Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Trojaner eingefangen? TR/Spy.zbot.alw

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 17.06.2013, 13:41   #1
Jarrod71
 
Trojaner eingefangen? TR/Spy.zbot.alw - Standard

Trojaner eingefangen? TR/Spy.zbot.alw



Hallo,
in einer Mahnungs-Mail von einer Anwaltschaft über eine nichtbezahlte Bonprix Rechnung war eine ZIP Datei, auf die leider doppelt geklickt wurde. Der Eset Online Scanner meldet den obigen Trojaner.
Bitte um Hilfestellung.
MfG Jarrod

Geändert von Jarrod71 (17.06.2013 um 13:49 Uhr)

Alt 17.06.2013, 13:52   #2
markusg
/// Malware-holic
 
Trojaner eingefangen? TR/Spy.zbot.alw - Standard

Trojaner eingefangen? TR/Spy.zbot.alw



hi, wo ist das eset log?
C:\Programme\Eset
log.txt
__________________

__________________

Alt 17.06.2013, 13:54   #3
Jarrod71
 
Trojaner eingefangen? TR/Spy.zbot.alw - Standard

Trojaner eingefangen? TR/Spy.zbot.alw



Hi,
hier ist es
C:\Dokumente und Einstellungen\********\Anwendungsdaten\Mozilla\Firefox\Profiles\maxs4f48.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe Variante von Win32/Bundled.Toolbar.Ask Anwendung
C:\Dokumente und Einstellungen\********\Desktop\Rechnung fur ******* Anwaltschaft Bonprix Online GmbH.zip Win32/Trustezeb.C Trojaner
C:\Dokumente und Einstellungen\********\Desktop\Inst\cdbxp_setup_4.3.8.2568.exe Win32/OpenCandy Anwendung
C:\Dokumente und Einstellungen\********\Eigene Dateien\Downloads\avira_free_antivirus_de(1).exe Variante von Win32/Bundled.Toolbar.Ask Anwendung
C:\Dokumente und Einstellungen\********\Eigene Dateien\Downloads\avira_free_antivirus_de(2).exe Variante von Win32/Bundled.Toolbar.Ask Anwendung
C:\Dokumente und Einstellungen\********\Eigene Dateien\Downloads\avira_free_antivirus_de(3).exe Variante von Win32/Bundled.Toolbar.Ask Anwendung
C:\Dokumente und Einstellungen\********\Eigene Dateien\Downloads\avira_free_antivirus_de(4).exe Variante von Win32/Bundled.Toolbar.Ask Anwendung
C:\Dokumente und Einstellungen\********\Eigene Dateien\Downloads\avira_free_antivirus_de.exe Variante von Win32/Bundled.Toolbar.Ask Anwendung
C:\Dokumente und Einstellungen\********\Eigene Dateien\Downloads\FreeYouTubeDownload_3.1.27.exe Mehrere Bedrohungen
C:\Dokumente und Einstellungen\********\Eigene Dateien\Downloads\FritzRePass1.20-U3.zip Win32/Packed.Autoit.E.Gen Anwendung
C:\Dokumente und Einstellungen\********\Eigene Dateien\Downloads\PDFCreator-1_6_2_setup.exe Win32/OpenCandy Anwendung
C:\Dokumente und Einstellungen\********\Lokale Einstellungen\Temp\AskSLib.dll Variante von Win32/Bundled.Toolbar.Ask Anwendung
C:\Dokumente und Einstellungen\********\Lokale Einstellungen\Temp\setup.exe Variante von Win32/Bundled.Toolbar.Ask Anwendung
C:\Programme\Avira\AntiVir Desktop\apnic.dll Variante von Win32/Bundled.Toolbar.Ask Anwendung
C:\Programme\Avira\AntiVir Desktop\apntoolbarinstaller.exe Variante von Win32/Bundled.Toolbar.Ask Anwendung
C:\Programme\Gemeinsame Dateien\DVDVideoSoft\AskTB\ApnIC.dll Variante von Win32/Bundled.Toolbar.Ask Anwendung
C:\Programme\Gemeinsame Dateien\DVDVideoSoft\AskTB\ApnToolbarInstaller.exe Variante von Win32/Bundled.Toolbar.Ask Anwendung
__________________

Alt 17.06.2013, 13:56   #4
markusg
/// Malware-holic
 
Trojaner eingefangen? TR/Spy.zbot.alw - Standard

Trojaner eingefangen? TR/Spy.zbot.alw



hmm
warummanche so scarf drauf sind, unangeforderte Rechnungen zu zahlen :-(
wenn ihr mehr spam bekommst bitte an uns.
aber habt evtl. glück gehabt schaun wir mal.
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 17.06.2013, 14:02   #5
Jarrod71
 
