - ok
23:53:43.0531 1976 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
23:53:43.0656 1976 Npfs - ok
23:53:43.0765 1976 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
23:53:43.0921 1976 Ntfs - ok
23:53:43.0984 1976 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
23:53:44.0125 1976 NtmsSvc - ok
23:53:44.0125 1976 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
23:53:44.0234 1976 Null - ok
23:53:44.0265 1976 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
23:53:44.0375 1976 NwlnkFlt - ok
23:53:44.0390 1976 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
23:53:44.0500 1976 NwlnkFwd - ok
23:53:44.0546 1976 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
23:53:44.0656 1976 ohci1394 - ok
23:53:44.0687 1976 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\drivers\Parport.sys
23:53:44.0812 1976 Parport - ok
23:53:44.0828 1976 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
23:53:44.0953 1976 PartMgr - ok
23:53:44.0984 1976 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
23:53:45.0109 1976 ParVdm - ok
23:53:45.0156 1976 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
23:53:45.0296 1976 PCI - ok
23:53:45.0296 1976 PCIDump - ok
23:53:45.0343 1976 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
23:53:45.0453 1976 PCIIde - ok
23:53:45.0515 1976 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
23:53:45.0625 1976 Pcmcia - ok
23:53:45.0625 1976 PDCOMP - ok
23:53:45.0640 1976 PDFRAME - ok
23:53:45.0656 1976 PDRELI - ok
23:53:45.0656 1976 PDRFRAME - ok
23:53:45.0671 1976 perc2 - ok
23:53:45.0671 1976 perc2hib - ok
23:53:45.0734 1976 [ 4BB6A83640F1D1792AD21CE767B621C6 ] PlugPlay C:\WINDOWS\system32\services.exe
23:53:45.0843 1976 PlugPlay - ok
23:53:45.0890 1976 [ 713E294439D982BB161317DE0136FAA0 ] pneteth C:\WINDOWS\system32\DRIVERS\pneteth.sys
23:53:45.0906 1976 pneteth ( UnsignedFile.Multi.Generic ) - warning
23:53:45.0906 1976 pneteth - detected UnsignedFile.Multi.Generic (1)
23:53:45.0953 1976 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
23:53:46.0062 1976 PolicyAgent - ok
23:53:46.0125 1976 [ 7A315563AD291699699F9B931FA836C8 ] Power Mixer C:\Programme\Power Mixer\srvman.exe
23:53:46.0156 1976 Power Mixer ( UnsignedFile.Multi.Generic ) - warning
23:53:46.0156 1976 Power Mixer - detected UnsignedFile.Multi.Generic (1)
23:53:46.0187 1976 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
23:53:46.0312 1976 PptpMiniport - ok
23:53:46.0312 1976 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
23:53:46.0437 1976 ProtectedStorage - ok
23:53:46.0531 1976 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
23:53:46.0640 1976 PSched - ok
23:53:46.0671 1976 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
23:53:46.0781 1976 Ptilink - ok
23:53:46.0781 1976 ql1080 - ok
23:53:46.0781 1976 Ql10wnt - ok
23:53:46.0796 1976 ql12160 - ok
23:53:46.0796 1976 ql1240 - ok
23:53:46.0796 1976 ql1280 - ok
23:53:46.0828 1976 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:53:46.0937 1976 RasAcd - ok
23:53:46.0984 1976 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
23:53:47.0093 1976 RasAuto - ok
23:53:47.0125 1976 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
23:53:47.0234 1976 Rasl2tp - ok
23:53:47.0265 1976 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
23:53:47.0375 1976 RasMan - ok
23:53:47.0421 1976 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:53:47.0546 1976 RasPppoe - ok
23:53:47.0562 1976 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
23:53:47.0687 1976 Raspti - ok
23:53:47.0703 1976 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
23:53:47.0812 1976 RDPCDD - ok
23:53:47.0859 1976 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
23:53:47.0968 1976 rdpdr - ok
23:53:48.0046 1976 [ 6728E45B66F93C08F11DE2E316FC70DD ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