Trojaner eingefangen? TR/Spy.zbot.alw - Standard

Trojaner eingefangen? TR/Spy.zbot.alw



hier:
14:00:24.0031 2488 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:00:24.0640 2488 ============================================================
14:00:24.0640 2488 Current date / time: 2013/06/17 14:00:24.0640
14:00:24.0640 2488 SystemInfo:
14:00:24.0640 2488
14:00:24.0640 2488 OS Version: 5.1.2600 ServicePack: 3.0
14:00:24.0640 2488 Product type: Workstation
14:00:24.0640 2488 ComputerName: ***
14:00:24.0640 2488 UserName: **
14:00:24.0640 2488 Windows directory: C:\WINDOWS
14:00:24.0640 2488 System windows directory: C:\WINDOWS
14:00:24.0640 2488 Processor architecture: Intel x86
14:00:24.0640 2488 Number of processors: 2
14:00:24.0640 2488 Page size: 0x1000
14:00:24.0640 2488 Boot type: Normal boot
14:00:24.0640 2488 ============================================================
14:00:26.0015 2488 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
14:00:26.0015 2488 Drive \Device\Harddisk2\DR5 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:00:26.0156 2488 ============================================================
14:00:26.0156 2488 \Device\Harddisk0\DR0:
14:00:26.0156 2488 MBR partitions:
14:00:26.0156 2488 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x4EF21800
14:00:26.0171 2488 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xB, StartLBA 0x4EF22800, BlocksNum 0x257E4000
14:00:26.0171 2488 \Device\Harddisk2\DR5:
14:00:26.0265 2488 MBR partitions:
14:00:26.0265 2488 \Device\Harddisk2\DR5\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4542
14:00:26.0265 2488 ============================================================
14:00:26.0281 2488 C: <-> \Device\Harddisk0\DR0\Partition1
14:00:26.0312 2488 F: <-> \Device\Harddisk0\DR0\Partition2
14:00:26.0359 2488 H: <-> \Device\Harddisk2\DR5\Partition1
14:00:26.0359 2488 ============================================================
14:00:26.0359 2488 Initialize success
14:00:26.0359 2488 ============================================================
14:00:51.0078 2056 ============================================================
14:00:51.0078 2056 Scan started
14:00:51.0078 2056 Mode: Manual; SigCheck; TDLFS;
14:00:51.0078 2056 ============================================================
14:00:51.0906 2056 ================ Scan system memory ========================
14:00:51.0906 2056 System memory - ok
14:00:51.0906 2056 ================ Scan services =============================
14:00:51.0968 2056 Abiosdsk - ok
14:00:51.0984 2056 abp480n5 - ok
14:00:52.0000 2056 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:00:52.0484 2056 ACPI ( UnsignedFile.Multi.Generic ) - warning
14:00:52.0484 2056 ACPI - detected UnsignedFile.Multi.Generic (1)
14:00:52.0515 2056 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
14:00:52.0515 2056 ACPIEC ( UnsignedFile.Multi.Generic ) - warning
14:00:52.0515 2056 ACPIEC - detected UnsignedFile.Multi.Generic (1)
14:00:52.0578 2056 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:00:52.0609 2056 AdobeFlashPlayerUpdateSvc - ok
14:00:52.0609 2056 adpu160m - ok
14:00:52.0640 2056 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
14:00:52.0656 2056 aec ( UnsignedFile.Multi.Generic ) - warning
14:00:52.0656 2056 aec - detected UnsignedFile.Multi.Generic (1)
14:00:52.0687 2056 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
14:00:52.0703 2056 AFD - ok
14:00:52.0718 2056 Aha154x - ok
14:00:52.0718 2056 aic78u2 - ok
14:00:52.0718 2056 aic78xx - ok
14:00:52.0750 2056 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
14:00:52.0750 2056 Alerter ( UnsignedFile.Multi.Generic ) - warning
14:00:52.0750 2056 Alerter - detected UnsignedFile.Multi.Generic (1)
14:00:52.0781 2056 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
14:00:52.0781 2056 ALG ( UnsignedFile.Multi.Generic ) - warning
14:00:52.0781 2056 ALG - detected UnsignedFile.Multi.Generic (1)
14:00:52.0781 2056 AliIde - ok
14:00:52.0781 2056 amsint - ok
14:00:52.0843 2056 [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
14:00:52.0859 2056 AntiVirSchedulerService - ok
14:00:52.0890 2056 [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
14:00:52.0906 2056 AntiVirService - ok
14:00:52.0921 2056 [ 9EDAE2D1CA368E8D01BEE8BFBC9488E4 ] AntiVirWebService C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE
14:00:52.0937 2056 AntiVirWebService - ok
14:00:52.0953 2056 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
14:00:52.0968 2056 AppMgmt ( UnsignedFile.Multi.Generic ) - warning
14:00:52.0968 2056 AppMgmt - detected UnsignedFile.Multi.Generic (1)
14:00:52.0968 2056 asc - ok
14:00:52.0984 2056 asc3350p - ok
14:00:52.0984 2056 asc3550 - ok
14:00:53.0031 2056 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
14:00:53.0062 2056 aspnet_state - ok
14:00:53.0078 2056 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:00:53.0078 2056 AsyncMac ( UnsignedFile.Multi.Generic ) - warning
14:00:53.0078 2056 AsyncMac - detected UnsignedFile.Multi.Generic (1)
14:00:53.0093 2056 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
14:00:53.0093 2056 atapi ( UnsignedFile.Multi.Generic ) - warning
14:00:53.0093 2056 atapi - detected UnsignedFile.Multi.Generic (1)
14:00:53.0125 2056 Atdisk - ok
14:00:53.0156 2056 [ 96C29C702A9CCD372BA097F3F8B5AC80 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
14:00:53.0171 2056 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - warning
14:00:53.0171 2056 Ati HotKey Poller - detected UnsignedFile.Multi.Generic (1)
14:00:53.0234 2056 [ C4828A671467C6FB43F2E6D54B5950EE ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
14:00:53.0312 2056 ati2mtag ( UnsignedFile.Multi.Generic ) - warning
14:00:53.0312 2056 ati2mtag - detected UnsignedFile.Multi.Generic (1)
14:00:53.0328 2056 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:00:53.0343 2056 Atmarpc ( UnsignedFile.Multi.Generic ) - warning
14:00:53.0343 2056 Atmarpc - detected UnsignedFile.Multi.Generic (1)
14:00:53.0343 2056 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
14:00:53.0343 2056 AudioSrv ( UnsignedFile.Multi.Generic ) - warning
14:00:53.0343 2056 AudioSrv - detected UnsignedFile.Multi.Generic (1)
14:00:53.0359 2056 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
14:00:53.0375 2056 audstub ( UnsignedFile.Multi.Generic ) - warning
14:00:53.0375 2056 audstub - detected UnsignedFile.Multi.Generic (1)
14:00:53.0390 2056 [ 87425709A251386064C99B684BF96F72 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
14:00:53.0437 2056 avgntflt - ok
14:00:53.0453 2056 [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
14:00:53.0468 2056 avipbb - ok
14:00:53.0484 2056 [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
14:00:53.0500 2056 avkmgr - ok
14:00:53.0515 2056 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
14:00:53.0515 2056 Beep ( UnsignedFile.Multi.Generic ) - warning
14:00:53.0515 2056 Beep - detected UnsignedFile.Multi.Generic (1)
14:00:53.0531 2056 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
14:00:53.0562 2056 BITS ( UnsignedFile.Multi.Generic ) - warning
14:00:53.0562 2056 BITS - detected UnsignedFile.Multi.Generic (1)
14:00:53.0593 2056 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
14:00:53.0609 2056 Browser - ok
14:00:53.0625 2056 [ 2FE6D5BE0629F706197B30C0AA05DE30 ] BrPar C:\WINDOWS\System32\drivers\BrPar.sys
14:00:53.0625 2056 BrPar ( UnsignedFile.Multi.Generic ) - warning
14:00:53.0625 2056 BrPar - detected UnsignedFile.Multi.Generic (1)
14:00:53.0656 2056 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
14:00:53.0656 2056 cbidf2k ( UnsignedFile.Multi.Generic ) - warning
14:00:53.0656 2056 cbidf2k - detected UnsignedFile.Multi.Generic (1)
14:00:53.0703 2056 [ 20F89E232173985A455BC9A5F70D1166 ] CCALib8 C:\Programme\Canon\CAL\CALMAIN.exe
14:00:53.0734 2056 CCALib8 ( UnsignedFile.Multi.Generic ) - warning
14:00:53.0734 2056 CCALib8 - detected UnsignedFile.Multi.Generic (1)
14:00:53.0765 2056 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
14:00:53.0765 2056 CCDECODE ( UnsignedFile.Multi.Generic ) - warning
14:00:53.0765 2056 CCDECODE - detected UnsignedFile.Multi.Generic (1)
14:00:53.0765 2056 cd20xrnt - ok
14:00:53.0781 2056 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
14:00:53.0781 2056 Cdaudio ( UnsignedFile.Multi.Generic ) - warning
14:00:53.0781 2056 Cdaudio - detected UnsignedFile.Multi.Generic (1)
14:00:53.0796 2056 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
14:00:53.0796 2056 Cdfs ( UnsignedFile.Multi.Generic ) - warning
14:00:53.0796 2056 Cdfs - detected UnsignedFile.Multi.Generic (1)
14:00:53.0796 2056 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:00:53.0812 2056 Cdrom ( UnsignedFile.Multi.Generic ) - warning
14:00:53.0812 2056 Cdrom - detected UnsignedFile.Multi.Generic (1)
14:00:53.0812 2056 Changer - ok
14:00:53.0843 2056 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
14:00:53.0843 2056 CiSvc ( UnsignedFile.Multi.Generic ) - warning
14:00:53.0843 2056 CiSvc - detected UnsignedFile.Multi.Generic (1)
14:00:53.0859 2056 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
14:00:53.0875 2056 ClipSrv ( UnsignedFile.Multi.Generic ) - warning
14:00:53.0875 2056 ClipSrv - detected UnsignedFile.Multi.Generic (1)
14:00:53.0890 2056 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:00:53.0937 2056 clr_optimization_v2.0.50727_32 - ok
14:00:53.0937 2056 CmdIde - ok
14:00:53.0953 2056 COMSysApp - ok
14:00:53.0968 2056 Cpqarray - ok
14:00:53.0984 2056 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
14:00:53.0984 2056 CryptSvc ( UnsignedFile.Multi.Generic ) - warning
14:00:53.0984 2056 CryptSvc - detected UnsignedFile.Multi.Generic (1)
14:00:53.0984 2056 dac2w2k - ok
14:00:54.0000 2056 dac960nt - ok
14:00:54.0031 2056 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
14:00:54.0031 2056 DcomLaunch ( UnsignedFile.Multi.Generic ) - warning
14:00:54.0031 2056 DcomLaunch - detected UnsignedFile.Multi.Generic (1)
14:00:54.0078 2056 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
14:00:54.0078 2056 Dhcp ( UnsignedFile.Multi.Generic ) - warning
14:00:54.0078 2056 Dhcp - detected UnsignedFile.Multi.Generic (1)
14:00:54.0093 2056 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
14:00:54.0093 2056 Disk ( UnsignedFile.Multi.Generic ) - warning
14:00:54.0093 2056 Disk - detected UnsignedFile.Multi.Generic (1)
14:00:54.0093 2056 dmadmin - ok
14:00:54.0125 2056 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
14:00:54.0156 2056 dmboot ( UnsignedFile.Multi.Generic ) - warning
14:00:54.0156 2056 dmboot - detected UnsignedFile.Multi.Generic (1)
14:00:54.0156 2056 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
14:00:54.0171 2056 dmio ( UnsignedFile.Multi.Generic ) - warning
14:00:54.0171 2056 dmio - detected UnsignedFile.Multi.Generic (1)
14:00:54.0187 2056 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
14:00:54.0187 2056 dmload ( UnsignedFile.Multi.Generic ) - warning
14:00:54.0187 2056 dmload - detected UnsignedFile.Multi.Generic (1)
14:00:54.0203 2056 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
14:00:54.0203 2056 dmserver ( UnsignedFile.Multi.Generic ) - warning
14:00:54.0203 2056 dmserver - detected UnsignedFile.Multi.Generic (1)
14:00:54.0234 2056 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
14:00:54.0234 2056 DMusic ( UnsignedFile.Multi.Generic ) - warning
14:00:54.0234 2056 DMusic - detected UnsignedFile.Multi.Generic (1)
14:00:54.0250 2056 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
14:00:54.0250 2056 Dnscache ( UnsignedFile.Multi.Generic ) - warning
14:00:54.0250 2056 Dnscache - detected UnsignedFile.Multi.Generic (1)
14:00:54.0250 2056 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
14:00:54.0265 2056 Dot3svc ( UnsignedFile.Multi.Generic ) - warning
14:00:54.0265 2056 Dot3svc - detected UnsignedFile.Multi.Generic (1)
14:00:54.0265 2056 dpti2o - ok
14:00:54.0281 2056 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
14:00:54.0296 2056 drmkaud ( UnsignedFile.Multi.Generic ) - warning
14:00:54.0296 2056 drmkaud - detected UnsignedFile.Multi.Generic (1)
14:00:54.0296 2056 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
14:00:54.0312 2056 EapHost ( UnsignedFile.Multi.Generic ) - warning
14:00:54.0312 2056 EapHost - detected UnsignedFile.Multi.Generic (1)
14:00:54.0312 2056 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
14:00:54.0312 2056 ERSvc ( UnsignedFile.Multi.Generic ) - warning
14:00:54.0312 2056 ERSvc - detected UnsignedFile.Multi.Generic (1)
14:00:54.0328 2056 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
14:00:54.0343 2056 Eventlog ( UnsignedFile.Multi.Generic ) - warning
14:00:54.0343 2056 Eventlog - detected UnsignedFile.Multi.Generic (1)
14:00:54.0390 2056 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
14:00:54.0406 2056 EventSystem ( UnsignedFile.Multi.Generic ) - warning
14:00:54.0406 2056 EventSystem - detected UnsignedFile.Multi.Generic (1)
14:00:54.0406 2056 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
14:00:54.0421 2056 Fastfat ( UnsignedFile.Multi.Generic ) - warning
14:00:54.0421 2056 Fastfat - detected UnsignedFile.Multi.Generic (1)
14:00:54.0437 2056 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
14:00:54.0437 2056 FastUserSwitchingCompatibility ( UnsignedFile.Multi.Generic ) - warning
14:00:54.0437 2056 FastUserSwitchingCompatibility - detected UnsignedFile.Multi.Generic (1)
14:00:54.0453 2056 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
14:00:54.0453 2056 Fdc ( UnsignedFile.Multi.Generic ) - warning
14:00:54.0453 2056 Fdc - detected UnsignedFile.Multi.Generic (1)
14:00:54.0468 2056 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
14:00:54.0468 2056 Fips ( UnsignedFile.Multi.Generic ) - warning
14:00:54.0468 2056 Fips - detected UnsignedFile.Multi.Generic (1)
14:00:54.0484 2056 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
14:00:54.0484 2056 Flpydisk ( UnsignedFile.Multi.Generic ) - warning
14:00:54.0484 2056 Flpydisk - detected UnsignedFile.Multi.Generic (1)
14:00:54.0484 2056 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
14:00:54.0500 2056 FltMgr ( UnsignedFile.Multi.Generic ) - warning
14:00:54.0500 2056 FltMgr - detected UnsignedFile.Multi.Generic (1)
14:00:54.0515 2056 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
14:00:54.0531 2056 FontCache3.0.0.0 - ok
14:00:54.0531 2056 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:00:54.0546 2056 Fs_Rec ( UnsignedFile.Multi.Generic ) - warning
14:00:54.0546 2056 Fs_Rec - detected UnsignedFile.Multi.Generic (1)
14:00:54.0546 2056 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:00:54.0562 2056 Ftdisk ( UnsignedFile.Multi.Generic ) - warning
14:00:54.0562 2056 Ftdisk - detected UnsignedFile.Multi.Generic (1)
14:00:54.0562 2056 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:00:54.0562 2056 Gpc ( UnsignedFile.Multi.Generic ) - warning
14:00:54.0562 2056 Gpc - detected UnsignedFile.Multi.Generic (1)
14:00:54.0593 2056 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:00:54.0593 2056 HDAudBus ( UnsignedFile.Multi.Generic ) - warning
14:00:54.0593 2056 HDAudBus - detected UnsignedFile.Multi.Generic (1)
14:00:54.0640 2056 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:00:54.0640 2056 helpsvc ( UnsignedFile.Multi.Generic ) - warning
14:00:54.0640 2056 helpsvc - detected UnsignedFile.Multi.Generic (1)
14:00:54.0671 2056 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll
14:00:54.0671 2056 HidServ ( UnsignedFile.Multi.Generic ) - warning
14:00:54.0671 2056 HidServ - detected UnsignedFile.Multi.Generic (1)
14:00:54.0687 2056 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:00:54.0687 2056 hidusb ( UnsignedFile.Multi.Generic ) - warning
14:00:54.0687 2056 hidusb - detected UnsignedFile.Multi.Generic (1)
14:00:54.0718 2056 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
14:00:54.0734 2056 hkmsvc ( UnsignedFile.Multi.Generic ) - warning
14:00:54.0734 2056 hkmsvc - detected UnsignedFile.Multi.Generic (1)
14:00:54.0734 2056 hpn - ok
14:00:54.0765 2056 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
14:00:54.0765 2056 HTTP ( UnsignedFile.Multi.Generic ) - warning
14:00:54.0765 2056 HTTP - detected UnsignedFile.Multi.Generic (1)
14:00:54.0796 2056 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
14:00:54.0796 2056 HTTPFilter ( UnsignedFile.Multi.Generic ) - warning
14:00:54.0796 2056 HTTPFilter - detected UnsignedFile.Multi.Generic (1)
14:00:54.0796 2056 i2omgmt - ok
14:00:54.0812 2056 i2omp - ok
14:00:54.0828 2056 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:00:54.0828 2056 i8042prt ( UnsignedFile.Multi.Generic ) - warning
14:00:54.0828 2056 i8042prt - detected UnsignedFile.Multi.Generic (1)
14:00:54.0875 2056 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:00:54.0921 2056 idsvc - ok
14:00:54.0937 2056 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
14:00:54.0953 2056 Imapi ( UnsignedFile.Multi.Generic ) - warning
14:00:54.0953 2056 Imapi - detected UnsignedFile.Multi.Generic (1)
14:00:54.0968 2056 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
14:00:54.0968 2056 ImapiService ( UnsignedFile.Multi.Generic ) - warning
14:00:54.0968 2056 ImapiService - detected UnsignedFile.Multi.Generic (1)
14:00:54.0968 2056 ini910u - ok
14:00:54.0984 2056 IntelIde - ok
14:00:54.0984 2056 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
14:00:55.0000 2056 Ip6Fw ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0000 2056 Ip6Fw - detected UnsignedFile.Multi.Generic (1)
14:00:55.0015 2056 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:00:55.0031 2056 IpFilterDriver ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0031 2056 IpFilterDriver - detected UnsignedFile.Multi.Generic (1)
14:00:55.0046 2056 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:00:55.0046 2056 IpInIp ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0046 2056 IpInIp - detected UnsignedFile.Multi.Generic (1)
14:00:55.0062 2056 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:00:55.0062 2056 IpNat ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0062 2056 IpNat - detected UnsignedFile.Multi.Generic (1)
14:00:55.0093 2056 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:00:55.0093 2056 IPSec ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0093 2056 IPSec - detected UnsignedFile.Multi.Generic (1)
14:00:55.0109 2056 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
14:00:55.0109 2056 IRENUM ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0109 2056 IRENUM - detected UnsignedFile.Multi.Generic (1)
14:00:55.0125 2056 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:00:55.0125 2056 isapnp ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0125 2056 isapnp - detected UnsignedFile.Multi.Generic (1)
14:00:55.0234 2056 [ 9AA67569D5257462E230767510B0C815 ] JavaQuickStarterService C:\Programme\Java\jre6\bin\jqs.exe
14:00:55.0234 2056 JavaQuickStarterService - ok
14:00:55.0250 2056 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:00:55.0250 2056 Kbdclass ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0250 2056 Kbdclass - detected UnsignedFile.Multi.Generic (1)
14:00:55.0265 2056 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:00:55.0265 2056 kbdhid ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0265 2056 kbdhid - detected UnsignedFile.Multi.Generic (1)
14:00:55.0265 2056 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
14:00:55.0265 2056 kmixer ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0265 2056 kmixer - detected UnsignedFile.Multi.Generic (1)
14:00:55.0296 2056 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
14:00:55.0296 2056 KSecDD ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0296 2056 KSecDD - detected UnsignedFile.Multi.Generic (1)
14:00:55.0296 2056 [ 573337205057E22E13DA1FFBC66A8AAF ] L1c C:\WINDOWS\system32\DRIVERS\l1c51x86.sys
14:00:55.0312 2056 L1c ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0312 2056 L1c - detected UnsignedFile.Multi.Generic (1)
14:00:55.0312 2056 [ 0F8B7BF7097D1E8D78F2F52A2BEA03CD ] L8042pr2 C:\WINDOWS\system32\DRIVERS\L8042pr2.Sys
14:00:55.0312 2056 L8042pr2 ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0312 2056 L8042pr2 - detected UnsignedFile.Multi.Generic (1)
14:00:55.0328 2056 [ 2BBDCB79900990F0716DFCB714E72DE7 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
14:00:55.0328 2056 LanmanServer ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0328 2056 LanmanServer - detected UnsignedFile.Multi.Generic (1)
14:00:55.0343 2056 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
14:00:55.0359 2056 lanmanworkstation ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0359 2056 lanmanworkstation - detected UnsignedFile.Multi.Generic (1)
14:00:55.0359 2056 lbrtfdc - ok
14:00:55.0390 2056 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