23:53:48.0171 1976 RDPWD - ok
23:53:48.0203 1976 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
23:53:48.0312 1976 RDSessMgr - ok
23:53:48.0343 1976 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
23:53:48.0468 1976 redbook - ok
23:53:48.0515 1976 [ 6F81C8A63FB824EB8A2401AB45795553 ] RegSrvc C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
23:53:48.0546 1976 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
23:53:48.0546 1976 RegSrvc - detected UnsignedFile.Multi.Generic (1)
23:53:48.0593 1976 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
23:53:48.0734 1976 RemoteAccess - ok
23:53:48.0781 1976 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
23:53:48.0890 1976 RemoteRegistry - ok
23:53:48.0921 1976 [ 24ED7AF20651F9FA1F249482E7C1F165 ] rimmptsk C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
23:53:48.0984 1976 rimmptsk - ok
23:53:49.0000 1976 [ 1BDBA2D2D402415A78A4BA766DFE0F7B ] rimsptsk C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
23:53:49.0031 1976 rimsptsk - ok
23:53:49.0062 1976 [ F774ECD11A064F0DEBB2D4395418153C ] rismxdp C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
23:53:49.0125 1976 rismxdp - ok
23:53:49.0203 1976 [ E970C2296916BF4A2F958680016FE312 ] RpcSs C:\WINDOWS\System32\rpcss.dll
23:53:49.0375 1976 RpcSs - ok
23:53:49.0421 1976 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
23:53:49.0546 1976 RSVP - ok
23:53:49.0640 1976 [ C1D693BCAC8A411F44A503F473C9E2DF ] RTL8192cu C:\WINDOWS\system32\DRIVERS\WNA1000M.sys
23:53:49.0687 1976 RTL8192cu - ok
23:53:49.0765 1976 [ B792F2C647B1FC3E4987DE582EE00FE3 ] S24EventMonitor C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
23:53:49.0796 1976 S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning
23:53:49.0796 1976 S24EventMonitor - detected UnsignedFile.Multi.Generic (1)
23:53:49.0812 1976 [ 2E4E912CE95F5EF4D4A5079F6CE367FC ] s24trans C:\WINDOWS\system32\DRIVERS\s24trans.sys
23:53:49.0812 1976 s24trans ( UnsignedFile.Multi.Generic ) - warning
23:53:49.0812 1976 s24trans - detected UnsignedFile.Multi.Generic (1)
23:53:49.0843 1976 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
23:53:49.0953 1976 SamSs - ok
23:53:50.0000 1976 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
23:53:50.0125 1976 SCardSvr - ok
23:53:50.0187 1976 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
23:53:50.0359 1976 Schedule - ok
23:53:50.0421 1976 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
23:53:50.0578 1976 sdbus - ok
23:53:50.0609 1976 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
23:53:50.0687 1976 Secdrv - ok
23:53:50.0718 1976 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
23:53:50.0875 1976 seclogon - ok
23:53:50.0937 1976 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
23:53:51.0062 1976 SENS - ok
23:53:51.0109 1976 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\drivers\Serial.sys
23:53:51.0218 1976 Serial - ok
23:53:51.0265 1976 [ 0FA803C64DF0914B41F807EA276BF2A6 ] sffdisk C:\WINDOWS\system32\DRIVERS\sffdisk.sys
23:53:51.0390 1976 sffdisk - ok
23:53:51.0421 1976 [ C17C331E435ED8737525C86A7557B3AC ] sffp_sd C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
23:53:51.0531 1976 sffp_sd - ok
23:53:51.0546 1976 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
23:53:51.0671 1976 Sfloppy - ok
23:53:51.0734 1976 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
23:53:51.0859 1976 SharedAccess - ok
23:53:51.0906 1976 [ 40602EBFBE06AA075C8E4560743F6883 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
23:53:52.0015 1976 ShellHWDetection - ok
23:53:52.0031 1976 Simbad - ok
23:53:52.0078 1976 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Programme\Skype\Updater\Updater.exe
23:53:52.0093 1976 SkypeUpdate - ok
23:53:52.0109 1976 soah - ok
23:53:52.0109 1976 Sparrow - ok
23:53:52.0156 1976 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