14:00:55.0390 2056 LmHosts ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0390 2056 LmHosts - detected UnsignedFile.Multi.Generic (1)
14:00:55.0406 2056 [ AEF09673376A4D93C09E8341854F1BF4 ] LMouFlt2 C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys
14:00:55.0406 2056 LMouFlt2 ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0406 2056 LMouFlt2 - detected UnsignedFile.Multi.Generic (1)
14:00:55.0437 2056 [ 23B55D27A0AFB7FE9CBCB20B617CC168 ] Ltn_stk7070P C:\WINDOWS\system32\DRIVERS\Ltn_stk7070P.sys
14:00:55.0437 2056 Ltn_stk7070P ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0437 2056 Ltn_stk7070P - detected UnsignedFile.Multi.Generic (1)
14:00:55.0468 2056 [ 1FA7503D019291C027FEDAE509BC5500 ] Ltn_stkrc C:\WINDOWS\system32\DRIVERS\Ltn_stkrc.sys
14:00:55.0484 2056 Ltn_stkrc ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0484 2056 Ltn_stkrc - detected UnsignedFile.Multi.Generic (1)
14:00:55.0546 2056 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
14:00:55.0562 2056 Messenger ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0562 2056 Messenger - detected UnsignedFile.Multi.Generic (1)
14:00:55.0562 2056 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
14:00:55.0562 2056 mnmdd ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0562 2056 mnmdd - detected UnsignedFile.Multi.Generic (1)
14:00:55.0578 2056 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
14:00:55.0593 2056 mnmsrvc ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0593 2056 mnmsrvc - detected UnsignedFile.Multi.Generic (1)
14:00:55.0593 2056 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
14:00:55.0593 2056 Modem ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0593 2056 Modem - detected UnsignedFile.Multi.Generic (1)
14:00:55.0593 2056 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:00:55.0609 2056 Mouclass ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0609 2056 Mouclass - detected UnsignedFile.Multi.Generic (1)
14:00:55.0609 2056 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:00:55.0609 2056 mouhid ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0609 2056 mouhid - detected UnsignedFile.Multi.Generic (1)
14:00:55.0625 2056 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
14:00:55.0640 2056 MountMgr ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0640 2056 MountMgr - detected UnsignedFile.Multi.Generic (1)
14:00:55.0687 2056 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
14:00:55.0703 2056 MozillaMaintenance - ok
14:00:55.0718 2056 [ C0F8E0C2C3C0437CF37C6781896DC3EC ] MPE C:\WINDOWS\system32\DRIVERS\MPE.sys
14:00:55.0718 2056 MPE ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0718 2056 MPE - detected UnsignedFile.Multi.Generic (1)
14:00:55.0734 2056 mraid35x - ok
14:00:55.0734 2056 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:00:55.0750 2056 MRxDAV ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0750 2056 MRxDAV - detected UnsignedFile.Multi.Generic (1)
14:00:55.0781 2056 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:00:55.0781 2056 MRxSmb ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0781 2056 MRxSmb - detected UnsignedFile.Multi.Generic (1)
14:00:55.0828 2056 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
14:00:55.0828 2056 MSDTC ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0828 2056 MSDTC - detected UnsignedFile.Multi.Generic (1)
14:00:55.0828 2056 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
14:00:55.0843 2056 Msfs ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0843 2056 Msfs - detected UnsignedFile.Multi.Generic (1)
14:00:55.0843 2056 MSIServer - ok
14:00:55.0859 2056 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:00:55.0875 2056 MSKSSRV ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0875 2056 MSKSSRV - detected UnsignedFile.Multi.Generic (1)
14:00:55.0875 2056 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:00:55.0875 2056 MSPCLOCK ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0875 2056 MSPCLOCK - detected UnsignedFile.Multi.Generic (1)
14:00:55.0890 2056 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
14:00:55.0906 2056 MSPQM ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0906 2056 MSPQM - detected UnsignedFile.Multi.Generic (1)
14:00:55.0906 2056 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:00:55.0906 2056 mssmbios ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0906 2056 mssmbios - detected UnsignedFile.Multi.Generic (1)
14:00:55.0937 2056 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
14:00:55.0937 2056 MSTEE ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0937 2056 MSTEE - detected UnsignedFile.Multi.Generic (1)
14:00:55.0937 2056 [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor C:\WINDOWS\system32\DRIVERS\ASACPI.sys
14:00:55.0937 2056 MTsensor ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0937 2056 MTsensor - detected UnsignedFile.Multi.Generic (1)
14:00:55.0953 2056 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
14:00:55.0953 2056 Mup ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0953 2056 Mup - detected UnsignedFile.Multi.Generic (1)
14:00:55.0953 2056 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
14:00:55.0968 2056 NABTSFEC ( UnsignedFile.Multi.Generic ) - warning
14:00:55.0968 2056 NABTSFEC - detected UnsignedFile.Multi.Generic (1)
14:00:56.0000 2056 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
14:00:56.0015 2056 napagent ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0015 2056 napagent - detected UnsignedFile.Multi.Generic (1)
14:00:56.0015 2056 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
14:00:56.0031 2056 NDIS ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0031 2056 NDIS - detected UnsignedFile.Multi.Generic (1)
14:00:56.0062 2056 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
14:00:56.0062 2056 NdisIP ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0062 2056 NdisIP - detected UnsignedFile.Multi.Generic (1)
14:00:56.0093 2056 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:00:56.0093 2056 NdisTapi ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0093 2056 NdisTapi - detected UnsignedFile.Multi.Generic (1)
14:00:56.0125 2056 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:00:56.0140 2056 Ndisuio ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0140 2056 Ndisuio - detected UnsignedFile.Multi.Generic (1)
14:00:56.0140 2056 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:00:56.0156 2056 NdisWan ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0156 2056 NdisWan - detected UnsignedFile.Multi.Generic (1)
14:00:56.0171 2056 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
14:00:56.0171 2056 NDProxy ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0171 2056 NDProxy - detected UnsignedFile.Multi.Generic (1)
14:00:56.0171 2056 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
14:00:56.0187 2056 NetBIOS ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0187 2056 NetBIOS - detected UnsignedFile.Multi.Generic (1)
14:00:56.0187 2056 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
14:00:56.0203 2056 NetBT ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0203 2056 NetBT - detected UnsignedFile.Multi.Generic (1)
14:00:56.0203 2056 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
14:00:56.0234 2056 NetDDE ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0234 2056 NetDDE - detected UnsignedFile.Multi.Generic (1)
14:00:56.0234 2056 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
14:00:56.0234 2056 NetDDEdsdm ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0234 2056 NetDDEdsdm - detected UnsignedFile.Multi.Generic (1)
14:00:56.0250 2056 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
14:00:56.0250 2056 Netlogon ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0250 2056 Netlogon - detected UnsignedFile.Multi.Generic (1)
14:00:56.0265 2056 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
14:00:56.0265 2056 Netman ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0265 2056 Netman - detected UnsignedFile.Multi.Generic (1)
14:00:56.0281 2056 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:00:56.0296 2056 NetTcpPortSharing - ok
14:00:56.0328 2056 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
14:00:56.0328 2056 Nla ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0328 2056 Nla - detected UnsignedFile.Multi.Generic (1)
14:00:56.0343 2056 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
14:00:56.0343 2056 Npfs ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0343 2056 Npfs - detected UnsignedFile.Multi.Generic (1)
14:00:56.0359 2056 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
14:00:56.0390 2056 Ntfs ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0390 2056 Ntfs - detected UnsignedFile.Multi.Generic (1)
14:00:56.0390 2056 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
14:00:56.0390 2056 NtLmSsp ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0390 2056 NtLmSsp - detected UnsignedFile.Multi.Generic (1)
14:00:56.0421 2056 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
14:00:56.0437 2056 NtmsSvc ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0437 2056 NtmsSvc - detected UnsignedFile.Multi.Generic (1)
14:00:56.0484 2056 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
14:00:56.0500 2056 Null ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0500 2056 Null - detected UnsignedFile.Multi.Generic (1)
14:00:56.0515 2056 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:00:56.0515 2056 NwlnkFlt ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0515 2056 NwlnkFlt - detected UnsignedFile.Multi.Generic (1)
14:00:56.0531 2056 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:00:56.0531 2056 NwlnkFwd ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0546 2056 NwlnkFwd - detected UnsignedFile.Multi.Generic (1)
14:00:56.0546 2056 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
14:00:56.0562 2056 Parport ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0562 2056 Parport - detected UnsignedFile.Multi.Generic (1)
14:00:56.0562 2056 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
14:00:56.0562 2056 PartMgr ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0562 2056 PartMgr - detected UnsignedFile.Multi.Generic (1)
14:00:56.0578 2056 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
14:00:56.0578 2056 ParVdm ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0578 2056 ParVdm - detected UnsignedFile.Multi.Generic (1)
14:00:56.0578 2056 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
14:00:56.0593 2056 PCI ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0593 2056 PCI - detected UnsignedFile.Multi.Generic (1)
14:00:56.0593 2056 PCIDump - ok
14:00:56.0609 2056 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
14:00:56.0609 2056 PCIIde ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0609 2056 PCIIde - detected UnsignedFile.Multi.Generic (1)
14:00:56.0625 2056 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
14:00:56.0625 2056 Pcmcia ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0625 2056 Pcmcia - detected UnsignedFile.Multi.Generic (1)
14:00:56.0640 2056 PDCOMP - ok
14:00:56.0640 2056 PDFRAME - ok
14:00:56.0656 2056 PDRELI - ok
14:00:56.0656 2056 PDRFRAME - ok
14:00:56.0656 2056 perc2 - ok
14:00:56.0671 2056 perc2hib - ok
14:00:56.0687 2056 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
14:00:56.0703 2056 PlugPlay ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0703 2056 PlugPlay - detected UnsignedFile.Multi.Generic (1)
14:00:56.0703 2056 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
14:00:56.0703 2056 PolicyAgent ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0703 2056 PolicyAgent - detected UnsignedFile.Multi.Generic (1)
14:00:56.0703 2056 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:00:56.0718 2056 PptpMiniport ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0718 2056 PptpMiniport - detected UnsignedFile.Multi.Generic (1)
14:00:56.0718 2056 [ 2CB55427C58679F49AD600FCCBA76360 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
14:00:56.0734 2056 Processor ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0734 2056 Processor - detected UnsignedFile.Multi.Generic (1)
14:00:56.0734 2056 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
14:00:56.0734 2056 ProtectedStorage ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0734 2056 ProtectedStorage - detected UnsignedFile.Multi.Generic (1)
14:00:56.0750 2056 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
14:00:56.0750 2056 PSched ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0750 2056 PSched - detected UnsignedFile.Multi.Generic (1)
14:00:56.0750 2056 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:00:56.0765 2056 Ptilink ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0765 2056 Ptilink - detected UnsignedFile.Multi.Generic (1)
14:00:56.0765 2056 ql1080 - ok
14:00:56.0765 2056 Ql10wnt - ok
14:00:56.0781 2056 ql12160 - ok
14:00:56.0781 2056 ql1240 - ok
14:00:56.0781 2056 ql1280 - ok
14:00:56.0796 2056 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:00:56.0812 2056 RasAcd ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0812 2056 RasAcd - detected UnsignedFile.Multi.Generic (1)
14:00:56.0812 2056 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
14:00:56.0828 2056 RasAuto ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0828 2056 RasAuto - detected UnsignedFile.Multi.Generic (1)
14:00:56.0828 2056 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:00:56.0843 2056 Rasl2tp ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0843 2056 Rasl2tp - detected UnsignedFile.Multi.Generic (1)
14:00:56.0859 2056 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
14:00:56.0859 2056 RasMan ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0859 2056 RasMan - detected UnsignedFile.Multi.Generic (1)
14:00:56.0859 2056 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:00:56.0875 2056 RasPppoe ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0875 2056 RasPppoe - detected UnsignedFile.Multi.Generic (1)
14:00:56.0875 2056 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
14:00:56.0875 2056 Raspti ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0875 2056 Raspti - detected UnsignedFile.Multi.Generic (1)
14:00:56.0890 2056 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:00:56.0890 2056 Rdbss ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0890 2056 Rdbss - detected UnsignedFile.Multi.Generic (1)
14:00:56.0906 2056 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:00:56.0906 2056 RDPCDD ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0906 2056 RDPCDD - detected UnsignedFile.Multi.Generic (1)
14:00:56.0921 2056 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:00:56.0937 2056 rdpdr ( UnsignedFile.Multi.Generic ) - warning
14:00:56.0937 2056 rdpdr - detected UnsignedFile.Multi.Generic (1)
14:00:56.0968 2056 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
14:00:57.0000 2056 RDPWD - ok
14:00:57.0000 2056 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
14:00:57.0015 2056 RDSessMgr ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0015 2056 RDSessMgr - detected UnsignedFile.Multi.Generic (1)
14:00:57.0031 2056 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
14:00:57.0046 2056 redbook ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0046 2056 redbook - detected UnsignedFile.Multi.Generic (1)
14:00:57.0046 2056 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
14:00:57.0062 2056 RemoteAccess ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0062 2056 RemoteAccess - detected UnsignedFile.Multi.Generic (1)
14:00:57.0093 2056 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
14:00:57.0093 2056 RemoteRegistry ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0093 2056 RemoteRegistry - detected UnsignedFile.Multi.Generic (1)
14:00:57.0109 2056 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
14:00:57.0125 2056 RpcLocator ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0125 2056 RpcLocator - detected UnsignedFile.Multi.Generic (1)
14:00:57.0140 2056 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll
14:00:57.0156 2056 RpcSs ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0156 2056 RpcSs - detected UnsignedFile.Multi.Generic (1)
14:00:57.0156 2056 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
14:00:57.0171 2056 RSVP ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0171 2056 RSVP - detected UnsignedFile.Multi.Generic (1)
14:00:57.0171 2056 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
14:00:57.0171 2056 SamSs ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0171 2056 SamSs - detected UnsignedFile.Multi.Generic (1)
14:00:57.0171 2056 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
14:00:57.0187 2056 SCardSvr ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0187 2056 SCardSvr - detected UnsignedFile.Multi.Generic (1)
14:00:57.0203 2056 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
14:00:57.0203 2056 Schedule ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0203 2056 Schedule - detected UnsignedFile.Multi.Generic (1)
14:00:57.0218 2056 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:00:57.0234 2056 Secdrv ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0234 2056 Secdrv - detected UnsignedFile.Multi.Generic (1)
14:00:57.0250 2056 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
14:00:57.0250 2056 seclogon ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0250 2056 seclogon - detected UnsignedFile.Multi.Generic (1)
14:00:57.0250 2056 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
14:00:57.0265 2056 SENS ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0265 2056 SENS - detected UnsignedFile.Multi.Generic (1)
14:00:57.0265 2056 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
14:00:57.0265 2056 serenum ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0265 2056 serenum - detected UnsignedFile.Multi.Generic (1)
14:00:57.0281 2056 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
14:00:57.0281 2056 Serial ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0281 2056 Serial - detected UnsignedFile.Multi.Generic (1)
14:00:57.0296 2056 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
14:00:57.0296 2056 Sfloppy ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0296 2056 Sfloppy - detected UnsignedFile.Multi.Generic (1)
14:00:57.0312 2056 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
14:00:57.0328 2056 SharedAccess ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0328 2056 SharedAccess - detected UnsignedFile.Multi.Generic (1)
14:00:57.0343 2056 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:00:57.0343 2056 ShellHWDetection ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0343 2056 ShellHWDetection - detected UnsignedFile.Multi.Generic (1)
14:00:57.0359 2056 Simbad - ok
14:00:57.0390 2056 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
14:00:57.0390 2056 SLIP ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0390 2056 SLIP - detected UnsignedFile.Multi.Generic (1)
14:00:57.0390 2056 Sparrow - ok
14:00:57.0406 2056 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
14:00:57.0421 2056 splitter ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0421 2056 splitter - detected UnsignedFile.Multi.Generic (1)
14:00:57.0437 2056 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
14:00:57.0437 2056 Spooler ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0437 2056 Spooler - detected UnsignedFile.Multi.Generic (1)
14:00:57.0437 2056 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
14:00:57.0453 2056 sr ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0453 2056 sr - detected UnsignedFile.Multi.Generic (1)
14:00:57.0453 2056 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
14:00:57.0453 2056 srservice ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0453 2056 srservice - detected UnsignedFile.Multi.Generic (1)
14:00:57.0468 2056 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
14:00:57.0468 2056 Srv ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0468 2056 Srv - detected UnsignedFile.Multi.Generic (1)
14:00:57.0500 2056 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
14:00:57.0500 2056 SSDPSRV ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0500 2056 SSDPSRV - detected UnsignedFile.Multi.Generic (1)
14:00:57.0515 2056 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
14:00:57.0531 2056 ssmdrv - ok
14:00:57.0531 2056 [ E57B778208C783D8DEBAB320C16A1B82 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys
14:00:57.0546 2056 StarOpen ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0546 2056 StarOpen - detected UnsignedFile.Multi.Generic (1)
14:00:57.0578 2056 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