23:53:52.0281 1976 splitter - ok
23:53:52.0343 1976 [ 39356A9CDB6753A6D13A4072A9F5A4BB ] Spooler C:\WINDOWS\system32\spoolsv.exe
23:53:52.0468 1976 Spooler - ok
23:53:52.0468 1976 sptd - ok
23:53:52.0515 1976 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
23:53:52.0593 1976 sr - ok
23:53:52.0625 1976 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
23:53:52.0703 1976 srservice - ok
23:53:52.0796 1976 [ 5252605079810904E31C332E241CD59B ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
23:53:52.0953 1976 Srv - ok
23:53:53.0000 1976 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
23:53:53.0078 1976 SSDPSRV - ok
23:53:53.0140 1976 [ E57B778208C783D8DEBAB320C16A1B82 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys
23:53:53.0140 1976 StarOpen ( UnsignedFile.Multi.Generic ) - warning
23:53:53.0140 1976 StarOpen - detected UnsignedFile.Multi.Generic (1)
23:53:53.0218 1976 [ E5C796B621F6FBA8616511063D7F0FFE ] StarWindServiceAE C:\Programme\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
23:53:53.0250 1976 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - warning
23:53:53.0250 1976 StarWindServiceAE - detected UnsignedFile.Multi.Generic (1)
23:53:53.0343 1976 [ 2A2DC39623ADEF8AB3703AB9FAC4B440 ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
23:53:53.0406 1976 STHDA - ok
23:53:53.0437 1976 [ A2DBCC4C8860449DF1AB758EA28B4DE0 ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
23:53:53.0562 1976 StillCam - ok
23:53:53.0671 1976 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
23:53:53.0796 1976 stisvc - ok
23:53:53.0812 1976 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
23:53:53.0921 1976 swenum - ok
23:53:53.0984 1976 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
23:53:54.0125 1976 swmidi - ok
23:53:54.0125 1976 SwPrv - ok
23:53:54.0140 1976 symc810 - ok
23:53:54.0140 1976 symc8xx - ok
23:53:54.0156 1976 sym_hi - ok
23:53:54.0156 1976 sym_u3 - ok
23:53:54.0218 1976 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
23:53:54.0343 1976 sysaudio - ok
23:53:54.0375 1976 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
23:53:54.0500 1976 SysmonLog - ok
23:53:54.0562 1976 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
23:53:54.0687 1976 TapiSrv - ok
23:53:54.0750 1976 [ 93EA8D04EC73A85DB02EB8805988F733 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:53:54.0921 1976 Tcpip - ok
23:53:54.0937 1976 tcpipBM - ok
23:53:55.0015 1976 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
23:53:55.0156 1976 TDPIPE - ok
23:53:55.0156 1976 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
23:53:55.0281 1976 TDTCP - ok
23:53:55.0296 1976 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
23:53:55.0421 1976 TermDD - ok
23:53:55.0437 1976 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
23:53:55.0578 1976 TermService - ok
23:53:55.0640 1976 [ 40602EBFBE06AA075C8E4560743F6883 ] Themes C:\WINDOWS\System32\shsvcs.dll
23:53:55.0750 1976 Themes - ok
23:53:55.0796 1976 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
23:53:55.0875 1976 TlntSvr - ok
23:53:55.0890 1976 TosIde - ok
23:53:55.0921 1976 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
23:53:56.0062 1976 TrkWks - ok
23:53:56.0125 1976 [ ED5E4CE36C54F55E7698642E94D32EC7 ] truecrypt C:\WINDOWS\system32\drivers\truecrypt.sys
23:53:56.0140 1976 truecrypt - ok
23:53:56.0203 1976 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
23:53:56.0328 1976 Udfs - ok
23:53:56.0343 1976 ultra - ok
23:53:56.0421 1976 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
23:53:56.0609 1976 Update - ok
23:53:56.0671 1976 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
23:53:56.0734 1976 upnphost - ok
23:53:56.0750 1976 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
23:53:56.0875 1976 UPS - ok
23:53:56.0875 1976 USBAAPL - ok