14:00:57.0578 2056 stisvc ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0578 2056 stisvc - detected UnsignedFile.Multi.Generic (1)
14:00:57.0625 2056 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
14:00:57.0625 2056 streamip ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0625 2056 streamip - detected UnsignedFile.Multi.Generic (1)
14:00:57.0640 2056 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
14:00:57.0640 2056 swenum ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0640 2056 swenum - detected UnsignedFile.Multi.Generic (1)
14:00:57.0656 2056 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
14:00:57.0656 2056 swmidi ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0656 2056 swmidi - detected UnsignedFile.Multi.Generic (1)
14:00:57.0656 2056 SwPrv - ok
14:00:57.0671 2056 symc810 - ok
14:00:57.0671 2056 symc8xx - ok
14:00:57.0687 2056 sym_hi - ok
14:00:57.0687 2056 sym_u3 - ok
14:00:57.0687 2056 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
14:00:57.0703 2056 sysaudio ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0703 2056 sysaudio - detected UnsignedFile.Multi.Generic (1)
14:00:57.0718 2056 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
14:00:57.0718 2056 SysmonLog ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0718 2056 SysmonLog - detected UnsignedFile.Multi.Generic (1)
14:00:57.0750 2056 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
14:00:57.0750 2056 TapiSrv ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0750 2056 TapiSrv - detected UnsignedFile.Multi.Generic (1)
14:00:57.0781 2056 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:00:57.0796 2056 Tcpip ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0796 2056 Tcpip - detected UnsignedFile.Multi.Generic (1)
14:00:57.0828 2056 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
14:00:57.0828 2056 TDPIPE ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0828 2056 TDPIPE - detected UnsignedFile.Multi.Generic (1)
14:00:57.0828 2056 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
14:00:57.0843 2056 TDTCP ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0843 2056 TDTCP - detected UnsignedFile.Multi.Generic (1)
14:00:57.0843 2056 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
14:00:57.0843 2056 TermDD ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0843 2056 TermDD - detected UnsignedFile.Multi.Generic (1)
14:00:57.0875 2056 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
14:00:57.0875 2056 TermService ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0875 2056 TermService - detected UnsignedFile.Multi.Generic (1)
14:00:57.0890 2056 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
14:00:57.0890 2056 Themes ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0890 2056 Themes - detected UnsignedFile.Multi.Generic (1)
14:00:57.0890 2056 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
14:00:57.0906 2056 TlntSvr ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0906 2056 TlntSvr - detected UnsignedFile.Multi.Generic (1)
14:00:57.0906 2056 TosIde - ok
14:00:57.0906 2056 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
14:00:57.0921 2056 TrkWks ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0921 2056 TrkWks - detected UnsignedFile.Multi.Generic (1)
14:00:57.0937 2056 [ ABC610753D5B67813E98B37EEB10CCC8 ] trm3x5 C:\WINDOWS\system32\DRIVERS\trm3x5.sys
14:00:57.0937 2056 trm3x5 ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0937 2056 trm3x5 - detected UnsignedFile.Multi.Generic (1)
14:00:57.0953 2056 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
14:00:57.0968 2056 Udfs ( UnsignedFile.Multi.Generic ) - warning
14:00:57.0968 2056 Udfs - detected UnsignedFile.Multi.Generic (1)
14:00:57.0968 2056 ultra - ok
14:00:57.0984 2056 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
14:00:58.0000 2056 Update ( UnsignedFile.Multi.Generic ) - warning
14:00:58.0000 2056 Update - detected UnsignedFile.Multi.Generic (1)
14:00:58.0015 2056 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
14:00:58.0031 2056 upnphost ( UnsignedFile.Multi.Generic ) - warning
14:00:58.0031 2056 upnphost - detected UnsignedFile.Multi.Generic (1)
14:00:58.0046 2056 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
14:00:58.0046 2056 UPS ( UnsignedFile.Multi.Generic ) - warning
14:00:58.0046 2056 UPS - detected UnsignedFile.Multi.Generic (1)
14:00:58.0062 2056 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
14:00:58.0078 2056 usbaudio ( UnsignedFile.Multi.Generic ) - warning
14:00:58.0078 2056 usbaudio - detected UnsignedFile.Multi.Generic (1)
14:00:58.0078 2056 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:00:58.0078 2056 usbccgp ( UnsignedFile.Multi.Generic ) - warning
14:00:58.0078 2056 usbccgp - detected UnsignedFile.Multi.Generic (1)
14:00:58.0093 2056 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:00:58.0109 2056 usbehci ( UnsignedFile.Multi.Generic ) - warning
14:00:58.0109 2056 usbehci - detected UnsignedFile.Multi.Generic (1)
14:00:58.0125 2056 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:00:58.0125 2056 usbhub ( UnsignedFile.Multi.Generic ) - warning
14:00:58.0125 2056 usbhub - detected UnsignedFile.Multi.Generic (1)
14:00:58.0140 2056 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
14:00:58.0140 2056 usbohci ( UnsignedFile.Multi.Generic ) - warning
14:00:58.0140 2056 usbohci - detected UnsignedFile.Multi.Generic (1)
14:00:58.0171 2056 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:00:58.0171 2056 usbprint ( UnsignedFile.Multi.Generic ) - warning
14:00:58.0171 2056 usbprint - detected UnsignedFile.Multi.Generic (1)
14:00:58.0203 2056 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:00:58.0203 2056 usbscan ( UnsignedFile.Multi.Generic ) - warning
14:00:58.0203 2056 usbscan - detected UnsignedFile.Multi.Generic (1)
14:00:58.0218 2056 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:00:58.0234 2056 usbstor ( UnsignedFile.Multi.Generic ) - warning
14:00:58.0234 2056 usbstor - detected UnsignedFile.Multi.Generic (1)
14:00:58.0234 2056 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
14:00:58.0234 2056 VgaSave ( UnsignedFile.Multi.Generic ) - warning
14:00:58.0234 2056 VgaSave - detected UnsignedFile.Multi.Generic (1)
14:00:58.0296 2056 [ 033B4D6691770D35B91624270F1CD390 ] VIAHdAudAddService C:\WINDOWS\system32\drivers\viahduaa.sys
14:00:58.0359 2056 VIAHdAudAddService - ok
14:00:58.0359 2056 ViaIde - ok
14:00:58.0390 2056 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
14:00:58.0390 2056 VolSnap ( UnsignedFile.Multi.Generic ) - warning
14:00:58.0390 2056 VolSnap - detected UnsignedFile.Multi.Generic (1)
14:00:58.0406 2056 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
14:00:58.0421 2056 VSS ( UnsignedFile.Multi.Generic ) - warning
14:00:58.0421 2056 VSS - detected UnsignedFile.Multi.Generic (1)
14:00:58.0437 2056 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
14:00:58.0453 2056 W32Time ( UnsignedFile.Multi.Generic ) - warning
14:00:58.0453 2056 W32Time - detected UnsignedFile.Multi.Generic (1)
14:00:58.0453 2056 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:00:58.0453 2056 Wanarp ( UnsignedFile.Multi.Generic ) - warning
14:00:58.0453 2056 Wanarp - detected UnsignedFile.Multi.Generic (1)
14:00:58.0468 2056 WDICA - ok
14:00:58.0468 2056 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
14:00:58.0484 2056 wdmaud ( UnsignedFile.Multi.Generic ) - warning
14:00:58.0484 2056 wdmaud - detected UnsignedFile.Multi.Generic (1)
14:00:58.0515 2056 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
14:00:58.0515 2056 WebClient ( UnsignedFile.Multi.Generic ) - warning
14:00:58.0515 2056 WebClient - detected UnsignedFile.Multi.Generic (1)
14:00:58.0546 2056 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
14:00:58.0546 2056 winmgmt ( UnsignedFile.Multi.Generic ) - warning
14:00:58.0546 2056 winmgmt - detected UnsignedFile.Multi.Generic (1)
14:00:58.0593 2056 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
14:00:58.0671 2056 WmdmPmSN - ok
14:00:58.0703 2056 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll
14:00:58.0718 2056 Wmi ( UnsignedFile.Multi.Generic ) - warning
14:00:58.0718 2056 Wmi - detected UnsignedFile.Multi.Generic (1)
14:00:58.0750 2056 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
14:00:58.0750 2056 WmiAcpi ( UnsignedFile.Multi.Generic ) - warning
14:00:58.0750 2056 WmiAcpi - detected UnsignedFile.Multi.Generic (1)
14:00:58.0765 2056 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:00:58.0765 2056 WmiApSrv ( UnsignedFile.Multi.Generic ) - warning
14:00:58.0765 2056 WmiApSrv - detected UnsignedFile.Multi.Generic (1)
14:00:58.0812 2056 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
14:00:58.0859 2056 WMPNetworkSvc - ok
14:00:58.0875 2056 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
14:00:58.0890 2056 WS2IFSL ( UnsignedFile.Multi.Generic ) - warning
14:00:58.0890 2056 WS2IFSL - detected UnsignedFile.Multi.Generic (1)
14:00:58.0906 2056 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
14:00:58.0906 2056 wscsvc ( UnsignedFile.Multi.Generic ) - warning
14:00:58.0906 2056 wscsvc - detected UnsignedFile.Multi.Generic (1)
14:00:58.0921 2056 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
14:00:58.0937 2056 WSTCODEC ( UnsignedFile.Multi.Generic ) - warning
14:00:58.0937 2056 WSTCODEC - detected UnsignedFile.Multi.Generic (1)
14:00:58.0953 2056 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
14:00:58.0953 2056 wuauserv ( UnsignedFile.Multi.Generic ) - warning
14:00:58.0953 2056 wuauserv - detected UnsignedFile.Multi.Generic (1)
14:00:58.0984 2056 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:00:59.0000 2056 WudfPf - ok
14:00:59.0000 2056 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:00:59.0015 2056 WudfRd - ok
14:00:59.0015 2056 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
14:00:59.0031 2056 WudfSvc - ok
14:00:59.0078 2056 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
14:00:59.0093 2056 WZCSVC ( UnsignedFile.Multi.Generic ) - warning
14:00:59.0093 2056 WZCSVC - detected UnsignedFile.Multi.Generic (1)
14:00:59.0093 2056 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
14:00:59.0109 2056 xmlprov ( UnsignedFile.Multi.Generic ) - warning
14:00:59.0109 2056 xmlprov - detected UnsignedFile.Multi.Generic (1)
14:00:59.0109 2056 ================ Scan global ===============================
14:00:59.0125 2056 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
14:00:59.0140 2056 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll
14:00:59.0156 2056 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll
14:00:59.0171 2056 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
14:00:59.0171 2056 [Global] - ok
14:00:59.0171 2056 ================ Scan MBR ==================================
14:00:59.0203 2056 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:00:59.0390 2056 \Device\Harddisk0\DR0 - ok
14:00:59.0546 2056 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR5
14:00:59.0703 2056 \Device\Harddisk2\DR5 - ok
14:00:59.0703 2056 ================ Scan VBR ==================================
14:00:59.0718 2056 [ C23B0788E4D660FD8434AB5584EBF25E ] \Device\Harddisk0\DR0\Partition1
14:00:59.0718 2056 \Device\Harddisk0\DR0\Partition1 - ok
14:00:59.0734 2056 [ 46743C9176976FEF25E94484F5A89F78 ] \Device\Harddisk0\DR0\Partition2
14:00:59.0734 2056 \Device\Harddisk0\DR0\Partition2 - ok
14:00:59.0734 2056 [ 9224C73C48201EDB8FFFD10EF9C21F86 ] \Device\Harddisk2\DR5\Partition1
14:00:59.0734 2056 \Device\Harddisk2\DR5\Partition1 - ok
14:00:59.0734 2056 ============================================================
14:00:59.0734 2056 Scan finished
14:00:59.0734 2056 ============================================================
14:00:59.0843 2724 Detected object count: 212
14:00:59.0843 2724 Actual detected object count: 212
14:01:29.0343 2724 ACPI ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0343 2724 ACPI ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0343 2724 ACPIEC ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0343 2724 ACPIEC ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0343 2724 aec ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0343 2724 aec ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0343 2724 Alerter ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0343 2724 Alerter ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0359 2724 ALG ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0359 2724 ALG ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0359 2724 AppMgmt ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0359 2724 AppMgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0359 2724 AsyncMac ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0359 2724 AsyncMac ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0359 2724 atapi ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0359 2724 atapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0359 2724 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0359 2724 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0375 2724 ati2mtag ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0375 2724 ati2mtag ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0375 2724 Atmarpc ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0375 2724 Atmarpc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0375 2724 AudioSrv ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0375 2724 AudioSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0375 2724 audstub ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0375 2724 audstub ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0375 2724 Beep ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0375 2724 Beep ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0375 2724 BITS ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0375 2724 BITS ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0390 2724 BrPar ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0390 2724 BrPar ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0390 2724 cbidf2k ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0390 2724 cbidf2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0390 2724 CCALib8 ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0390 2724 CCALib8 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0390 2724 CCDECODE ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0390 2724 CCDECODE ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0390 2724 Cdaudio ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0390 2724 Cdaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0390 2724 Cdfs ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0390 2724 Cdfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0406 2724 Cdrom ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0406 2724 Cdrom ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0406 2724 CiSvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0406 2724 CiSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0406 2724 ClipSrv ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0406 2724 ClipSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0406 2724 CryptSvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0406 2724 CryptSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0406 2724 DcomLaunch ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0406 2724 DcomLaunch ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0406 2724 Dhcp ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0406 2724 Dhcp ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0421 2724 Disk ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0421 2724 Disk ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0421 2724 dmboot ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0421 2724 dmboot ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0421 2724 dmio ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0421 2724 dmio ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0421 2724 dmload ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0421 2724 dmload ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0421 2724 dmserver ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0421 2724 dmserver ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0421 2724 DMusic ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0437 2724 DMusic ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0437 2724 Dnscache ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0437 2724 Dnscache ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0437 2724 Dot3svc ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0437 2724 Dot3svc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0437 2724 drmkaud ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0437 2724 drmkaud ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0437 2724 EapHost ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0437 2724 EapHost ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0437 2724 ERSvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0437 2724 ERSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0453 2724 Eventlog ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0453 2724 Eventlog ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0453 2724 EventSystem ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0453 2724 EventSystem ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0453 2724 Fastfat ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0453 2724 Fastfat ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0453 2724 FastUserSwitchingCompatibility ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0453 2724 FastUserSwitchingCompatibility ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0453 2724 Fdc ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0453 2724 Fdc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0453 2724 Fips ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0453 2724 Fips ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0468 2724 Flpydisk ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0468 2724 Flpydisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0468 2724 FltMgr ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0468 2724 FltMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0468 2724 Fs_Rec ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0468 2724 Fs_Rec ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0468 2724 Ftdisk ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0468 2724 Ftdisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0468 2724 Gpc ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0468 2724 Gpc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0468 2724 HDAudBus ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0468 2724 HDAudBus ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0484 2724 helpsvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0484 2724 helpsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0484 2724 HidServ ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0484 2724 HidServ ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0484 2724 hidusb ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0484 2724 hidusb ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0484 2724 hkmsvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0484 2724 hkmsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0484 2724 HTTP ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0484 2724 HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0484 2724 HTTPFilter ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0484 2724 HTTPFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0500 2724 i8042prt ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0500 2724 i8042prt ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0500 2724 Imapi ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0500 2724 Imapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0500 2724 ImapiService ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0500 2724 ImapiService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0500 2724 Ip6Fw ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0500 2724 Ip6Fw ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0500 2724 IpFilterDriver ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0500 2724 IpFilterDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0515 2724 IpInIp ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0515 2724 IpInIp ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0515 2724 IpNat ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0515 2724 IpNat ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0515 2724 IPSec ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0515 2724 IPSec ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0515 2724 IRENUM ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0515 2724 IRENUM ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0515 2724 isapnp ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0515 2724 isapnp ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0515 2724 Kbdclass ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0515 2724 Kbdclass ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0531 2724 kbdhid ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0531 2724 kbdhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0531 2724 kmixer ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0531 2724 kmixer ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0531 2724 KSecDD ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0531 2724 KSecDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0531 2724 L1c ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0531 2724 L1c ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0531 2724 L8042pr2 ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0531 2724 L8042pr2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0531 2724 LanmanServer ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0531 2724 LanmanServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0546 2724 lanmanworkstation ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0546 2724 lanmanworkstation ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0546 2724 LmHosts ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0546 2724 LmHosts ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0546 2724 LMouFlt2 ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0546 2724 LMouFlt2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0546 2724 Ltn_stk7070P ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0546 2724 Ltn_stk7070P ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0546 2724 Ltn_stkrc ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0546 2724 Ltn_stkrc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0546 2724 Messenger ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0546 2724 Messenger ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0562 2724 mnmdd ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0562 2724 mnmdd ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0562 2724 mnmsrvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0562 2724 mnmsrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0562 2724 Modem ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0562 2724 Modem ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0562 2724 Mouclass ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0562 2724 Mouclass ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0562 2724 mouhid ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0562 2724 mouhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0562 2724 MountMgr ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0562 2724 MountMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0578 2724 MPE ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0578 2724 MPE ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0578 2724 MRxDAV ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0578 2724 MRxDAV ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0578 2724 MRxSmb ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0578 2724 MRxSmb ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0578 2724 MSDTC ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0578 2724 MSDTC ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0578 2724 Msfs ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0578 2724 Msfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0593 2724 MSKSSRV ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0593 2724 MSKSSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0593 2724 MSPCLOCK ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0593 2724 MSPCLOCK ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0593 2724 MSPQM ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0593 2724 MSPQM ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0593 2724 mssmbios ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0593 2724 mssmbios ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0593 2724 MSTEE ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0593 2724 MSTEE ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0593 2724 MTsensor ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0593 2724 MTsensor ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0609 2724 Mup ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0609 2724 Mup ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0609 2724 NABTSFEC ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0609 2724 NABTSFEC ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0609 2724 napagent ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0609 2724 napagent ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0609 2724 NDIS ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0609 2724 NDIS ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0609 2724 NdisIP ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0609 2724 NdisIP ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0609 2724 NdisTapi ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0609 2724 NdisTapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0625 2724 Ndisuio ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0625 2724 Ndisuio ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0625 2724 NdisWan ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0625 2724 NdisWan ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0625 2724 NDProxy ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0625 2724 NDProxy ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0625 2724 NetBIOS ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0625 2724 NetBIOS ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0625 2724 NetBT ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0625 2724 NetBT ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0625 2724 NetDDE ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0625 2724 NetDDE ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0640 2724 NetDDEdsdm ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0640 2724 NetDDEdsdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0640 2724 Netlogon ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0640 2724 Netlogon ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0640 2724 Netman ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0640 2724 Netman ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0640 2724 Nla ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0640 2724 Nla ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0640 2724 Npfs ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0640 2724 Npfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0656 2724 Ntfs ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0656 2724 Ntfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0656 2724 NtLmSsp ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0656 2724 NtLmSsp ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0656 2724 NtmsSvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0656 2724 NtmsSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0656 2724 Null ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0656 2724 Null ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0656 2724 NwlnkFlt ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0656 2724 NwlnkFlt ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0656 2724 NwlnkFwd ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0656 2724 NwlnkFwd ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0671 2724 Parport ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0671 2724 Parport ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0671 2724 PartMgr ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0671 2724 PartMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0671 2724 ParVdm ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0671 2724 ParVdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0671 2724 PCI ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0671 2724 PCI ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0671 2724 PCIIde ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0671 2724 PCIIde ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0671 2724 Pcmcia ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0671 2724 Pcmcia ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0687 2724 PlugPlay ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0687 2724 PlugPlay ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0687 2724 PolicyAgent ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0687 2724 PolicyAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0687 2724 PptpMiniport ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0687 2724 PptpMiniport ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0687 2724 Processor ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0687 2724 Processor ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0687 2724 ProtectedStorage ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0687 2724 ProtectedStorage ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0687 2724 PSched ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0687 2724 PSched ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0703 2724 Ptilink ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0703 2724 Ptilink ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0703 2724 RasAcd ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0703 2724 RasAcd ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0703 2724 RasAuto ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0703 2724 RasAuto ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0703 2724 Rasl2tp ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0703 2724 Rasl2tp ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0703 2724 RasMan ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0703 2724 RasMan ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0703 2724 RasPppoe ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0718 2724 RasPppoe ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0718 2724 Raspti ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0718 2724 Raspti ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0718 2724 Rdbss ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0718 2724 Rdbss ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0718 2724 RDPCDD ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0718 2724 RDPCDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0718 2724 rdpdr ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0718 2724 rdpdr ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0718 2724 RDSessMgr ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0718 2724 RDSessMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0734 2724 redbook ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0734 2724 redbook ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0734 2724 RemoteAccess ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0734 2724 RemoteAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0734 2724 RemoteRegistry ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0734 2724 RemoteRegistry ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0734 2724 RpcLocator ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0734 2724 RpcLocator ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0734 2724 RpcSs ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0734 2724 RpcSs ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0734 2724 RSVP ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0734 2724 RSVP ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0750 2724 SamSs ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0750 2724 SamSs ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0750 2724 SCardSvr ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0750 2724 SCardSvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0750 2724 Schedule ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0750 2724 Schedule ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0750 2724 Secdrv ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0750 2724 Secdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0750 2724 seclogon ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0750 2724 seclogon ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0750 2724 SENS ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0750 2724 SENS ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0765 2724 serenum ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0765 2724 serenum ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0765 2724 Serial ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0765 2724 Serial ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0765 2724 Sfloppy ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0765 2724 Sfloppy ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0765 2724 SharedAccess ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0765 2724 SharedAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0765 2724 ShellHWDetection ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0765 2724 ShellHWDetection ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0765 2724 SLIP ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0765 2724 SLIP ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0781 2724 splitter ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0781 2724 splitter ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0781 2724 Spooler ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0781 2724 Spooler ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0781 2724 sr ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0781 2724 sr ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0781 2724 srservice ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0781 2724 srservice ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0781 2724 Srv ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0781 2724 Srv ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0796 2724 SSDPSRV ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0796 2724 SSDPSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0796 2724 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0796 2724 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0796 2724 stisvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0796 2724 stisvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0796 2724 streamip ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0796 2724 streamip ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0796 2724 swenum ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0796 2724 swenum ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0796 2724 swmidi ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0796 2724 swmidi ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0812 2724 sysaudio ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0812 2724 sysaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0812 2724 SysmonLog ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0812 2724 SysmonLog ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0812 2724 TapiSrv ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0812 2724 TapiSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0812 2724 Tcpip ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0812 2724 Tcpip ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0812 2724 TDPIPE ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0812 2724 TDPIPE ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0812 2724 TDTCP ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0812 2724 TDTCP ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0828 2724 TermDD ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0828 2724 TermDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0828 2724 TermService ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0828 2724 TermService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0828 2724 Themes ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0828 2724 Themes ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0828 2724 TlntSvr ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0828 2724 TlntSvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0828 2724 TrkWks ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0828 2724 TrkWks ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0828 2724 trm3x5 ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0828 2724 trm3x5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0843 2724 Udfs ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0843 2724 Udfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0843 2724 Update ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0843 2724 Update ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0843 2724 upnphost ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0843 2724 upnphost ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0843 2724 UPS ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0843 2724 UPS ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0843 2724 usbaudio ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0843 2724 usbaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0843 2724 usbccgp ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0843 2724 usbccgp ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0859 2724 usbehci ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0859 2724 usbehci ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0859 2724 usbhub ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0859 2724 usbhub ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0859 2724 usbohci ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0859 2724 usbohci ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0859 2724 usbprint ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0859 2724 usbprint ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0859 2724 usbscan ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0859 2724 usbscan ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0875 2724 usbstor ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0875 2724 usbstor ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0875 2724 VgaSave ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0875 2724 VgaSave ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0875 2724 VolSnap ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0875 2724 VolSnap ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0875 2724 VSS ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0875 2724 VSS ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0875 2724 W32Time ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0875 2724 W32Time ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0875 2724 Wanarp ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0875 2724 Wanarp ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0875 2724 wdmaud ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0875 2724 wdmaud ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0890 2724 WebClient ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0890 2724 WebClient ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0890 2724 winmgmt ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0890 2724 winmgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0890 2724 Wmi ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0890 2724 Wmi ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0890 2724 WmiAcpi ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0890 2724 WmiAcpi ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0890 2724 WmiApSrv ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0890 2724 WmiApSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0890 2724 WS2IFSL ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0890 2724 WS2IFSL ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0906 2724 wscsvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0906 2724 wscsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0906 2724 WSTCODEC ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0906 2724 WSTCODEC ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0906 2724 wuauserv ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0906 2724 wuauserv ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0906 2724 WZCSVC ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0906 2724 WZCSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:29.0906 2724 xmlprov ( UnsignedFile.Multi.Generic ) - skipped by user
14:01:29.0906 2724 xmlprov ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:01:45.0703 3060 Deinitialize success