23:53:56.0921 1976 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
23:53:57.0062 1976 usbaudio - ok
23:53:57.0109 1976 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
23:53:57.0218 1976 usbccgp - ok
23:53:57.0234 1976 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
23:53:57.0359 1976 usbehci - ok
23:53:57.0390 1976 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
23:53:57.0515 1976 usbhub - ok
23:53:57.0546 1976 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
23:53:57.0687 1976 usbprint - ok
23:53:57.0718 1976 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
23:53:57.0843 1976 usbscan - ok
23:53:57.0859 1976 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
23:53:57.0984 1976 USBSTOR - ok
23:53:58.0015 1976 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
23:53:58.0140 1976 usbuhci - ok
23:53:58.0156 1976 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
23:53:58.0281 1976 VgaSave - ok
23:53:58.0281 1976 ViaIde - ok
23:53:58.0312 1976 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
23:53:58.0421 1976 VolSnap - ok
23:53:58.0500 1976 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
23:53:58.0578 1976 VSS - ok
23:53:58.0625 1976 [ 4C2E08F856458974963C9B9152F92C48 ] vusbbus C:\WINDOWS\system32\DRIVERS\vusbbus.sys
23:53:58.0656 1976 vusbbus ( UnsignedFile.Multi.Generic ) - warning
23:53:58.0656 1976 vusbbus - detected UnsignedFile.Multi.Generic (1)
23:53:58.0703 1976 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
23:53:58.0843 1976 W32Time - ok
23:53:58.0953 1976 [ B1F126E7E28877106D60E6FF3998D033 ] w39n51 C:\WINDOWS\system32\DRIVERS\w39n51.sys
23:53:59.0078 1976 w39n51 - ok
23:53:59.0093 1976 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:53:59.0250 1976 Wanarp - ok
23:53:59.0312 1976 [ 4769596D7CC0F5FA447D2BABC239672A ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
23:53:59.0359 1976 Wdf01000 - ok
23:53:59.0359 1976 WDICA - ok
23:53:59.0406 1976 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
23:53:59.0562 1976 wdmaud - ok
23:53:59.0593 1976 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
23:53:59.0734 1976 WebClient - ok
23:53:59.0796 1976 [ 74CF3F2E4E40C4A2E18D39D6300A5C24 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
23:53:59.0843 1976 winachsf - ok
23:53:59.0953 1976 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
23:54:00.0093 1976 winmgmt - ok
23:54:00.0156 1976 [ 845AF1BA23C8D5E64DEF61BCC441604C ] WinRing0_1_2_0 C:\Programme\BatteryCare\WinRing0.sys
23:54:00.0171 1976 WinRing0_1_2_0 - ok
23:54:00.0218 1976 [ FD600B032E741EB6AAB509FC630F7C42 ] WinUSB C:\WINDOWS\system32\DRIVERS\WinUSB.sys
23:54:00.0234 1976 WinUSB - ok
23:54:00.0281 1976 [ AFB5A2A79BB01699A269C316D8B9BEF1 ] WLANKEEPER C:\Programme\Intel\Wireless\Bin\WLKeeper.exe
23:54:00.0296 1976 WLANKEEPER ( UnsignedFile.Multi.Generic ) - warning
23:54:00.0296 1976 WLANKEEPER - detected UnsignedFile.Multi.Generic (1)
23:54:00.0343 1976 [ BB2C5A7A555B387B85481B8BDE5370D7 ] WLNdis50 C:\WINDOWS\system32\DRIVERS\wlndis50.sys
23:54:00.0359 1976 WLNdis50 ( UnsignedFile.Multi.Generic ) - warning
23:54:00.0359 1976 WLNdis50 - detected UnsignedFile.Multi.Generic (1)
23:54:00.0390 1976 [ 5D410936831F7FB58EFF941EAC3F6D3D ] WmBEnum C:\WINDOWS\system32\drivers\WmBEnum.sys
23:54:00.0406 1976 WmBEnum - ok
23:54:00.0453 1976 [ 6E18978B749F0696A774DE3F2CB142DD ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
23:54:00.0578 1976 WmdmPmSN - ok
23:54:00.0609 1976 [ 7A13CFDE92956CA61A0927D766C5AD4F ] WmFilter C:\WINDOWS\system32\drivers\WmFilter.sys
23:54:00.0625 1976 WmFilter - ok
23:54:00.0750 1976 [ 53E1CCF332A2F40B5E08476921CD8B44 ] Wmi C:\WINDOWS\System32\advapi32.dll
23:54:00.0937 1976 Wmi - ok
23:54:01.0000 1976 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
23:54:01.0156 1976 WmiAcpi - ok