Alt 17.06.2013, 14:03   #6
markusg
/// Malware-holic
 
Trojaner eingefangen? TR/Spy.zbot.alw - Standard

Trojaner eingefangen? TR/Spy.zbot.alw



Hi,
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
--> Trojaner eingefangen? TR/Spy.zbot.alw

Alt 17.06.2013, 14:13   #7
Jarrod71
 
Trojaner eingefangen? TR/Spy.zbot.alw - Standard

Trojaner eingefangen? TR/Spy.zbot.alw



Code:
ATTFilter
ComboFix 13-06-17.01 - ****  17.06.2013  14:07:29.1.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.49.1031.18.3326.2613 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Josef Raser\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
Achtung - Auf diesem PC ist keine Wiederherstellungskonsole installiert !!
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokumente und einstellungen\Josef Raser\WINDOWS
C:\Install.exe
c:\programme\Setup.exe
c:\windows\IsUn0407.exe
c:\windows\system32\SET3E.tmp
c:\windows\system32\SET43.tmp
c:\windows\unin0407.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-05-17 bis 2013-06-17  ))))))))))))))))))))))))))))))
.
.
2013-06-14 19:17 . 2013-06-14 19:17	--------	d-----w-	c:\programme\ESET
2013-06-12 17:41 . 2013-06-12 17:50	--------	d-----w-	c:\dokumente und einstellungen\Josef Raser\Anwendungsdaten\Audacity
2013-06-12 17:24 . 2008-04-13 22:15	60032	----a-w-	c:\windows\system32\drivers\USBAUDIO.sys
2013-06-12 17:20 . 2013-06-12 17:20	--------	d-----w-	c:\programme\Gemeinsame Dateien\Acon Digital Media
2013-06-12 17:19 . 2013-06-12 17:19	--------	d-----w-	c:\programme\Acon Digital Media
2013-06-03 16:31 . 2013-06-03 16:31	--------	d-----w-	c:\programme\Dropbox
2013-05-24 08:17 . 2013-05-24 08:23	--------	d-----w-	c:\programme\Mozilla Thunderbird
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-11 19:18 . 2012-04-22 17:36	692104	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2013-06-11 19:18 . 2011-08-12 16:35	71048	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-17 20:30 . 2008-04-14 12:00	841216	----a-w-	c:\windows\system32\wininet.dll
2013-05-17 20:30 . 2008-04-14 12:00	78336	----a-w-	c:\windows\system32\ieencode.dll
2013-05-17 20:30 . 2008-04-14 12:00	1830912	------w-	c:\windows\system32\inetcpl.cpl
2013-05-17 20:30 . 2008-04-14 12:00	17408	----a-w-	c:\windows\system32\corpol.dll
2013-05-03 05:39 . 2008-04-14 12:00	2152448	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-05-03 05:39 . 2008-04-14 07:30	2031104	----a-w-	c:\windows\system32\ntkrnlpa.exe
2013-04-12 23:28 . 2008-04-14 12:00	389120	----a-w-	c:\windows\system32\html.iec
2013-04-12 14:00 . 2008-04-14 12:00	1876480	----a-w-	c:\windows\system32\win32k.sys
2013-03-31 11:02 . 2012-11-18 16:36	84744	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2013-03-31 11:02 . 2012-11-18 16:36	37352	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2013-03-31 11:02 . 2012-11-18 16:36	135136	----a-w-	c:\windows\system32\drivers\avipbb.sys
2012-04-19 06:59 . 2012-04-19 06:59	3125248	----a-w-	c:\programme\openofficeorg34.msi
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
.
[-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\asyncmac.sys
[-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys
.
[-] 2008-04-14 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[-] 2008-04-14 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys
.
[-] 2008-04-14 . 1704D8C4C8807B889E43C649B478A452 . 25216 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys
.
[-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ndis.sys
[-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys
.
[-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ntfs.sys
[-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys
[-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\XPCD\CDROOT\I386\NTFS.SYS
.
[-] 2008-04-14 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[-] 2008-04-14 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys
.
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[-] 2008-04-14 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2509553$\tcpip.sys
.
[-] 2008-04-14 . AFB8261B56CBA0D86AEB6DF682AF9785 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[-] 2008-04-14 . AFB8261B56CBA0D86AEB6DF682AF9785 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lsass.exe
.
[-] 2008-04-14 . E6D88F1F6745BF00B57E7855A2AB696C . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
[-] 2008-04-14 . E6D88F1F6745BF00B57E7855A2AB696C . 198144 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netman.dll
.
[-] 2008-04-14 12:00 . D0DE8A2EC95184E5193BB4B3112E29DF . 846848 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
[-] 2008-04-14 12:00 . D0DE8A2EC95184E5193BB4B3112E29DF . 846848 . . [2001.12.4414.700] . . c:\windows\system32\dllcache\comres.dll
.
[-] 2008-04-14 . D6F603772A789BB3228F310D650B8BD1 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[-] 2008-04-14 . D6F603772A789BB3228F310D650B8BD1 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\dllcache\qmgr.dll
.
[-] 2009-02-09 . D3D765E8455A961AE567B408F767D4F9 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 . 3127AFBF2C1ED0AB14A1BBB7AAECB85B . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . 3127AFBF2C1ED0AB14A1BBB7AAECB85B . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[-] 2008-04-14 . E970C2296916BF4A2F958680016FE312 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
.
[-] 2009-02-09 . A3EDBE9053889FB24AB22492472B39DC . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-09 . A3EDBE9053889FB24AB22492472B39DC . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-09 . F0A7D59AF279326528715B206669B86C . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2008-04-14 . 4BB6A83640F1D1792AD21CE767B621C6 . 109056 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe
.
[-] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\dllcache\spoolsv.exe
[-] 2008-04-14 . 39356A9CDB6753A6D13A4072A9F5A4BB . 57856 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2347290$\spoolsv.exe
.
[-] 2008-04-14 . F09A527B422E25C478E38CAA0E44417A . 513024 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2008-04-14 . F09A527B422E25C478E38CAA0E44417A . 513024 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\winlogon.exe
.
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ipsec.sys
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
.
[-] 2010-08-23 . 1438703F3D9FFE111DA3869E4F3EEE73 . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2010-08-23 . 1438703F3D9FFE111DA3869E4F3EEE73 . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[-] 2010-08-23 . 2B6ADE29F8D00EEFA5FA2250CBE094AD . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[-] 2008-04-14 . AD28671D1B83A386B070DC451A113C13 . 617472 . . [5.82] . . c:\windows\$NtUninstallKB2296011$\comctl32.dll
[-] 2008-04-14 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[-] 2008-04-14 . 3C93CE6C6985C55952B7BE6673E9FD15 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[-] 2008-04-14 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\XPCD\CDROOT\I386\ASMS\6000\MSFT\WINDOWS\COMMON\CONTROLS\COMCTL32.DLL
.
[-] 2008-04-14 . 611F824E5C703A5A899F84C5F1699E4D . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[-] 2008-04-14 . 611F824E5C703A5A899F84C5F1699E4D . 62464 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cryptsvc.dll
.
[-] 2008-07-07 20:26 . AF4F6B5739D18CA7972AB53E091CBC74 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:26 . AF4F6B5739D18CA7972AB53E091CBC74 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:23 . ADA7241C16F3F42C7F210539FAD5F3AA . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-04-14 12:00 . 0F3EDAEE1EF97CF3DB2BE23A7289B78C . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll
.
[-] 2008-04-14 . F9954695D246B33A5BF105029A4C6AB6 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[-] 2008-04-14 . F9954695D246B33A5BF105029A4C6AB6 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\imm32.dll
.
[-] 2008-04-14 . 5543A9D4A1D0F9F84092482A9373A024 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2008-04-14 . 5543A9D4A1D0F9F84092482A9373A024 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\linkinfo.dll
.
[-] 2008-04-14 . F38F3C47BBFFD748C1359AB171C3A630 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[-] 2008-04-14 . F38F3C47BBFFD748C1359AB171C3A630 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lpk.dll
.
[-] 2008-04-14 . C6A6E53A0C34EC87883137A6CB87AE5E . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[-] 2008-04-14 . C6A6E53A0C34EC87883137A6CB87AE5E . 343040 . . [7.0.2600.5512] . . c:\windows\system32\dllcache\msvcrt.dll
[-] 2008-04-14 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
[-] 2008-04-14 . C536AAD8A71608FE33CD956214EDD366 . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
[-] 2008-04-14 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\XPCD\CDROOT\I386\ASMS\7000\MSFT\WINDOWS\MSWINCRT\MSVCRT.DLL
[-] 2008-04-14 12:00 . E826A484EDE25C3AE19F1B8086511F4B . 267536 . . [4.20.6201] . . c:\windows\XPCD\CDROOT\I386\WIN9XUPG\MSVCRT.DLL
.
[-] 2008-06-20 . 4AA50627B01C0E9C6B4C6BD3AF648F12 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
[-] 2008-06-20 . F1B67B6B0751AE0E6E964B02821206A3 . 247296 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . F1B67B6B0751AE0E6E964B02821206A3 . 247296 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
[-] 2008-04-14 . F12B9D9A069331877D006CC81B4735F9 . 247296 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2509553$\mswsock.dll
.
[-] 2008-04-14 . 0098D35F91DEAB9C127360A877F2CF84 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[-] 2008-04-14 . 0098D35F91DEAB9C127360A877F2CF84 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netlogon.dll
.
[-] 2008-04-14 . C8C0BDABC966B6C24D337DF0A0A399E1 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[-] 2008-04-14 . C8C0BDABC966B6C24D337DF0A0A399E1 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\powrprof.dll
.
[-] 2008-04-14 . 5132443DF6FC3771A17AB4AE55DCBC28 . 187904 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[-] 2008-04-14 . 5132443DF6FC3771A17AB4AE55DCBC28 . 187904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\scecli.dll
.
[-] 2008-04-14 . 44161A59DC33AC2EA9C95438ADFFFB7F . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[-] 2008-04-14 . 44161A59DC33AC2EA9C95438ADFFFB7F . 5120 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\sfc.dll
.
[-] 2008-04-14 . 4FBC75B74479C7A6F829E0CA19DF3366 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[-] 2008-04-14 . 4FBC75B74479C7A6F829E0CA19DF3366 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\svchost.exe
.
[-] 2008-04-14 . 05903CAC4B98908D55EA5774775B382E . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[-] 2008-04-14 . 05903CAC4B98908D55EA5774775B382E . 249856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\tapisrv.dll
.
[-] 2008-04-14 . B0050CC5340E3A0760DD8B417FF7AEBD . 580096 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2008-04-14 . B0050CC5340E3A0760DD8B417FF7AEBD . 580096 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\user32.dll
.
[-] 2008-04-14 . 788F95312E26389D596C0FA55834E106 . 26624 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[-] 2008-04-14 . 788F95312E26389D596C0FA55834E106 . 26624 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\userinit.exe
.
[-] 2008-04-14 . 6A35E2D6F5F052C84EC2CEB296389439 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[-] 2008-04-14 . 6A35E2D6F5F052C84EC2CEB296389439 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2_32.dll
.
[-] 2008-04-14 . C7D8A0517CBF16B84F657DE87EBE9D4B . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll
[-] 2008-04-14 . C7D8A0517CBF16B84F657DE87EBE9D4B . 19968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2help.dll
.
[-] 2008-04-14 . 418045A93CD87A352098AB7DABE1B53E . 1036800 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 418045A93CD87A352098AB7DABE1B53E . 1036800 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\explorer.exe
.
[-] 2008-04-14 . AD9226BF3CED13636083BB9C76E9D2A2 . 153600 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[-] 2008-04-14 . AD9226BF3CED13636083BB9C76E9D2A2 . 153600 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regedit.exe
[-] 2008-04-14 . AD9226BF3CED13636083BB9C76E9D2A2 . 153600 . . [5.1.2600.5512] . . c:\windows\XPCD\CDROOT\I386\REGEDIT.EXE
.
[-] 2010-04-16 . 45954AFB7AE6E29B23C56B830C820A11 . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\usp10.dll
[-] 2010-04-16 . 45954AFB7AE6E29B23C56B830C820A11 . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\dllcache\usp10.dll
[-] 2010-04-16 . EB2AD9C7DADE6C63F5F933881BA2A430 . 406016 . . [1.0420.2600.5969] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll
[-] 2008-04-14 . 052F968390A85D37D5EE8BE3AB2A83A2 . 406016 . . [1.0420.2600.5512] . . c:\windows\$NtUninstallKB981322$\usp10.dll
.
[-] 2008-04-14 . 671ABB33C712B1585A5BF7ADD36AD96E . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ksuser.dll
[-] 2008-04-14 . 671ABB33C712B1585A5BF7ADD36AD96E . 4096 . . [5.3.2600.5512] . . c:\windows\system32\dllcache\ksuser.dll
.
[-] 2008-04-14 . 01B4E6E990B6C5EA8856D96C7FD044B2 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2008-04-14 . 01B4E6E990B6C5EA8856D96C7FD044B2 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ctfmon.exe
.
[-] 2009-07-27 . 2DB7D303C36DDD055215052F118E8E75 . 135680 . . [6.00.2900.5853] . . c:\windows\system32\shsvcs.dll
[-] 2009-07-27 . 2DB7D303C36DDD055215052F118E8E75 . 135680 . . [6.00.2900.5853] . . c:\windows\system32\dllcache\shsvcs.dll
[-] 2009-07-27 . 927666F4228E3FBBC3D1171581DC8BDC . 135680 . . [6.00.2900.5853] . . c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll
[-] 2008-04-14 . 40602EBFBE06AA075C8E4560743F6883 . 135168 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB971029$\shsvcs.dll
.
[-] 2008-04-14 . DC4E223F5813150073FB5CC63D13293B . 4608 . . [5.1.2600.5512] . . c:\windows\system32\msimg32.dll
[-] 2008-04-14 . DC4E223F5813150073FB5CC63D13293B . 4608 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\msimg32.dll
.
[-] 2008-04-14 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2008-04-14 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\srsvc.dll
.
[-] 2008-04-14 . EDAFBE25FB6480CE68F688BA691890DC . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[-] 2008-04-14 . EDAFBE25FB6480CE68F688BA691890DC . 13824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wscntfy.exe
.
[-] 2008-04-14 . 0ADA34871A2E1CD2CAAFED1237A47750 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[-] 2008-04-14 . 0ADA34871A2E1CD2CAAFED1237A47750 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\xmlprov.dll
.
[-] 2010-12-09 . 0314B25236E38383DACD4527C40156E8 . 743936 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntdll.dll
[-] 2010-12-09 . E3BDD71DA7EAB0A503129D4D127AF1CB . 743936 . . [5.1.2600.6055] . . c:\windows\system32\ntdll.dll
[-] 2010-12-09 . E3BDD71DA7EAB0A503129D4D127AF1CB . 743936 . . [5.1.2600.6055] . . c:\windows\system32\dllcache\ntdll.dll
[-] 2009-02-09 . 06DA2C9091606174BFC6F46037AAFFF8 . 740864 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntdll.dll
[-] 2009-02-09 . 1392B1FB3CD232D4439418DB91DB57A1 . 740352 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB2393802$\ntdll.dll
[-] 2008-04-14 . 95092EFBE367A108ECDD5D6E439754C3 . 731648 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntdll.dll
[-] 2008-04-14 . 95092EFBE367A108ECDD5D6E439754C3 . 731648 . . [5.1.2600.5512] . . c:\windows\XPCD\CDROOT\I386\NTDLL.DLL
[-] 2008-04-14 . 95092EFBE367A108ECDD5D6E439754C3 . 731648 . . [5.1.2600.5512] . . c:\windows\XPCD\CDROOT\I386\SYSTEM32\NTDLL.DLL
.
[-] 2008-04-14 . 275CAC40038A2643833B5F48FB474857 . 177152 . . [5.1.2600.5512] . . c:\windows\system32\MSCTFIME.IME
[-] 2008-04-14 . 275CAC40038A2643833B5F48FB474857 . 177152 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\msctfime.ime
.
[-] 2008-04-14 . 04955AA695448C181B367D964AF158AA . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
[-] 2008-04-14 . 04955AA695448C181B367D964AF158AA . 56320 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\eventlog.dll
.
[-] 2008-04-14 . 5251425B86EA4A3532B8BB8D14044E61 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[-] 2008-04-14 . 5251425B86EA4A3532B8BB8D14044E61 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\sfcfiles.dll
.
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ipsec.sys
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
.
[-] 2008-04-14 . E4CD1F3D84E1C2CA0B8CF7501E201593 . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[-] 2008-04-14 . E4CD1F3D84E1C2CA0B8CF7501E201593 . 59904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regsvc.dll
.
[-] 2008-04-14 . A050194A44D7FA8D7186ED2F4E8367AE . 193536 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[-] 2008-04-14 . A050194A44D7FA8D7186ED2F4E8367AE . 193536 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\schedsvc.dll
.
[-] 2008-04-14 . 4DF5B05DFAEC29E13E1ED6F6EE12C500 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[-] 2008-04-14 . 4DF5B05DFAEC29E13E1ED6F6EE12C500 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ssdpsrv.dll
.
[-] 2008-04-14 . B7DE02C863D8F5A005A7BF375375A6A4 . 297472 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[-] 2008-04-14 . B7DE02C863D8F5A005A7BF375375A6A4 . 297472 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\termsrv.dll
.
[-] 2008-04-14 . 0DAF0705D7B39C94E287913226688804 . 348672 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll
[-] 2008-04-14 . 0DAF0705D7B39C94E287913226688804 . 348672 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\hnetcfg.dll
.
[-] 2008-04-14 . D45960BE52C3C610D361977057F98C54 . 175616 . . [5.1.2600.5512] . . c:\windows\system32\appmgmts.dll
[-] 2008-04-14 . D45960BE52C3C610D361977057F98C54 . 175616 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\appmgmts.dll
.
[-] 2008-04-14 . 9E1CA3160DAFB159CA14F83B1E317F75 . 12160 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
.
[-] 2008-04-13 20:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\dllcache\aec.sys
[-] 2008-04-13 20:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
.
[-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ip6fw.sys
[-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
.
[-] 2010-09-18 07:18 . 4891FCDAE77486BFB56999AA217651FA . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll
[-] 2010-09-18 06:52 . 1614669828A32BCD06E1BE6F334BB888 . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll
[-] 2010-09-18 06:52 . 1614669828A32BCD06E1BE6F334BB888 . 953856 . . [4.1.6151] . . c:\windows\system32\dllcache\mfc40u.dll
[-] 2008-04-14 12:00 . ACC19BA6876AF18768EE87931CAD14E2 . 927504 . . [4.1.0.61] . . c:\windows\$NtUninstallKB2387149$\mfc40u.dll
.
[-] 2008-04-14 . B7550A7107281D170CE85524B1488C98 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[-] 2008-04-14 . B7550A7107281D170CE85524B1488C98 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\msgsvc.dll
.
[-] 2008-04-14 12:00 . 56AF4064996FA5BAC9C449B1514B4770 . 438272 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[-] 2008-04-14 12:00 . 56AF4064996FA5BAC9C449B1514B4770 . 438272 . . [5.1.2400.5512] . . c:\windows\system32\dllcache\ntmssvc.dll
.
[-] 2008-04-14 . 1DFD8975D8C89214B98D9387C1125B49 . 186880 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[-] 2008-04-14 . 1DFD8975D8C89214B98D9387C1125B49 . 186880 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\upnphost.dll
.
[-] 2008-04-14 . 9236E736EDB57BE7D1EF6274410E3BAC . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
[-] 2008-04-14 . 9236E736EDB57BE7D1EF6274410E3BAC . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dllcache\dsound.dll
.
[-] 2008-04-14 . 36969CF86E51EC8ED202B40F2FA80AA6 . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll
[-] 2008-04-14 . 36969CF86E51EC8ED202B40F2FA80AA6 . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\dllcache\d3d9.dll
.
[-] 2008-04-14 . 4A37188B83B00DD9CFBA049687AD0DAF . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll
[-] 2008-04-14 . 4A37188B83B00DD9CFBA049687AD0DAF . 279552 . . [5.03.2600.5512] . . c:\windows\system32\dllcache\ddraw.dll
.
[-] 2008-04-14 12:00 . 5D7F5A46975D2E59A6FECB6C231D200F . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll
[-] 2008-04-14 12:00 . 5D7F5A46975D2E59A6FECB6C231D200F . 84992 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\olepro32.dll
.
[-] 2008-04-14 . C47FD93010649AC0D79022D9B69ADBE4 . 41984 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll
[-] 2008-04-14 . C47FD93010649AC0D79022D9B69ADBE4 . 41984 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\perfctrs.dll
.
[-] 2008-04-14 . F86000634319F71535BCE6B06995EE99 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll
[-] 2008-04-14 . F86000634319F71535BCE6B06995EE99 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\version.dll
.
[-] 2008-04-14 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2008-04-14 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\srsvc.dll
.
[-] 2008-04-14 . 7B353059E665F8B7AD2BBEAEF597CF45 . 177152 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll
[-] 2008-04-14 . 7B353059E665F8B7AD2BBEAEF597CF45 . 177152 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\w32time.dll
.
[-] 2008-04-14 . BC2C5985611C5356B24AEB370953DED9 . 334336 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll
[-] 2008-04-14 . BC2C5985611C5356B24AEB370953DED9 . 334336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wiaservc.dll
.
[-] 2008-04-14 . 2CF969B9BF1EF069075DCDCE309FAAE1 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\midimap.dll
[-] 2008-04-14 . 2CF969B9BF1EF069075DCDCE309FAAE1 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\midimap.dll
.
[-] 2008-04-14 . 469FED8597896DB77B49384BE90E2E0A . 7680 . . [5.1.2600.5512] . . c:\windows\system32\rasadhlp.dll
[-] 2008-04-14 . 469FED8597896DB77B49384BE90E2E0A . 7680 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\rasadhlp.dll
.
[-] 2008-04-14 . 02AF8A799D173C2D0C71F399C03AC9E1 . 19456 . . [5.1.2600.5512] . . c:\windows\system32\wshtcpip.dll
[-] 2008-04-14 . 02AF8A799D173C2D0C71F399C03AC9E1 . 19456 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wshtcpip.dll
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	130736	----a-w-	c:\dokumente und einstellungen\Josef Raser\Anwendungsdaten\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	130736	----a-w-	c:\dokumente und einstellungen\Josef Raser\Anwendungsdaten\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	130736	----a-w-	c:\dokumente und einstellungen\Josef Raser\Anwendungsdaten\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	130736	----a-w-	c:\dokumente und einstellungen\Josef Raser\Anwendungsdaten\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PMCLoader"="c:\programme\Pinnacle\TVCenter Pro\PMCLoader.exe" [2007-07-26 105544]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\programme\VIA\VIAudioi\HDADeck\HDeck.exe" [2010-12-17 40995440]
"StartCCC"="c:\programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-29 98304]
"ApnUpdater"="c:\programme\Ask.com\Updater\Updater.exe" [2011-09-08 888488]
"Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"AttuneClientEngine"="c:\progra~1\Aveo\Attune\bin\attune_ce.exe" [2000-07-24 356728]
"Logitech Utility"="Logi_MwX.Exe" [2003-12-17 19968]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2011-06-09 254696]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2013-05-07 345312]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\dokumente und einstellungen\Josef Raser\Startmenü\Programme\Autostart\
Dropbox.lnk - c:\dokumente und einstellungen\Josef Raser\Anwendungsdaten\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
.
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\
Microsoft Office.lnk - c:\programme\Microsoft Office\Office\OSA9.EXE -b -l [1999-4-30 65588]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\Corel\\Graphics10\\Register\\NAVBrowser.exe"=
"c:\\Dokumente und Einstellungen\\Josef Raser\\Anwendungsdaten\\Dropbox\\bin\\Dropbox.exe"=
.
R0 trm3x5;trm3x5;c:\windows\system32\drivers\trm3x5.sys [06.08.2011 16:14 22016]
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [18.11.2012 18:36 37352]
R2 AntiVirSchedulerService;Avira Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [18.11.2012 18:36 86752]
R2 AntiVirWebService;Avira Browser-Schutz;c:\programme\Avira\AntiVir Desktop\avwebgrd.exe [18.11.2012 18:36 562744]
R3 L1c;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [04.07.2011 11:40 45056]
R3 Ltn_stk7070P;PCTV based TV tuner device;c:\windows\system32\drivers\Ltn_stk7070P.sys [06.08.2011 12:27 466048]
R3 Ltn_stkrc;PCTV Infrared Receiver;c:\windows\system32\drivers\Ltn_stkrc.sys [06.08.2011 12:27 13440]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [04.07.2011 11:35 2135280]
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 32672773
*Deregistered* - 32672773
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-22 19:18]
.
2013-06-17 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\programme\Ask.com\UpdateTask.exe [2012-01-04 19:20]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.Csl-Computer.com
IE: Free YouTube Download - c:\dokumente und einstellungen\Josef Raser\Anwendungsdaten\DVDVideoSoftIEHelpers\freeytvdownloader.htm
LSP: c:\programme\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\dokumente und einstellungen\Josef Raser\Anwendungsdaten\Mozilla\Firefox\Profiles\maxs4f48.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/search?q=maps&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:de:official&client=firefox-a&source=hp&channel=np
FF - ExtSQL: !HIDDEN! 2011-08-09 17:01; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-PMCRemote - (no file)
HKLM-Run-Corel Reminder - (no file)
AddRemove-Canon ScanGear Toolbox CS - c:\windows\IsUn0407.exe
AddRemove-{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA} - c:\programme\InstallShield Installation Information\{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}\Setup.exeUNINSTALL
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2013-06-17 14:09
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
  HDAudDeck = c:\programme\VIA\VIAudioi\HDADeck\HDeck.exe 1???????????????????????????????????????????? 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'winlogon.exe'(676)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'lsass.exe'(732)
c:\programme\Avira\AntiVir Desktop\avsda.dll
.
Zeit der Fertigstellung: 2013-06-17  14:10:43
ComboFix-quarantined-files.txt  2013-06-17 12:10
.
Vor Suchlauf: 8 Verzeichnis(se), 660.170.579.968 Bytes frei
Nach Suchlauf: 9 Verzeichnis(se), 661.128.527.872 Bytes frei
.
- - End Of File - - A232A1EAB7F2A2DE59E358078BC1BBAE
A36C5E4F47E84449FF07ED3517B43A31
         

Alt 17.06.2013, 14:18   #8
markusg
/// Malware-holic
 
Trojaner eingefangen? TR/Spy.zbot.alw - Standard

Trojaner eingefangen? TR/Spy.zbot.alw



Hi,
malwarebytes:
Downloade Dir bitte Malwarebytes
  • Installiere
    das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche
    nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet
    ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste
    das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 17.06.2013, 15:26   #9
Jarrod71
 
Trojaner eingefangen? TR/Spy.zbot.alw - Standard

Trojaner eingefangen? TR/Spy.zbot.alw



Code:
ATTFilter
Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.06.17.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
**** :: ***** [Administrator]

17.06.2013 14:58:18
mbam-log-2013-06-17 (14-58-18).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|F:\|H:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 281730
Laufzeit: 17 Minute(n), 54 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         

Alt 17.06.2013, 15:36   #10
markusg
/// Malware-holic
 
Trojaner eingefangen? TR/Spy.zbot.alw - Standard

Trojaner eingefangen? TR/Spy.zbot.alw



passt

lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 17.06.2013, 16:05   #11
Jarrod71
 
Trojaner eingefangen? TR/Spy.zbot.alw - Standard

Trojaner eingefangen? TR/Spy.zbot.alw



Code:
ATTFilter
7-Zip 9.20		06.08.2011	notwendig	
Adobe Flash Player 11 Plugin	Adobe Systems Incorporated	11.06.2013		11.7.700.224notwendig
Adobe Reader 8.1.0 - Deutsch	Adobe Systems Incorporated	06.08.2011	101,00MB	8.1.0 notwendig
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver	Atheros Communications Inc.	04.07.2011		1.0.0.26 notwendig
ATI - Dienstprogramm zur Deinstallation der Software		05.08.2011		6.14.10.1022notwendig
ATI Catalyst Control Center				2.009.0730.0057notwendig
ATI Display Driver		12.06.2013		8.641-090730a1-087108Cnotwendig
Attune 2.3.2	Aveo Inc	06.08.2011	12,24MB	2.3.2.0628notwendig
AudioLava 1.0	Acon Digital Media GmbH	12.06.2013		1.0notwendig
Avira Free Antivirus	Avira	12.06.2013		13.0.0.3640notwendig
Avira SearchFree Toolbar plus Web Protection	Ask.com	11.01.2012	3,55MB	1.14.1.0notwendig
Brother HL-2040	Brother	07.08.2011		1.00notwendig
Caere Scan Manager 5.1	Caere Corporation	06.08.2011	3,51MB	5.1notwendig
Canon Camera Access Library		06.08.2011		8.2.0.1notwendig
Canon Camera Support Core Library		06.08.2011		7.3.1.6notwendig
Canon Camera Window DC_DV 5 for ZoomBrowser EX		06.08.2011		5.4.5.17notwendig
Canon Camera Window DC_DV 6 for ZoomBrowser EX		06.08.2011		6.3.0.11notwendig
Canon Camera Window MC 6 for ZoomBrowser EX		06.08.2011		6.2.0.11notwendig
Canon G.726 WMP-Decoder		06.08.2011		1.0.1.3notwendig
CANON iMAGE GATEWAY Task for ZoomBrowser EX		06.08.2011		1.2.0.5notwendig
Canon Internet Library for ZoomBrowser EX		06.08.2011		1.4.2.6notwendig
Canon MovieEdit Task for ZoomBrowser EX		06.08.2011		2.3.0.19notwendig
Canon RAW Image Task for ZoomBrowser EX		06.08.2011		2.4.0.7notwendig
Canon RemoteCapture Task for ZoomBrowser EX		06.08.2011		1.6.0.9notwendig
Canon Utilities EOS Utility		06.08.2011		1.0.4.18notwendig
Canon Utilities ZoomBrowser EX		06.08.2011		5.7.0.74notwendig
CCleaner	Piriform	24.05.2013		4.02notwendig
CDBurnerXP	CDBurnerXP	12.06.2013		4.5.1.4003notwendig
CorelDRAW 10		06.08.2011notwendig		
DivX Codec	DivX, Inc.	06.08.2011		6.2.5notwendig
Dropbox	Dropbox, Inc.	05.06.2013		2.0.22notwendig
ESET Online Scanner v3		14.06.2013notwendig		
Free YouTube Download version 3.1.27.508	DVDVideoSoft Ltd.	13.05.2012notwendig		3.1.27.508
J2SE Runtime Environment 5.0 Update 9	Sun Microsystems, Inc.	12.08.2011	119,00MB	1.5.0.90notwendig
Java 2 Runtime Environment, SE v1.4.1_05		12.08.2011notwendig		
Java Web Start		12.08.2011notwendig		
Java(TM) 6 Update 30	Oracle	19.12.2011	91,34MB	6.0.300notwendig
Logitech MouseWare 9.79.1notwendig				
Malwarebytes Anti-Malware Version 1.75.0.1300	Malwarebytes Corporation	17.06.2013		1.75.0.1300notwendig
Microsoft .NET Framework 2.0 Service Pack 2	Microsoft Corporation	16.05.2013	2.427,00MB	2.2.30729notwendig
Microsoft .NET Framework 3.0 Service Pack 2	Microsoft Corporation	11.01.2013	412,00MB	3.2.30729notwendig
Microsoft .NET Framework 3.5 SP1	Microsoft Corporation	11.01.2013notwendig		
Microsoft Compression Client Pack 1.0 for Windows XP	Microsoft Corporation	12.03.2012notwendig		1
Microsoft Office 2000 Premium	Microsoft Corporation	06.08.2011	282,00MB	9.00.2816unnötig
Microsoft PowerPoint Viewer	Microsoft Corporation	12.02.2012	178,00MB	14.0.4763.1000notwendig
Microsoft User-Mode Driver Framework Feature Pack 1.0	Microsoft Corporation	12.03.2012notwendig		
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	06.08.2011	5,21MB	8.0.56336notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411	Microsoft Corporation	09.05.2012	11,10MB	9.0.30411notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148	Microsoft Corporation	06.08.2011	10,19MB	9.0.30729.4148notwendig
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219	Microsoft Corporation	18.11.2012	11,13MB	10.0.40219notwendig
MozBackup 1.5.1	Pavel Cvrcek	06.08.2011notwendig		
Mozilla Firefox 20.0.1 (x86 de)	Mozilla	27.05.2013notwendig		20.0.1
Mozilla Maintenance Service	Mozilla	27.05.2013		17.0.6notwendig
Mozilla Thunderbird 17.0.6 (x86 de)	Mozilla	24.05.2013		17.0.6notwendig
MSXML 4.0 SP2 (KB954430)	Microsoft Corporation	07.08.2011	1,42MB	4.20.9870.0notwendig
MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	07.08.2011	2,77MB	4.20.9876.0notwendig
MSXML 4.0 SP2 Parser and SDK	Microsoft Corporation	06.08.2011	1,23MB	4.20.9818.0notwendig
OmniPage Pro 9.0		06.08.2011notwendig		
OpenOffice.org 3.4	OpenOffice.org	09.05.2012	267,00MB	3.4.9590notwendig
PDFCreator	Frank Heindörfer, Philip Chinery	26.10.2012		1.5.1notwendig
QuarkXPress Passport 5.0	Quark Inc.	06.08.2011	88,42MB	5.00.0000notwendig
ThumbsPlus Version 3.21-R		06.08.2011notwendig		
Typograf4.8f	Neuber GbR	06.08.2011		4.8fnotwendig
VIA Plattform-Geräte-Manager	VIA Technologies, Inc.	04.07.2011notwendig		1.34
VLC media player 1.1.11	VideoLAN	28.08.2011notwendig		1.1.11
Windows Internet Explorer 7	Microsoft Corporation	16.08.2011notwendig		20070813.185237
Windows Media Format 11 runtime		12.03.2012notwendig		
Windows Media Player 11		12.03.2012notwendig
         
Bei den ganzen Canon Sachen weiss ich nich genau...