23:54:01.0203 1976 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
23:54:01.0390 1976 WmiApSrv - ok
23:54:01.0484 1976 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
23:54:01.0562 1976 WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - warning
23:54:01.0562 1976 WMPNetworkSvc - detected UnsignedFile.Multi.Generic (1)
23:54:01.0609 1976 [ 6F04646BC690F8BBFC344BE32A60796D ] WmVirHid C:\WINDOWS\system32\drivers\WmVirHid.sys
23:54:01.0625 1976 WmVirHid - ok
23:54:01.0640 1976 [ 1D6CA43D562333F4DFB40BCEF2453F3A ] WmXlCore C:\WINDOWS\system32\drivers\WmXlCore.sys
23:54:01.0656 1976 WmXlCore - ok
23:54:01.0687 1976 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
23:54:01.0843 1976 WS2IFSL - ok
23:54:01.0921 1976 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
23:54:02.0109 1976 wscsvc - ok
23:54:02.0125 1976 [ 43F767D59BFC25D8F4FC2EB42043EC1E ] WSIMD C:\WINDOWS\system32\DRIVERS\wsimd.sys
23:54:02.0140 1976 WSIMD ( UnsignedFile.Multi.Generic ) - warning
23:54:02.0140 1976 WSIMD - detected UnsignedFile.Multi.Generic (1)
23:54:02.0187 1976 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
23:54:02.0312 1976 wuauserv - ok
23:54:02.0343 1976 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
23:54:02.0406 1976 WudfPf - ok
23:54:02.0421 1976 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
23:54:02.0453 1976 WudfRd - ok
23:54:02.0468 1976 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
23:54:02.0484 1976 WudfSvc - ok
23:54:02.0609 1976 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
23:54:02.0859 1976 WZCSVC - ok
23:54:02.0906 1976 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
23:54:03.0015 1976 xmlprov - ok
23:54:03.0031 1976 ================ Scan global ===============================
23:54:03.0062 1976 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
23:54:03.0156 1976 [ 4CD408F799D4A72B0DE1F1116A77A48E ] C:\WINDOWS\system32\winsrv.dll
23:54:03.0156 1976 [ 4CD408F799D4A72B0DE1F1116A77A48E ] C:\WINDOWS\system32\winsrv.dll
23:54:03.0218 1976 [ 4BB6A83640F1D1792AD21CE767B621C6 ] C:\WINDOWS\system32\services.exe
23:54:03.0218 1976 [Global] - ok
23:54:03.0218 1976 ================ Scan MBR ==================================
23:54:03.0250 1976 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
23:54:03.0640 1976 \Device\Harddisk0\DR0 - ok
23:54:03.0640 1976 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR2
23:54:04.0250 1976 \Device\Harddisk1\DR2 - ok
23:54:04.0265 1976 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR3
23:54:06.0843 1976 \Device\Harddisk2\DR3 - ok
23:54:06.0843 1976 ================ Scan VBR ==================================
23:54:06.0859 1976 [ 013490EEEC101228D27539DB4D046908 ] \Device\Harddisk0\DR0\Partition1
23:54:06.0859 1976 \Device\Harddisk0\DR0\Partition1 - ok
23:54:06.0859 1976 [ 82F0424DA72ED770A32D2DA0B2D2AE51 ] \Device\Harddisk1\DR2\Partition1
23:54:06.0859 1976 \Device\Harddisk1\DR2\Partition1 - ok
23:54:06.0875 1976 [ F8F1C1BDC0E7EEDF767D4E9FD1FBB9C5 ] \Device\Harddisk2\DR3\Partition1
23:54:06.0875 1976 \Device\Harddisk2\DR3\Partition1 - ok
23:54:06.0875 1976 ============================================================
23:54:06.0875 1976 Scan finished
23:54:06.0875 1976 ============================================================
23:54:07.0000 3664 Detected object count: 18
23:54:07.0000 3664 Actual detected object count: 18
23:54:22.0718 3664 AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
23:54:22.0718 3664 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:54:22.0718 3664 Brother XP spl Service ( UnsignedFile.Multi.Generic ) - skipped by user
23:54:22.0718 3664 Brother XP spl Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:54:22.0718 3664 DNINDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user
23:54:22.0718 3664 DNINDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:54:22.0718 3664 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
23:54:22.0718 3664 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:54:22.0718 3664 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
23:54:22.0718 3664 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:54:22.0718 3664 NIHardwareService ( UnsignedFile.Multi.Generic ) - skipped by user
23:54:22.0718 3664 NIHardwareService ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:54:22.0734 3664 pneteth ( UnsignedFile.Multi.Generic ) - skipped by user
23:54:22.0734 3664 pneteth ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:54:22.0734 3664 Power Mixer ( UnsignedFile.Multi.Generic ) - skipped by user
23:54:22.0734 3664 Power Mixer ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:54:22.0734 3664 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
23:54:22.0734 3664 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:54:22.0734 3664 S24EventMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
23:54:22.0734 3664 S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:54:22.0734 3664 s24trans ( UnsignedFile.Multi.Generic ) - skipped by user
23:54:22.0734 3664 s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:54:22.0750 3664 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
23:54:22.0750 3664 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:54:22.0750 3664 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - skipped by user
23:54:22.0750 3664 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:54:22.0750 3664 vusbbus ( UnsignedFile.Multi.Generic ) - skipped by user
23:54:22.0750 3664 vusbbus ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:54:22.0750 3664 WLANKEEPER ( UnsignedFile.Multi.Generic ) - skipped by user
23:54:22.0750 3664 WLANKEEPER ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:54:22.0750 3664 WLNdis50 ( UnsignedFile.Multi.Generic ) - skipped by user
23:54:22.0750 3664 WLNdis50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:54:22.0750 3664 WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - skipped by user
23:54:22.0750 3664 WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:54:22.0765 3664 WSIMD ( UnsignedFile.Multi.Generic ) - skipped by user
23:54:22.0765 3664 WSIMD ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:54:26.0609 3372 Deinitialize success
Die ganzen Malwarebytes Logs pack ich in eine Zip Datei und häng sie an. Super, dass das Programm die ganzen Logs aufhebt. Sind echt interessante Sachen drin. Wie schlimm sind die Funde? Danke schonmal Christian |
|
03.12.2012, 15:41
| #6 |
| /// Malware-holic | Combofix meldet Virut Hi, 1. Finger weg von Softonic. lade Software am besten vom Hersteller. 2. nutzt du den PC für onlinebanking, zum Einkaufen, für sonstige Zahlungsabwicklungen, oder ähnlich wichtigem, wie beruflichem?
__________________ --> Combofix meldet Virut |
|
16.12.2012, 04:42
| #7 |
| | Combofix meldet Virut Hallo, sorry dass ich mich so spät melde, ich stecke zurzeit im Prüfungsstress. Außerdem war ich die letzten paar Tage nicht im Internet, da mein System stark befallen war. Leider hab ich auf eigene Faust diverse Scan Tools ausprobiert, und war am Ende nicht schlauer als vorher. Ich werde einen neuen Thread starten, zu meinem aktuellen Problem, ich hoffe das klappt diesesmal mit mir. |
|
16.12.2012, 17:37
| #8 |
| /// Malware-holic | Combofix meldet Virut nimm diesen Thread, dass passt schon. poste die Logs der scans und vor allem, beantworte die Frage von oben.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu Combofix meldet Virut |
| adobe, antivirus, avast, bho, cdburnerxp, combofix, einstellungen, explorer, firefox, flash player, google, helper, hijack, hijackthis, hkus\s-1-5-18, internet, internet explorer, logfile, monitor, mozilla, plug-in, programme, registry, software, system, temp, windows, windows xp |
Linear-Darstellung