Alt 17.06.2013, 19:07   #12
markusg
/// Malware-holic
 
Trojaner eingefangen? TR/Spy.zbot.alw - Standard

Trojaner eingefangen? TR/Spy.zbot.alw



Hi
wenn deine beschreibungen wie notwendig am programm direkt drann stehen kann ichs schlecht lesen, bitte leerzeichen rein und noch mal posten
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 17.06.2013, 19:27   #13
Jarrod71
 
Trojaner eingefangen? TR/Spy.zbot.alw - Standard

Trojaner eingefangen? TR/Spy.zbot.alw



Code:
ATTFilter
7-Zip 9.20							notwendig	
Adobe Flash Player 11 Plugin					notwendig
Adobe Reader 8.1.0  						notwendig
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver	 notwendig
ATI - Dienstprogramm zur Deinstallation der Software			notwendig
ATI Catalyst Control Center					notwendig
ATI Display Driver						notwendig
Attune 2.3.2	Aveo Inc					notwendig
AudioLava 1.0						notwendig
Avira Free Antivirus	Avira					notwendig
Avira SearchFree Toolbar plus Web Protection			notwendig
Brother HL-2040						notwendig
Caere Scan Manager 5.1					notwendig
Canon Camera Access Library					notwendig
Canon Camera Support Core Library				notwendig
Canon Camera Window DC_DV 5 for ZoomBrowser EX		notwendig
Canon Camera Window DC_DV 6 for ZoomBrowser EX		notwendig
Canon Camera Window MC 6 for ZoomBrowser EX			notwendig
Canon G.726 WMP-Decoder					notwendig
CANON iMAGE GATEWAY Task for ZoomBrowser EX		notwendig
Canon Internet Library for ZoomBrowser EX			notwendig
Canon MovieEdit Task for ZoomBrowser EX			notwendig
Canon RAW Image Task for ZoomBrowser EX			notwendig
Canon RemoteCapture Task for ZoomBrowser EX			notwendig
Canon Utilities EOS Utility					notwendig
Canon Utilities ZoomBrowser EX				notwendig
CCleaner	Piriform						notwendig
CDBurnerXP						notwendig
CorelDRAW 10						notwendig
DivX Codec 6.2.5						notwendig
Dropbox	Dropbox, Inc.					notwendig
ESET Online Scanner v3					notwendig
Free YouTube Download version 3.1.27.508				notwendig	
J2SE Runtime Environment 5.0 Update 9				notwendig
Java 2 Runtime Environment, SE v1.4.1_0				notwendig
Java Web Start						notwendig		
Java(TM) 6 Update 30					notwendig
Logitech MouseWare 9.79.1					notwendig
Malwarebytes Anti-Malware Version 1.75.0.1300			notwendig
Microsoft .NET Framework 2.0 Service Pack 2			notwendig
Microsoft .NET Framework 3.0 Service Pack 2			notwendig
Microsoft .NET Framework 3.5 SP1				notwendig
Microsoft Corporation					notwendig
Microsoft Office 2000 Premium					notwendig
Microsoft PowerPoint Viewer					notwendig
Microsoft User-Mode Driver Framework Feature Pack 1.0		notwendig
Microsoft Visual C++ 2005 Redistributable				notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411		notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.41488	notwendig
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.402199		notwendig
MozBackup 1.5.1						notwendig
Mozilla Firefox 20.0.1 (x86 de)					notwendig
Mozilla Maintenance Service					notwendig
Mozilla Thunderbird 17.0.6 (x86 de)				notwendig
MSXML 4.0 SP2 (KB954430)					notwendig
MSXML 4.0 SP2 (KB973688)					notwendig
MSXML 4.0 SP2 Parser and SDK				notwendig
OmniPage Pro 9.0						notwendig
OpenOffice.org 3.4						notwendig
PDFCreator						notwendig
QuarkXPress Passport 5.0					notwendig
ThumbsPlus Version 3.21-R					notwendig
Typograf4.8f	Neuber GbR				notwendig
VIA Plattform-Geräte-Manager					notwendig
VLC media player 1.1.11	VideoLAN	28.08.2011		notwendig
Windows Internet Explorer 7	Microsoft Corporation		notwendig
Windows Media Format 11 runtime				notwendig
Windows Media Player 11					notwendig
         
Sry, hoffentlich is so besser. Cheers.

Hi Markus,
ist der Rechner von meinem Vater jetzt wieder ok?
Danke, Christian

Alt 18.06.2013, 18:03   #14
markusg
/// Malware-holic
 
Trojaner eingefangen? TR/Spy.zbot.alw - Standard

Trojaner eingefangen? TR/Spy.zbot.alw



deinstaliere:
Adobe Flash Player alle
Adobe - Adobe Flash Player installieren
neueste version laden, instalieren.
adobe reader:
Adobe - Adobe Reader herunterladen - Alle Versionen
haken bei mcafee security scan raus nehmen
bitte auch mal den adobe reader wie folgt konfigurieren:
adobe reader öffnen, bearbeiten, voreinstellungen.
allgemein:
nur zertifizierte zusatz module verwenden, anhaken.
Sicherheit (erweitert)
Erweiterte Sicherheit anhaken
und alle Dateien auswählen.
internet:
hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc.
es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht.
bei javascript den haken bei java script verwenden raus nehmen
bei updater, automatisch instalieren wählen.
übernehmen /ok

deinstaliere:
Avira SearchFree : weg damit, ist die ask toolbar
ESET bei bedarf instalieen
J2SE
Java : alle
downloade Java jre:
Java-Downloads für alle Betriebssysteme
klicke:
Download der Java-Software für Windows Offline
laden, und instalieren
deinstaliere:

Öffne CCleaner, analysieren, starten, PC neustarten
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 19.06.2013, 10:09   #15
Jarrod71
 
Trojaner eingefangen? TR/Spy.zbot.alw - Standard

Trojaner eingefangen? TR/Spy.zbot.alw



Code:
ATTFilter
# AdwCleaner v2.303 - Datei am 19/06/2013 um 09:54:48 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : ****
# Bootmodus : Normal
# Ausgeführt unter : C:\Dokumente und Einstellungen\Josef ***\Eigene Dateien\Downloads\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
Ordner Gelöscht : C:\Dokumente und Einstellungen\**\Anwendungsdaten\AskToolbar
Ordner Gelöscht : C:\Dokumente und Einstellungen\**\Anwendungsdaten\Mozilla\Firefox\Profiles\maxs4f48.default\extensions\toolbar@ask.com
Ordner Gelöscht : C:\Dokumente und Einstellungen\***\Anwendungsdaten\pdfforge
Ordner Gelöscht : C:\Dokumente und Einstellungen\****\Lokale Einstellungen\Anwendungsdaten\AskToolbar
Ordner Gelöscht : C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\AskToolbar
Ordner Gelöscht : C:\Programme\Ask.com
Ordner Gelöscht : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\APN
Schlüssel Gelöscht : HKCU\Software\Ask.com
Schlüssel Gelöscht : HKCU\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\Software\APN
Schlüssel Gelöscht : HKLM\Software\AskToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F994E0D9-8335-48F1-99C2-A712C21F8D5F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BDF3E992C0908741B7C11F4B4E0F775
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B3BC4CF5ECE1F54BBA174C13A1AB907
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D0E499F53381f84992C7A212CF1D8F5
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEABAA33A5E68374DBF197F2A00CD011
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB61AF52AD64B6B45930BE969F316720
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]

***** [Internet Browser] *****

-\\ Internet Explorer v7.0.6000.21337

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v20.0.1 (de)

Datei : C:\Dokumente und Einstellungen\Josef **\Anwendungsdaten\Mozilla\Firefox\Profiles\maxs4f48.default\prefs.js

Gelöscht : user_pref("extensions.asktb.AviraIDW-TS", "1319825183999");
Gelöscht : user_pref("extensions.asktb.AviraIDW-XML", "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\r\n<button xm[...]
Gelöscht : user_pref("extensions.asktb.InstallDir", "C:\\Programme\\Ask.com\\");
Gelöscht : user_pref("extensions.asktb.autofill-text-highlight-enabled", true);
Gelöscht : user_pref("extensions.asktb.cbid", "JM");
Gelöscht : user_pref("extensions.asktb.config-updated", false);
Gelöscht : user_pref("extensions.asktb.crumb", "2011.07.16+09.44.53-toolbar009iad-DE-SGFubm92ZXIsR2VybWFueQ%3D%[...]
Gelöscht : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://de.ask.com/web?q={query}&qsrc={qsrc}&[...]
Gelöscht : user_pref("extensions.asktb.dtid", "YYYYYYYYDE");
Gelöscht : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false);
Gelöscht : user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "GMXX0051");
Gelöscht : user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "C");
Gelöscht : user_pref("extensions.asktb.first-launch-url", "hxxp://www.adobe.com/go/flashplayer_releasenotes_de"[...]
Gelöscht : user_pref("extensions.asktb.fresh-install", false);
Gelöscht : user_pref("extensions.asktb.guid", "4eb1e316-ef99-4f99-8e2e-b89ffa7f4269");
Gelöscht : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Gelöscht : user_pref("extensions.asktb.if", "first");
Gelöscht : user_pref("extensions.asktb.keyword-toggled-in-session", false);
Gelöscht : user_pref("extensions.asktb.l", "dis");
Gelöscht : user_pref("extensions.asktb.last-config-req", "1371625441729");
Gelöscht : user_pref("extensions.asktb.last-search-timestamp", "1365172138537");
Gelöscht : user_pref("extensions.asktb.locale", "de_DE");
Gelöscht : user_pref("extensions.asktb.location", "Hannover,Germany");
Gelöscht : user_pref("extensions.asktb.new-tab-opt-out", true);
Gelöscht : user_pref("extensions.asktb.notification-shown", true);
Gelöscht : user_pref("extensions.asktb.o", "100000080");
Gelöscht : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Gelöscht : user_pref("extensions.asktb.qsrc", "2871");
Gelöscht : user_pref("extensions.asktb.r", "20");
Gelöscht : user_pref("extensions.asktb.sa", "NO");
Gelöscht : user_pref("extensions.asktb.search-history-queries", "maps||HAZ||NB-1L||Votum||Benutzerhandbuch||Sän[...]
Gelöscht : user_pref("extensions.asktb.search-suggestions-enabled", true);
Gelöscht : user_pref("extensions.asktb.silent-upgrade", true);
Gelöscht : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Gelöscht : user_pref("extensions.asktb.socialmini-native-on", true);
Gelöscht : user_pref("extensions.asktb.themeid", "");
Gelöscht : user_pref("extensions.asktb.timeinstalled", "17.06.2013 20:36:15");
Gelöscht : user_pref("extensions.asktb.to", "");
Gelöscht : user_pref("extensions.asktb.v", "3.15.18.100015");
Gelöscht : user_pref("extensions.asktb.version", "5.15.18.37268");
Gelöscht : user_pref("extensions.enabledAddons", "toolbar%40ask.com:3.15.18.100015,%7B972ce4c6-7e08-4474-a285-3[...]

*************************

AdwCleaner[S1].txt - [11228 octets] - [19/06/2013 09:54:48]

########## EOF - C:\AdwCleaner[S1].txt - [11289 octets] ##########
         
Vielen Dank mal zwischendurch, hoffe es kommt alles wieder ins Lot mit dem Rechner.

Antwort

Themen zu Trojaner eingefangen? TR/Spy.zbot.alw
anwaltschaft, bezahl, datei, doppel, doppelt, eingefangen, eset online scanner, gefangen, geklickt, gen, melde, online, rechnung, scanner, schaf, tr/spy.zbot.alw, troja, trojaner, trojaner eingefangen, win32/bundled.toolbar.ask, win32/packed.autoit.e.gen, win32/trustezeb.c, zip datei



Ähnliche Themen: Trojaner eingefangen? TR/Spy.zbot.alw


  1. Zbot.A.1193 eingefangen, lässt sich nicht löschen
    Plagegeister aller Art und deren Bekämpfung - 01.10.2014 (10)
  2. Trojan-Ransom.Win32.Blocker.cbsn & Trojan-Spy.Win.32.Zbot.nsur eingefangen -.-
    Plagegeister aller Art und deren Bekämpfung - 12.04.2014 (23)
  3. Trojaner ZBot
    Log-Analyse und Auswertung - 20.03.2014 (10)
  4. Windows 7: TR/PSW.Zbot.73728.71; JAVA/Lamar.jyi.31; ADWARE/DomaIQ.24569 eingefangen. wie entfernen? log-dateien angehängt.
    Log-Analyse und Auswertung - 12.08.2013 (10)
  5. Trojan.zbot.FV und Spyware.zbot.-ED auf Netbook Asus Eee PC /Win7
    Plagegeister aller Art und deren Bekämpfung - 21.07.2013 (23)
  6. Sparkassen Onlin Banking Virus (Zbot.HEEP, Agent.MIXC, Zbot, Agent.ED)
    Plagegeister aller Art und deren Bekämpfung - 18.05.2013 (21)
  7. GVU Trojaner und Win32/Spy.Zbot.AAO
    Plagegeister aller Art und deren Bekämpfung - 02.05.2013 (1)
  8. Zeus/ZBot Trojaner eingefangen! Welcher Computer ist betroffen?
    Log-Analyse und Auswertung - 18.04.2013 (8)
  9. Trojaner TR/PSW.Zbot.AJ.368
    Plagegeister aller Art und deren Bekämpfung - 21.11.2012 (12)
  10. Trojaner ZeuS/ZBot
    Log-Analyse und Auswertung - 11.10.2012 (1)
  11. Verschlüsselungstrojaner eingefangen: (Spyware.Zbot)(Trojan.FakeAlert)
    Plagegeister aller Art und deren Bekämpfung - 20.08.2012 (17)
  12. Bundestrojaner eingefangen, Trojan.Zbot.CBCGen
    Plagegeister aller Art und deren Bekämpfung - 21.12.2011 (12)
  13. 2 Trojaner TR/PSW.zbot.137 + TR/Dipla.hcv u.a. - Was tun?
    Plagegeister aller Art und deren Bekämpfung - 22.02.2011 (10)
  14. TR/Dropper.Gen bzw. Win32.ZBot im cinefacts Forum eingefangen
    Mülltonne - 14.02.2010 (4)
  15. 3 tw. unbekannte Trojaner TR/Spy.ZBot.hkp.2, TR/Dropper.Gen und TR/Spy.ZBot.hss
    Plagegeister aller Art und deren Bekämpfung - 25.01.2009 (0)
  16. Trojaner TR/Spy.ZBot.R
    Log-Analyse und Auswertung - 01.11.2007 (4)
  17. Probleme mit Trojaner Spy.ZBot.R
    Plagegeister aller Art und deren Bekämpfung - 05.10.2007 (1)

Zum Thema Trojaner eingefangen? TR/Spy.zbot.alw - Hallo, in einer Mahnungs-Mail von einer Anwaltschaft über eine nichtbezahlte Bonprix Rechnung war eine ZIP Datei, auf die leider doppelt geklickt wurde. Der Eset Online Scanner meldet den obigen Trojaner. - Trojaner eingefangen? TR/Spy.zbot.alw...
Archiv
Du betrachtest: Trojaner eingefangen? TR/Spy.zbot.alw auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.